—This paper introduces YARRA, a conservative extension to C to protect applications from non-control data attacks. YARRA programmers specify their data integrity requirements by ...
—In this paper, we investigate the computational complexity of quantitative information flow (QIF) problems. Information-theoretic quantitative relaxations of noninterference (b...
—This paper explores the idea of knowledge-based security policies, which are used to decide whether to answer queries over secret data based on an estimation of the querier’s ...
Piotr Mardziel, Stephen Magill, Michael Hicks, Mud...
—We present a Horn-clause-based framework for analysing security protocols that use platform configuration registers (PCRs), which are registers for maintaining state inside the...
—Randomization is used in computer security as a tool to introduce unpredictability into the software infrastructure. In this paper, we study the use of randomization to achieve ...