Certified code is a general mechanism for enforcing security properties. In this paradigm, untrusted mobile code carries annotations that allow a host to verify its trustworthine...
A long-standing problem in information security is how to specify and enforce expressive security policies that control information flow while also permitting information release...
Multilevel security policies aim at only confidentiality assurance, with less consideration on integrity assurance and weakness in expressing channel control policies. Besides, the...
In traditional information-flow type systems, the security policy is often formalized as noninterference properties. However, noninterference alone is too strong to express securi...
With the ubiquitous deployment of large scale networks more and more complex human interactions are supported by computer applications. This poses new challenges on the expressive...