Many software properties can be analysed through a relational size analysis on each function's inputs and outputs. Such relational analysis (through a form of dependent typin...
The security of systems such as operating systems, hypervisors, and web browsers depend critically on reference monitors to correctly enforce their desired security policy in the ...
Jason Franklin, Sagar Chaki, Anupam Datta, Arvind ...
Certified code is a general mechanism for enforcing security properties. In this paradigm, untrusted mobile code carries annotations that allow a host to verify its trustworthine...
We propose a domain-specific aspect language to prevent denial of service caused by resource management. Our aspects specify availability policies by enforcing time limits in the ...
An access control system is often viewed as a state transition system. Given a set of access control policies, a general safety requirement in such a system is to determine whethe...