Titlebook: Engineering Secure Software and Systems; 6th International Sy Jan Jürjens,Frank Piessens,Nataliia Bielova Conference proceedings 2014 Sprin

托人看管

User-Centric Security Assessment of Software Configurations: A Case Studythe system’s security goals and, . a method to rank available configurations with respect to security. This paper demonstrates the feasibility and usefulness of our approach in a real-world case study based on the Amazon EC2 service. Over 2000 publicly available Amazon Machine Images are analyzed an

并入

Detecting Code Reuse Attacks with a Model of Conformant Program Execution Existing techniques to defend against these attacks provide ad hoc solutions or lack in features necessary to provide comprehensive and adoptable solutions. We present a systematic approach based on first principles for the efficient, robust detection of these attacks; our work enforces expected pr

acheon

: A Flexible MDE Approach to Enforce Fine-grained Security Policiesicular, we introduce an expressive Domain Specific modeling Language (.), called ., for the specification of . of targeted systems. The .. supports the expression of ., . and . policies, covering many of the security requirements of modern applications. Security requirements specified in security co

thrombus

Myocyte

Automated Formal Verification of Application-specific Security Propertiesy properties, like confidentiality and authenticity..At ESSOS 2010, Moebius et. al. presented an approach for developing Java applications with formally verified application-specific security properties. That method, however, is based on an interactive theorem prover, which is not automatic and requ

正式通知

Fault-Tolerant Non-interferencelues to be corrupted. The classic problem of fault tolerance is to modify a system so that it works despite a limited number of faults. We introduce a novel variant of this problem. Instead of demanding that the system works despite faults, we simply require that it remains secure: wrong answers may

Carcinogen

Distribution

我要威胁

Latency