Zobrazeno 1 - 10
of 35
pro vyhledávání: '"Abhishek Bichhawat"'
Autor:
Quoc Huy Do, Guido Schmitz, Abhishek Bichhawat, Karthikeyan Bhargavan, Pedram Hosseyni, Tim Würtele, Ralf Küsters
Publikováno v:
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Nov 2021, Virtual Event, South Korea. pp.2601-2617, ⟨10.1145/3460120.3484588⟩
CCS
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Nov 2021, Virtual Event, South Korea. pp.2601-2617, ⟨10.1145/3460120.3484588⟩
CCS
The ACME certificate issuance and management protocol, standardized as IETF RFC 8555, is an essential element of the web public key infrastructure (PKI). It has been used by Let's Encrypt and other certification authorities to issue over a billion ce
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::7106bdbd0cba63800f37ccbc276ba101
https://inria.hal.science/hal-03540403
https://inria.hal.science/hal-03540403
Autor:
Quoc Huy Do, Abhishek Bichhawat, Karthikeyan Bhargavan, Guido Schmitz, Ralf Küsters, Pedram Hosseyni, Tim Würtele
Publikováno v:
2021 IEEE European Symposium on Security and Privacy (EuroS&P).
We present $\text{DY}^{\star}$ , a new formal verification framework for the symbolic security analysis of cryptographic protocol code written in the $\mathrm{F}^{\star}$ programming language. Unlike automated symbolic provers, our framework accounts
Publikováno v:
CSF
Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the legacy infras
Publikováno v:
CSF
The risk posed by high-profile data breaches has raised the stakes for adhering to data access policies for many organizations, but the complexity of both the policies themselves and the applications that must obey them raises significant challenges.
Autor:
Ralf Küsters, Quoc Huy Do, Tim Würtele, Guido Schmitz, Pedram Hosseyni, Karthikeyan Bhargavan, Abhishek Bichhawat
Publikováno v:
Protocols, Strands, and Logic ISBN: 9783030916305
Protocols, Strands, and Logic
Daniel Dougherty; José Meseguer; Sebastian Alexander Mödersheim; Paul Rowe. Protocols, Strands, and Logic, 13066, Springer International Publishing, pp.77-97, 2021, Lecture Notes in Computer Science, ⟨10.1007/978-3-030-91631-2_4⟩
Protocols, Strands, and Logic
Daniel Dougherty; José Meseguer; Sebastian Alexander Mödersheim; Paul Rowe. Protocols, Strands, and Logic, 13066, Springer International Publishing, pp.77-97, 2021, Lecture Notes in Computer Science, ⟨10.1007/978-3-030-91631-2_4⟩
\(\textsf {DY}^\star \) is a recently proposed formal verification framework for the symbolic security analysis of cryptographic protocol code written in the \(\textsf {F}^\star \) programming language. Unlike automated symbolic provers, \(\textsf {D
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::c9a3ee19294d8e02a7f29ad4f772cb0e
https://doi.org/10.1007/978-3-030-91631-2_4
https://doi.org/10.1007/978-3-030-91631-2_4
Publikováno v:
AsiaCCS
Database-backed applications rely on inlined policy checks to process users' private and confidential data in a policy-compliant manner as traditional database access control mechanisms cannot enforce complex policies. However, application bugs due t
Publikováno v:
Computer Security – ESORICS 2017 ISBN: 9783319664019
ESORICS (1)
ESORICS (1)
In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application’s own code. This leaves the application’s confidential data vulnerable to theft and leakage by malici
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::664b545e585ba73113478b132070dd1b
https://doi.org/10.1007/978-3-319-66402-6_15
https://doi.org/10.1007/978-3-319-66402-6_15
Publikováno v:
CSF
Web browsers routinely handle private information. Owing to a lax security model, browsers and JavaScript in particular, are easy targets for leaking sensitive data. Prior work has extensively studied information flow control (IFC) as a mechanism for
Autor:
Abhishek Bichhawat
Publikováno v:
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.
Preventing implicit information flows by dynamic program analysis requires coarse approximations that result in false positives, because a dynamic monitor sees only the executed trace of the program. One widely deployed method is the no-sensitive-upg
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::8454e1043ea04d5999113a80b9a19bc1