Zobrazeno 1 - 10
of 13
pro vyhledávání: '"Abhishek Bichhawat"'
Autor:
Quoc Huy Do, Guido Schmitz, Abhishek Bichhawat, Karthikeyan Bhargavan, Pedram Hosseyni, Tim Würtele, Ralf Küsters
Publikováno v:
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Nov 2021, Virtual Event, South Korea. pp.2601-2617, ⟨10.1145/3460120.3484588⟩
CCS
CCS '21: 2021 ACM SIGSAC Conference on Computer and Communications Security, Nov 2021, Virtual Event, South Korea. pp.2601-2617, ⟨10.1145/3460120.3484588⟩
CCS
The ACME certificate issuance and management protocol, standardized as IETF RFC 8555, is an essential element of the web public key infrastructure (PKI). It has been used by Let's Encrypt and other certification authorities to issue over a billion ce
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::7106bdbd0cba63800f37ccbc276ba101
https://inria.hal.science/hal-03540403
https://inria.hal.science/hal-03540403
Autor:
Quoc Huy Do, Abhishek Bichhawat, Karthikeyan Bhargavan, Guido Schmitz, Ralf Küsters, Pedram Hosseyni, Tim Würtele
Publikováno v:
2021 IEEE European Symposium on Security and Privacy (EuroS&P).
We present $\text{DY}^{\star}$ , a new formal verification framework for the symbolic security analysis of cryptographic protocol code written in the $\mathrm{F}^{\star}$ programming language. Unlike automated symbolic provers, our framework accounts
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::d18190fe6edd7e17cc9c8f2810d88a82
https://doi.org/10.1109/eurosp51992.2021.00042
https://doi.org/10.1109/eurosp51992.2021.00042
Publikováno v:
CSF
Information flow type systems enforce the security property of noninterference by detecting unauthorized data flows at compile-time. However, they require precise type annotations, making them difficult to use in practice as much of the legacy infras
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::55d94b8c16ce0ff124d57da3dde065f8
https://doi.org/10.1109/csf51468.2021.00015
https://doi.org/10.1109/csf51468.2021.00015
Publikováno v:
CSF
The risk posed by high-profile data breaches has raised the stakes for adhering to data access policies for many organizations, but the complexity of both the policies themselves and the applications that must obey them raises significant challenges.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::c0f2b88d7c97b59ee4fbb75fb75c689c
https://doi.org/10.1109/csf51468.2021.00001
https://doi.org/10.1109/csf51468.2021.00001
Autor:
Ralf Küsters, Quoc Huy Do, Tim Würtele, Guido Schmitz, Pedram Hosseyni, Karthikeyan Bhargavan, Abhishek Bichhawat
Publikováno v:
Protocols, Strands, and Logic ISBN: 9783030916305
Protocols, Strands, and Logic
Daniel Dougherty; José Meseguer; Sebastian Alexander Mödersheim; Paul Rowe. Protocols, Strands, and Logic, 13066, Springer International Publishing, pp.77-97, 2021, Lecture Notes in Computer Science, ⟨10.1007/978-3-030-91631-2_4⟩
Protocols, Strands, and Logic
Daniel Dougherty; José Meseguer; Sebastian Alexander Mödersheim; Paul Rowe. Protocols, Strands, and Logic, 13066, Springer International Publishing, pp.77-97, 2021, Lecture Notes in Computer Science, ⟨10.1007/978-3-030-91631-2_4⟩
\(\textsf {DY}^\star \) is a recently proposed formal verification framework for the symbolic security analysis of cryptographic protocol code written in the \(\textsf {F}^\star \) programming language. Unlike automated symbolic provers, \(\textsf {D
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::c9a3ee19294d8e02a7f29ad4f772cb0e
https://doi.org/10.1007/978-3-030-91631-2_4
https://doi.org/10.1007/978-3-030-91631-2_4
Publikováno v:
AsiaCCS
Database-backed applications rely on inlined policy checks to process users' private and confidential data in a policy-compliant manner as traditional database access control mechanisms cannot enforce complex policies. However, application bugs due t
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::674848aaed8a42bfa9df14f72c0833e4
https://doi.org/10.1145/3320269.3384759
https://doi.org/10.1145/3320269.3384759
Publikováno v:
Computer Security – ESORICS 2017 ISBN: 9783319664019
ESORICS (1)
ESORICS (1)
In the standard web browser programming model, third-party scripts included in an application execute with the same privilege as the application’s own code. This leaves the application’s confidential data vulnerable to theft and leakage by malici
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::664b545e585ba73113478b132070dd1b
https://doi.org/10.1007/978-3-319-66402-6_15
https://doi.org/10.1007/978-3-319-66402-6_15
Publikováno v:
CSF
Web browsers routinely handle private information. Owing to a lax security model, browsers and JavaScript in particular, are easy targets for leaking sensitive data. Prior work has extensively studied information flow control (IFC) as a mechanism for
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::b882af81f927199f4c77f98b2d8dbaa6
https://doi.org/10.1109/csf.2015.32
https://doi.org/10.1109/csf.2015.32
Autor:
Abhishek Bichhawat
Publikováno v:
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::5b32eb71a8b607ec0f1b9b76d7641aff
https://doi.org/10.1109/icse.2015.250
https://doi.org/10.1109/icse.2015.250
Preventing implicit information flows by dynamic program analysis requires coarse approximations that result in false positives, because a dynamic monitor sees only the executed trace of the program. One widely deployed method is the no-sensitive-upg
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::8454e1043ea04d5999113a80b9a19bc1