BibSLEIGH
BibSLEIGH corpus
BibSLEIGH tags
BibSLEIGH bundles
BibSLEIGH people
EDIT!
CC-BY
Open Knowledge
XHTML 1.0 W3C Rec
CSS 2.1 W3C CanRec
email twitter
security
Google security

Tag #security

881 papers:

ASPLOSASPLOS-2020-Ainsworth0 #hardware #parallel #programmable
The Guardian Council: Parallel Programmable Hardware Security (SA, TMJ0), pp. 1277–1293.
ASPLOSASPLOS-2020-XuSS #memory management #named #performance #persistent #reduction
MERR: Improving Security of Persistent Memory Objects via Efficient Memory Exposure Reduction and Randomization (YX, YS, XS), pp. 987–1000.
CSLCSL-2020-Cortier #protocol #verification
Verification of Security Protocols (Invited Talk) (VC), p. 2.
ECSAECSA-2019-Yasaweerasinghelage #architecture #optimisation #performance
Optimising Architectures for Performance, Cost, and Security (RY, MS, HYP, IW), pp. 161–177.
ICSAICSA-2019-GerkingS #architecture #component #cyber-physical #data flow #policy #refinement #verification
Component-Based Refinement and Verification of Information-Flow Security Policies for Cyber-Physical Microservice Architectures (CG, DS), pp. 61–70.
ICSAICSA-2019-GonzalezAM #architecture #empirical #industrial
Architectural Security Weaknesses in Industrial Control Systems (ICS) an Empirical Study Based on Disclosed Software Vulnerabilities (DG, FA, MM), pp. 31–40.
ICSAICSA-2019-UllahB #adaptation #approach #architecture #big data
An Architecture-Driven Adaptation Approach for Big Data Cyber Security Analytics (FU, MAB), pp. 41–50.
ICSMEICSME-2019-RahmanRW #python #smell
Share, But be Aware: Security Smells in Python Gists (MRR, AR, LW), pp. 536–540.
SCAMSCAM-2019-BergerSK #architecture
The Architectural Security Tool Suite - ARCHSEC (BJB, KS, RK), pp. 250–255.
FMFM-2019-SmithCM #data flow #memory management #modelling
Value-Dependent Information-Flow Security on Weak Memory Models (GS, NC, TM), pp. 539–555.
ECIRECIR-p2-2019-IonescuMPDPRTLG #multi #retrieval
ImageCLEF 2019: Multimedia Retrieval in Lifelogging, Medical, Nature, and Security Applications (BI, HM, RP, DTDN, LP, MR, MTT, ML, CG, YDC, VL, VK, ABA, SAH, VVD, JL, DDF, OP, CMF, JC, AC, AGSdH, NG, EK, CRdB, CC, NV, KK), pp. 301–308.
POPLPOPL-2019-ParkerVH #data flow #multi #named #web
LWeb: information flow security for multi-tier web applications (JP, NV, MH0), p. 30.
ICSE-2019-ChenFMWG #crowdsourcing #how #implementation #question #reliability
How reliable is the crowdsourced knowledge of security implementation? (MC, FF, NM, XW, JG), pp. 536–547.
ICSE-2019-RahmanPW #framework #smell
The seven sins: security smells in infrastructure as code scripts (AR, CP, LW), pp. 164–175.
ASPLOSASPLOS-2019-ZhangGFABNOA #architecture
Architectural Support for Containment-based Security (HZ, SG, JF, SA, SRB, NPN, TO, DIA), pp. 361–377.
FASEFASE-2019-HuangK #constraints #safety #verification
Formal Verification of Safety & Security Related Timing Constraints for a Cooperative Automotive System (LH, EYK0), pp. 210–227.
CADECADE-2019-LiT #automation #protocol #proving #theorem proving #verification
Combining ProVerif and Automated Theorem Provers for Security Protocol Verification (DLL, AT), pp. 354–365.
CAVCAV-2019-ErnstM #concurrent #logic #named
SecCSL: Security Concurrent Separation Logic (GE, TM), pp. 208–230.
ICSTICST-2019-PiantadosiSO #case study #open source
Fixing of Security Vulnerabilities in Open Source Projects: A Case Study of Apache HTTP Server and Apache Tomcat (VP, SS, RO), pp. 68–78.
ICTSSICTSS-2019-RiveraOMCVV #industrial #monitoring #platform
Industrial IoT Security Monitoring and Test on Fed4Fire+ Platforms (DR, EMdO, WM, ARC, BV, MV), pp. 270–278.
ECSAECSA-2018-GerkingS #architecture #composition #cyber-physical #data flow #towards
Towards Preserving Information Flow Security on Architectural Composition of Cyber-Physical Systems (CG, DS), pp. 147–155.
ICSMEICSME-2018-BagheriWAM #analysis #android #performance
Efficient, Evolutionary Security Analysis of Interacting Android Apps (HB, JW, JA, SM), pp. 357–368.
MSRMSR-2018-DecanMC #dependence #network #on the
On the impact of security vulnerabilities in the npm package dependency network (AD, TM, EC), pp. 181–191.
MSRMSR-2018-GkortzisMS #dataset #named #open source
VulinOSS: a dataset of security vulnerabilities in open-source systems (AG, DM, DS), pp. 18–21.
SCAMSCAM-2018-JimenezTP #analysis
[Engineering Paper] Enabling the Continuous Analysis of Security Vulnerabilities with VulData7 (MJ, YLT, MP), pp. 56–61.
FMFM-2018-Cohen #object-oriented #proving
Object-Oriented Security Proofs (EC), pp. 671–674.
FMFM-2018-KastnerMF #abstract interpretation #on the #safety
On Software Safety, Security, and Abstract Interpretation (DK, LM, CF), pp. 662–665.
IFM-2018-DoughertyGR #analysis #protocol #smt #using
Security Protocol Analysis in Context: Computing Minimal Executions Using SMT and CPSA (DJD, JDG, JDR), pp. 130–150.
ECIRECIR-2018-SanagavarapuMAR #information retrieval
SIREN - Security Information Retrieval and Extraction eNgine (LMS, NM, SA, YRR), pp. 811–814.
ICMLICML-2018-AthalyeC0 #obfuscation
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples (AA, NC, DAW0), pp. 274–283.
ICPRICPR-2018-LocBO #documentation #image #network #using
Document Images Watermarking for Security Issue using Fully Convolutional Networks (CVL, JCB, JMO), pp. 1091–1096.
ECMFAECMFA-2018-Ramadan0SRJ #detection #modelling #process #requirements
Detecting Conflicts Between Data-Minimization and Security Requirements in Business Process Models (QR, DS, MS, VR, JJ), pp. 179–198.
OOPSLAOOPSLA-2018-LiZ #framework
A derivation framework for dependent security label inference (PL, DZ), p. 26.
ASEASE-2018-LiuLZJS #contract #named #semantics #towards
S-gram: towards semantic-aware security auditing for Ethereum smart contracts (HL, CL, WZ, YJ0, JS), pp. 814–819.
ICSE-2018-FreyRAPN #case study #cyber-physical #game studies
The good, the bad and the ugly: a study of security decisions in a cyber-physical systems game (SF, AR, PA, MPA, SAN), p. 496.
ICSE-2018-LabunetsMPMO #assessment #comparison #comprehension #empirical #risk management #visual notation
Model comprehension for security risk assessment: an empirical comparison of tabular vs. graphical representations (KL, FM, FP, SM, FMdO), p. 395.
GPCEGPCE-2018-Peldszus0J #analysis #feature model #modelling #product line
Model-based security analysis of feature-oriented software product lines (SP, DS0, JJ), pp. 93–106.
CAVCAV-2018-Cook #reasoning #web #web service
Formal Reasoning About the Security of Amazon Web Services (BC), pp. 38–47.
CAVCAV-2018-BauerCS0 #model checking #protocol #random
Model Checking Indistinguishability of Randomized Security Protocols (MSB, RC, APS, MV0), pp. 117–135.
CAVCAV-2018-YangVSGM #composition #lazy evaluation #self #verification
Lazy Self-composition for Security Verification (WY, YV, PS, AG, SM), pp. 136–156.
ICSTICST-2018-RayROMO #energy #framework #testing
Bluetooth Low Energy Devices Security Testing Framework (AR, VR, MO, AM, SO), pp. 384–393.
ICTSSICTSS-2018-BozicW #testing
Security Testing for Chatbots (JB, FW), pp. 33–38.
TAPTAP-2018-VorobyovKS #c #case study #detection #experience #runtime #using #verification
Detection of Security Vulnerabilities in C Code Using Runtime Verification: An Experience Report (KV, NK, JS), pp. 139–156.
ICSAICSA-2017-SantosPMGVS #architecture #comprehension #empirical #php
Understanding Software Vulnerabilities Related to Architectural Security Tactics: An Empirical Investigation of Chromium, PHP and Thunderbird (JCSS, AP, MM, MG, JVV, AS), pp. 69–78.
ICSMEICSME-2017-CaiR #android #comprehension #programming
Understanding Android Application Programming and Security: A Dynamic Study (HC, BGR), pp. 364–375.
SANERSANER-2017-LaverdiereM #modelling #using
Computing counter-examples for privilege protection losses using security models (MAL, EM), pp. 240–249.
SCAMSCAM-2017-GhafariGN #android #smell
Security Smells in Android (MG, PG, ON), pp. 121–130.
SCAMSCAM-2017-NashaatAM #detection #object-oriented #php #source code
Detecting Security Vulnerabilities in Object-Oriented PHP Programs (MN, KA0, JM0), pp. 159–164.
SEFMSEFM-2017-GreinerMB #component #composition #data flow #verification
Modular Verification of Information Flow Security in Component-Based Systems (SG, MM, BB), pp. 300–315.
CIKMCIKM-2017-DongCWT0LLC #enterprise #performance #sequence
Efficient Discovery of Abnormal Event Sequences in Enterprise Security Systems (BD, ZC, WHW, LAT, KZ0, YL, ZL, HC), pp. 707–715.
MoDELSMoDELS-2017-RamadanS0JG #modelling #process #verification
From Secure Business Process Modeling to Design-Level Security Verification (QR, MS, DS, JJ, PG), pp. 123–133.
ASEASE-2017-LeeYSNM #android #detection #named #visualisation
SEALANT: a detection and visualization tool for inter-app security vulnerabilities in Android (YKL, PY, AS, DN, NM), pp. 883–888.
ESEC-FSEESEC-FSE-2017-AhmadianPRJ #analysis #modelling #privacy
Model-based privacy and security analysis with CARiSMA (ASA, SP, QR, JJ), pp. 989–993.
ESEC-FSEESEC-FSE-2017-AliabadiKGP #cyber-physical #detection #invariant #named
ARTINALI: dynamic invariant detection for cyber-physical system security (MRA, AAK, JGS, KP), pp. 349–361.
ESEC-FSEESEC-FSE-2017-BuXXZTX #android #industrial #internet #mobile #program analysis
When program analysis meets mobile security: an industrial study of misusing Android internet sockets (WB, MX, LX, YZ, ZT, TX), pp. 842–847.
ESEC-FSEESEC-FSE-2017-Hilton0TMD #assurance #flexibility #integration #trade-off
Trade-offs in continuous integration: assurance, security, and flexibility (MH, NN0, TT, DM, DD), pp. 197–207.
ESEC-FSEESEC-FSE-2017-Pashchenko #benchmark #difference #metric #static analysis #testing #tool support
FOSS version differentiation as a benchmark for static analysis security testing tools (IP), pp. 1056–1058.
ESEC-FSEESEC-FSE-2017-Williams
The rising tide lifts all boats: the advancement of science in cyber security (invited talk) (LW), p. 1.
ESEC-FSEESEC-FSE-2017-ZhouS #automation #commit #debugging #identification
Automated identification of security issues from commit messages and bug reports (YZ, AS), pp. 914–919.
ICSE-2017-KafaliJPWS #case study #how #policy
How good is a security policy against real breaches?: a HIPAA case study (ÖK, JJ, MP, LW, MPS), pp. 530–540.
ICSE-2017-LeeBSSZM #android
A SEALANT for inter-app security holes in android (YKL, JYB, GS, AS, YZ, NM), pp. 312–323.
ICSE-2017-XuCCLS #analysis #comprehension #named #towards
SPAIN: security patch analysis for binaries towards understanding the pain and pills (ZX, BC0, MC, YL0, FS), pp. 462–472.
ASPLOSASPLOS-2017-ChisnallDGBJWMM #c #java
CHERI JNI: Sinking the Java Security Model into the C (DC, BD, KG, DB, AJ, JW, ATM, JEM, RMN, SDS, MR, SWM, PGN, BL, RNMW), pp. 569–583.
ASPLOSASPLOS-2017-FerraiuoloXZMS #analysis #architecture #data flow #hardware #verification
Verification of a Practical Hardware Security Architecture Through Static Information Flow Analysis (AF, RX, DZ, ACM, GES), pp. 555–568.
ASPLOSASPLOS-2017-ZhangSGCS #identification #verification
Identifying Security Critical Properties for the Dynamic Verification of a Processor (RZ, NS, CG, AC, CS), pp. 541–554.
CASECASE-2017-LiuMR #analysis #cyber-physical
Security analysis of continuous-time cyber-physical system against sensor attacks (XL, YM, XR), pp. 1586–1591.
CASECASE-2017-WangXBYL #constraints #evaluation #grid #hybrid #power management #reliability
Reliability evaluation of AC/DC hybrid power grid considering transient security constraints (CW, HX, ZB, CY, YL), pp. 1237–1242.
FASEFASE-2017-Henda0LNSS #analysis #named
OpenSAW: Open Security Analysis Workbench (NBH, BJ0, PL, KN, PS, OS), pp. 321–337.
ICSTICST-2017-Al-QahtaniER #api #approach #modelling #ontology #semantics #traceability
Recovering Semantic Traceability Links between APIs and Security Vulnerabilities: An Ontological Modeling Approach (SSAQ, EEE, JR), pp. 80–91.
ICTSSICTSS-2017-SalvaR #integration #testing #using
Using Data Integration for Security Testing (SS, LR), pp. 178–194.
ECSAECSA-2016-SchmerlGSBMCG #analysis #android #architecture #modelling
Architecture Modeling and Analysis of Security in Android Systems (BRS, JG, AS, HB, SM, JC, DG), pp. 274–290.
WICSAWICSA-2016-FengKCMX #analysis #approach #architecture #towards
Towards an Architecture-Centric Approach to Security Analysis (QF, RK, YC, RM, LX0), pp. 221–230.
WICSAWICSA-2016-TaspolatogluH #analysis #architecture
Context-Based Architectural Security Analysis (ET, RH), pp. 281–282.
WICSAWICSA-2016-YuanM #architecture #component #detection #interactive #mining
Mining Software Component Interactions to Detect Security Threats at the Architectural Level (EY, SM), pp. 211–220.
SCAMSCAM-2016-BiaseBB #code review #overview
A Security Perspective on Code Review: The Case of Chromium (MdB, MB, AB), pp. 21–30.
FMFM-2016-LetanCHNM #named #specification #verification
SpecCert: Specifying and Verifying Hardware-Based Security Enforcement (TL, PC, GH, PN, BM), pp. 496–512.
FMFM-2016-LiSD #automation #protocol #verification
Automated Verification of Timed Security Protocols with Clock Drift (LL0, JS0, JSD), pp. 513–530.
CIKMCIKM-2016-Grushka-CohenSB #assessment #database #elicitation #named #risk management
CyberRank: Knowledge Elicitation for Risk Assessment of Database Security (HGC, OS, OB, BS, LR), pp. 2009–2012.
KDDKDD-2016-Diffie #evolution
The Evolving Meaning of Information Security (WD), p. 5.
ECOOPECOOP-2016-FennellT #named #object-oriented
LJGS: Gradual Security Types for Object-Oriented Languages (LF, PT0), p. 26.
OOPSLAOOPSLA-2016-GollamudiC #automation #policy #using
Automatic enforcement of expressive security policies using enclaves (AG, SC), pp. 494–513.
PLDIPLDI-2016-CostanzoSG #assembly #c #data flow #source code #verification
End-to-end verification of information-flow security for C and assembly programs (DC, ZS, RG), pp. 648–664.
ASEASE-2016-CeccatoNAB #automation #black box #injection #named #testing
SOFIA: an automated security oracle for black-box testing of SQL-injection vulnerabilities (MC, CDN, DA, LCB), pp. 167–177.
FSEFSE-2016-KangMJ #analysis #multi
Multi-representational security analysis (EK, AM, DJ0), pp. 181–192.
ICSE-2016-NearJ #data access #debugging #using #web
Finding security bugs in web applications using a catalog of access control patterns (JPN, DJ0), pp. 947–958.
CGOCGO-2016-HawkinsDT #lightweight #monitoring #named #off the shelf
BlackBox: lightweight security monitoring for COTS binaries (BH, BD, MBT), pp. 261–272.
ICTSSICTSS-2016-SimosKGGL #approach #combinator #testing #web
A Combinatorial Approach to Analyzing Cross-Site Scripting (XSS) Vulnerabilities in Web Application Security Testing (DES, KK, LSGG, BG, YL), pp. 70–85.
ECSAECSA-2015-FernandezAP #architecture
Revisiting Architectural Tactics for Security (EBF, HA, GPG), pp. 55–69.
QoSAQoSA-2015-MyllarniemiRM #configuration management #product line #representation #variability
Representing and Configuring Security Variability in Software Product Lines (VM, MR, TM), pp. 1–10.
ITiCSEITiCSE-2015-AlshammariAH #adaptation #education #learning
The Impact of Learning Style Adaptivity in Teaching Computer Security (MA, RA, RJH), pp. 135–140.
SIGITESIGITE-2015-LinckeH #case study #development
The Development of a Longitudinal Security Case Study (SJL, SRH), pp. 49–54.
SIGITESIGITE-2015-WangBH #education
Hands-on Exercises for IT Security Education (XW, YB, GCH), pp. 161–166.
SANERSANER-2015-CadariuBVD
Tracking known security vulnerabilities in proprietary software systems (MC, EB, JV, AvD), pp. 516–519.
SCAMSCAM-2015-RenatusBE #modelling #using
Improving prioritization of software weaknesses using security models with AVUS (SR, CB, JE), pp. 259–264.
CIAACIAA-2015-DangDFH #automaton
Security of Numerical Sensors in Automata (ZD, DD, TRF, WJHI), pp. 76–88.
FMFM-2015-LiSLD #protocol #verification
Verifying Parameterized Timed Security Protocols (LL, JS, YL, JSD), pp. 342–359.
FMFM-2015-LiuH #analysis #android #case study #kernel
Case Study: Static Security Analysis of the Android Goldfish Kernel (TL, RH), pp. 589–592.
CHICHI-2015-EgelmanP #behaviour #scalability
Scaling the Security Wall: Developing a Security Behavior Intentions Scale (SeBIS) (SE, EP), pp. 2873–2882.
CHICHI-2015-HangLH #authentication #exclamation #smarttech #what
I Know What You Did Last Week! Do You?: Dynamic Security Questions for Fallback Authentication on Smartphones (AH, ADL, HH), pp. 1383–1392.
CHICHI-2015-IsmailAKR #crowdsourcing
Crowdsourced Exploration of Security Configurations (QI, TA, AK, MKR), pp. 467–476.
CHICHI-2015-WinklerGLHSDR #smarttech
Glass Unlock: Enhancing Security of Smartphone Unlocking through Leveraging a Private Near-eye Display (CW, JG, ADL, GH, PS, DD, ER), pp. 1407–1410.
CSCWCSCW-2015-DasKDH #social
The Role of Social Influence in Security Feature Adoption (SD, ADIK, LAD, JIH), pp. 1416–1426.
HCIHCI-DE-2015-SugiuraSO #implementation #metric #using
Improving IT Security Through Security Measures: Using Our Game-Theory-Based Model of IT Security Implementation (MS, HS, TO), pp. 82–95.
HCIHCI-DE-2015-Uchida #approach
A Psychological Approach to Information Security — Some Ideas for Establishing Information Security Psychology (KU), pp. 96–104.
HCIHCI-UC-2015-FukuzawaSU #overview #risk management
Survey on Risk Management Based on Information Security Psychology (YF, MS, HU), pp. 396–408.
HCIHIMI-IKD-2015-TrevisanPMG #big data #health #industrial #problem #visualisation
Big Data Visualization for Occupational Health and Security Problem in Oil and Gas Industry (DGT, NSP, LM, ACBG), pp. 46–54.
ICEISICEIS-v2-2015-MazurKW #data access #modelling #on the #performance
On the Modelling of the Influence of Access Control Management to the System Security and Performance (KM, BK, AW), pp. 346–354.
SEKESEKE-2015-FaniB #ontology
An Ontology for Describing Security Events (HF, EB), pp. 455–460.
SEKESEKE-2015-HuangWSQ #android #fine-grained #named #policy
DefDroid: Securing Android with Fine-Grained Security Policy (CH, SW, HS, ZQ), pp. 375–378.
SIGIRSIGIR-2015-YangS #information retrieval #privacy
Privacy-Preserving IR 2015: When Information Retrieval Meets Privacy and Security (HY, IS), pp. 1157–1158.
MoDELSMoDELS-2015-NguyenYHKST #design pattern #named
SoSPa: A system of Security design Patterns for systematically engineering secure systems (PHN, KY, TH, JK, RS, YLT), pp. 246–255.
PLDIPLDI-2015-JohnsonWMC #dependence #graph
Exploring and enforcing security guarantees via program dependence graphs (AJ, LW, SM, SC), pp. 291–302.
POPLPOPL-2015-NgoMMP #black box #policy #runtime #source code
Runtime Enforcement of Security Policies on Black Box Reactive Programs (MN, FM, DM, FP), pp. 43–54.
QAPLQAPL-2015-MartinelliMS #specification
Semiring-based Specification Approaches for Quantitative Security (FM, IM, FS), pp. 95–109.
REFSQREFSQ-2015-GramaticaLMPT #assessment #empirical #risk management
The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals (MdG, KL, FM, FP, AT), pp. 98–114.
REFSQREFSQ-2015-LiHM #requirements #specification
Analyzing and Enforcing Security Mechanisms on Requirements Specifications (TL, JH, JM), pp. 115–131.
ESEC-FSEESEC-FSE-2015-Feth #optimisation #trade-off #usability
User-centric security: optimization of the security-usability trade-off (DF), pp. 1034–1037.
ESEC-FSEESEC-FSE-2015-GhaisasMBGKV #automation #towards
Towards automating the security compliance value chain (SG, MM, BB, AG, RK, HMV), pp. 1014–1017.
ESEC-FSEESEC-FSE-2015-SmithJMCL #developer #static analysis
Questions developers ask while diagnosing potential security vulnerabilities with static analysis (JS, BJ, ERMH, BC, HRL), pp. 248–259.
ESEC-FSEESEC-FSE-2015-WitscheyZWMMZ #developer #tool support
Quantifying developers’ adoption of security tools (JW, OZ, AKW, ERMH, CBM, TZ), pp. 260–271.
ICSEICSE-v1-2015-YskoutSJ #design #question
Do Security Patterns Really Help Designers? (KY, RS, WJ), pp. 292–302.
ICSEICSE-v2-2015-Berghe #analysis #towards
Towards a Practical Security Analysis Methodology (AvDB), pp. 883–886.
ICSEICSE-v2-2015-DoligezFHM #development #functional #programming #validation #xml
Avoiding Security Pitfalls with Functional Programming: A Report on the Development of a Secure XML Validator (DD, CF, TH, MM), pp. 209–218.
ICSEICSE-v2-2015-HollandDKMR #android #detection #novel
Security Toolbox for Detecting Novel and Sophisticated Android Malware (BH, TD, SK, JM, NR), pp. 733–736.
ICSEICSE-v2-2015-Morrison #evaluation #framework
A Security Practices Evaluation Framework (PM), pp. 935–938.
ICSEICSE-v2-2015-SadeghiBM #analysis #android #using
Analysis of Android Inter-App Security Vulnerabilities Using COVERT (AS, HB, SM), pp. 725–728.
ICSEICSE-v2-2015-SimpsonMCFMR #case study #delivery #education #experience
Experiences in Developing and Delivering a Programme of Part-Time Education in Software and Systems Security (ACS, AM, CJFC, IF, IM, KBR), pp. 435–444.
ICSEICSE-v2-2015-TsigkanosPGN #adaptation #cyber-physical #named
Ariadne: Topology Aware Adaptive Security for Cyber-Physical Systems (CT, LP, CG, BN), pp. 729–732.
SACSAC-2015-BeckersHMG #internet
Engineering trust- and reputation-based security controls for future internet systems (KB, MH, FM, MCFG), pp. 1344–1349.
SACSAC-2015-OliveiraLV #framework #performance #web #web service
Characterizing the performance of web service frameworks under security attacks (RAO, NL, MV), pp. 1711–1718.
SACSAC-2015-PiMMG #analysis #health #ontology
Ontology definition and cognitive analysis in ocupational health and security (OHS) environments (NSP, LM, JMM, ACBG), pp. 201–206.
SACSAC-2015-ShahriarH #approach #assessment #metric #risk management #web
Security assessment of clickjacking risks in web applications: metrics based approach (HS, HMH), pp. 791–797.
SACSAC-2015-TambeN #behaviour #game studies #modelling #resource management #robust
Robust resource allocation in security games and ensemble modeling of adversary behavior (AT, TN), pp. 277–282.
SACSAC-2015-VecchiatoVM #android #assessment
A security configuration assessment for android devices (DV, MV, EM), pp. 2299–2304.
SACSAC-2015-WangYCDGW #documentation #named #physics
Cryptopaper: digital information security for physical documents (PW, XY, SC, PD, SG, TW), pp. 2157–2164.
ASPLOSASPLOS-2015-ZhangWSM #data flow #design #hardware #information management
A Hardware Design Language for Timing-Sensitive Information-Flow Security (DZ, YW, GES, ACM), pp. 503–516.
DACDAC-2015-GuoDJFM #formal method #perspective #validation #verification
Pre-silicon security verification and validation: a formal perspective (XG, RGD, YJ, FF, PM), p. 6.
DACDAC-2015-LiuWLCWBQ #challenge #design
Cloning your mind: security challenges in cognitive system designs and their solutions (BL, CW, HL, YC, QW, MB, QQ), p. 5.
DACDAC-2015-MundhenkSLFC #analysis #architecture #model checking #probability #using
Security analysis of automotive architectures using probabilistic model checking (PM, SS, ML, SAF, SC), p. 6.
DACDAC-2015-Peeters #architecture
SoC security architecture: current practices and emerging needs (EP), p. 6.
DACDAC-2015-RayYBB #correctness #design #validation
Correctness and security at odds: post-silicon validation of modern SoC designs (SR, JY, AB, SB), p. 6.
DACDAC-2015-SadeghiWW #challenge #industrial #internet #privacy
Security and privacy challenges in industrial internet of things (ARS, CW, MW), p. 6.
DACDAC-2015-ShreejithF #embedded #generative #network
Security aware network controllers for next generation automotive embedded systems (SS, SAF), p. 6.
DACDAC-2015-WachsI #challenge #design #hardware #integration
Design and integration challenges of building security hardware IP (MW, DI), p. 6.
DACDAC-2015-ZhengLDGZS #design #verification
Design and verification for transportation system security (BZ, WL, PD, LG, QZ, NS), p. 6.
DATEDATE-2015-LeeLMHP #monitoring #named
Extrax: security extension to extract cache resident information for snoop-based external monitors (JL, YL, HM, IH, YP), pp. 151–156.
PDPPDP-2015-FedorchenkoKC #analysis #database #design #network
Design of Integrated Vulnerabilities Database for Computer Networks Security Analysis (AF, IVK, AC), pp. 559–566.
PDPPDP-2015-KotenkoD #metric
Countermeasure Selection in SIEM Systems Based on the Integrated Complex of Security Metrics (IVK, ED), pp. 567–574.
TACASTACAS-2015-ArmandoBCCMMM #framework #mobile #named #platform #static analysis #verification
SAM: The Static Analysis Module of the MAVERIC Mobile App Security Verification Platform (AA, GB, GC, GC, GDM, RM, AM), pp. 225–230.
ICSTICST-2015-CarboneCPP #identification #testing
Security Threat Identification and Testing (RC, LC, AP, SEP), pp. 1–8.
ICSTICST-2015-KobashiYWFYOK #design pattern #named #testing #verification
TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing (TK, MY, HW, YF, NY, TO, HK), pp. 1–8.
ISSTAISSTA-2015-DahseH #case study #empirical #experience #php
Experience report: an empirical study of PHP security mechanism usage (JD, TH), pp. 60–70.
ISSTAISSTA-2015-Hothersall-Thomas #automation #named #testing
BrowserAudit: automated testing of browser security features (CHT, SM, CN), pp. 37–47.
ECSAECSA-2014-HorcasPF #policy #runtime
Runtime Enforcement of Dynamic Security Policies (JMH, MP, LF), pp. 340–356.
SIGMODSIGMOD-2014-BenderKG #database #relational
Explainable security for relational databases (GB, LK, JG), pp. 1411–1422.
EDMEDM-2014-BoutnaruH #education #quality #student
Teachers and Students Learn Cyber Security: Comparing Software Quality, Security (SB, AH), pp. 292–295.
ITiCSEITiCSE-2014-GuoBQLH #assurance #education
Enhancing the information assurance and security (IAS) in CS education with mobile-device based hands-on labs (MG, PB, KQ, CTDL, XH), p. 343.
ITiCSEITiCSE-2014-SirajGTH #topic
Empowering faculty to embed security topics into computer science courses (AS, SG, JT, AH), pp. 99–104.
ITiCSEITiCSE-2014-WangCMSW #data access #education #multi #named #using #visualisation
MLSvisual: a visualization tool for teaching access control using multi-level security (MW, SC, JM, CKS, CW), pp. 93–98.
SIGITESIGITE-2014-Kumar #design
Designing a graduate program in information security and analytics: masters program in information security and analytics (MISA) (SAK), pp. 141–146.
SIGITESIGITE-2014-PeltsvergerZ #analysis #education
Bottleneck analysis with NetKit: teaching information security with hands-on labs (SP, CZ), pp. 45–50.
SIGITESIGITE-2014-Trabelsi #approach #comprehension #education #network #using
Enhancing the comprehension of network sniffing attack in information security education using a hands-on lab approach (ZT), pp. 39–44.
SANERCSMR-WCRE-2014-BuchlerHMMGO #model inference #testing
Model inference and security testing in the spacios project (MB, KH, PFM, MM, RG, CO), pp. 411–414.
SANERCSMR-WCRE-2014-MihanceaM #named #verification #web
JMODEX: Model extraction for verifying security properties of web applications (PFM, MM), pp. 450–453.
MSRMSR-2014-PleteaVS #analysis #git #sentiment
Security and emotion: sentiment analysis of security discussions on GitHub (DP, BV, AS), pp. 348–351.
SCAMSCAM-2014-TliliFBDH #scalability #verification
Scalable Security Verification of Software at Compile Time (ST, JMF, AB, BD, SH), pp. 115–124.
IFMIFM-2014-BruniSNN #analysis #protocol
Formal Security Analysis of the MaCAN Protocol (AB, MS, FN, HRN), pp. 241–255.
IFMIFM-2014-KordyPS #framework #probability
A Probabilistic Framework for Security Scenarios with Dependent Actions (BK, MP, PS), pp. 256–271.
IFMIFM-2014-RamsdellDGR #analysis #hybrid #protocol
A Hybrid Analysis for Security Protocols with State (JDR, DJD, JDG, PDR), pp. 272–287.
CHICHI-2014-HarbachHWS #communication #privacy #using
Using personal examples to improve risk communication for security & privacy decisions (MH, MH, SW, MS), pp. 2647–2656.
CHICHI-2014-VanieaRW #case study #experience #how
Betrayed by updates: how negative experiences affect future security (KV, EJR, RW), pp. 2671–2674.
CHICHI-2014-ZhangWKGS #mobile #towards
Effects of security warnings and instant gratification cues on attitudes toward mobile websites (BZ, MW, HK, EG, SSS), pp. 111–114.
CSCWCSCW-2014-XiaoWM #development #social #tool support #why
Social influences on secure development tool adoption: why security tools spread (SX, JW, ERMH), pp. 1095–1106.
HCIDUXU-TMT-2014-CoventryBJM #behaviour #named
SCENE: A Structured Means for Creating and Evaluating Behavioral Nudges in a Cyber Security Environment (LMC, PB, DJ, APAvM), pp. 229–239.
HCILCT-NLE-2014-LaugassonK #open source
File Formats Security — Proprietary vs. Open-Source (EL, KK), pp. 63–72.
CAiSECAiSE-2014-LiH #approach #requirements
Dealing with Security Requirements for Socio-Technical Systems: A Holistic Approach (TL, JH), pp. 285–300.
EDOCEDOC-2014-KormanSHBE #assessment #enterprise #overview #risk management
Overview of Enterprise Information Needs in Information Security Risk Assessment (MK, TS, JH, JEB, ME), pp. 42–51.
ICPRICPR-2014-KumarK #adaptation #multimodal #recognition #set #using
Adaptive Security for Human Surveillance Using Multimodal Open Set Biometric Recognition (AK, AK), pp. 405–410.
ICPRICPR-2014-LetchfordGZ
Smoothing Security Prices (AL, JG, LZ), pp. 1037–1042.
KDDKDD-2014-Waltzman
Information environment security (RW), p. 1521.
KDDKDD-2014-ZhuXGC #mobile #privacy #recommendation
Mobile app recommendations with security and privacy awareness (HZ, HX, YG, EC), pp. 951–960.
KDIRKDIR-2014-KurasEAH #data mining #mining
The GDR Through the Eyes of the Stasi — Data Mining on the Secret Reports of the State Security Service of the former German Democratic Republic (CK, TE, CA, GH), pp. 360–365.
KEODKEOD-2014-KruppS0 #mobile #ontology #policy #privacy
An Ontology for Enforcing Security and Privacy Policies on Mobile Devices (BK, NS, WZ), pp. 288–295.
KMISKMIS-2014-DaviesB
Determining the Value of Information Security Investments — A Decision Support System (HLD, AJCB), pp. 426–433.
SEKESEKE-2014-El-KharboutlyGF #analysis
Industry-wise Analysis of Security Breaches in Data Loss Incidents (REK, SSG, LF), pp. 615–619.
SEKESEKE-2014-SantosRBC #elicitation #requirements
Persona Security: A Technique for Supporting the Elicitation of Security Requirements (MADS, JR, RdSB, TC), pp. 603–608.
SIGIRSIGIR-2014-SiY #information retrieval #privacy
Privacy-preserving IR: when information retrieval meets privacy and security (LS, HY), p. 1295.
PLATEAUPLATEAU-2014-KurilovaPA #design #named #programming language
Wyvern: Impacting Software Security via Programming Language Design (DK, AP, JA), pp. 57–58.
PEPMPEPM-J-2013-WeijersHH14 #fault #higher-order #polymorphism
Security type error diagnosis for higher-order, polymorphic languages (JW, JH, SH), pp. 200–218.
RERE-2014-Anton #privacy
Now more than ever: Privacy and security are required (AIA), p. 2.
RERE-2014-GartnerRBSJ #maintenance #requirements
Maintaining requirements for long-living software systems by incorporating security knowledge (SG, TR, JB, KS, JJ), pp. 103–112.
RERE-2014-Ionita #evaluation #identification #information management #risk management
Context-sensitive Information security Risk identification and evaluation techniques (DI), pp. 485–488.
RERE-2014-RiazKSW #automation #identification #natural language #requirements
Hidden in plain sight: Automatically identifying security requirements from natural language artifacts (MR, JTK, JS, LAW), pp. 183–192.
RERE-2014-SlavinLNB #diagrams #feature model #requirements #using
Managing security requirements patterns using feature diagram hierarchies (RS, JML, JN, TDB), pp. 193–202.
RERE-2014-TsigkanosPMGN #adaptation #requirements #runtime
Engineering topology aware adaptive security: Preventing requirements violations at runtime (CT, LP, CM, CG, BN), pp. 203–212.
ASEASE-2014-NearJ #analysis #interactive #named #web
Derailer: interactive security analysis for web applications (JPN, DJ), pp. 587–598.
SACSAC-2014-BeckersCG #in the cloud #requirements
A catalog of security requirements patterns for the domain of cloud computing systems (KB, IC, LG), pp. 337–342.
SACSAC-2014-ShoshitaishviliIDV #analysis #scalability #trade-off
Do you feel lucky?: a large-scale analysis of risk-rewards trade-offs in cyber security (YS, LI, AD, GV), pp. 1649–1656.
ASPLOSASPLOS-2014-0001KOTRKSHC #named #policy
Sapper: a language for hardware-level security policy enforcement (XL, VK, JKO, MT, VRR, RK, TS, BH, FTC), pp. 97–112.
CGOCGO-2014-KashyapH
Security Signature Inference for JavaScript-based Browser Addons (VK, BH), p. 219.
DACDAC-2014-HuWTT #hardware #monitoring #network
System-Level Security for Network Processors with Hardware Monitors (KH, TW, TT, RT), p. 6.
DACDAC-2014-TrimbergerM
FPGA Security: From Features to Capabilities to Trusted Systems (ST, JM), p. 4.
DATEDATE-2014-Jin #evaluation #proving #tool support #trust
EDA tools trust evaluation through security property proofs (YJ), pp. 1–4.
DATEDATE-2014-RostamiWPK #challenge #roadmap
Quo vadis, PUF?: Trends and challenges of emerging physical-disorder based security (MR, JBW, MP, FK), pp. 1–6.
DATEDATE-2014-SubramanyanA #design #verification
Formal verification of taint-propagation security properties in a commercial SoC design (PS, DA), pp. 1–2.
OSDIOSDI-2014-HawblitzelHLNPZZ #automation #verification
Ironclad Apps: End-to-End Security via Automated Full-System Verification (CH, JH, JRL, AN, BP, DZ, BZ), pp. 165–181.
PDPPDP-2014-KotenkoDC #game studies #graph #metric
Security Metrics Based on Attack Graphs for the Olympic Games Scenario (IVK, ED, AC), pp. 561–568.
PDPPDP-2014-NesterukNK #adaptation #fuzzy #knowledge base
Creation of a Fuzzy Knowledge Base for Adaptive Security Systems (PN, LN, IVK), pp. 574–577.
PDPPDP-2014-RiekeRZE #monitoring #process
Monitoring Security Compliance of Critical Processes (RR, JR, MZ, JE), pp. 552–560.
FASEFASE-2014-SadeghiEM #analysis #mining #repository
Mining the Categorized Software Repositories to Improve the Analysis of Security Vulnerabilities (AS, NE, SM), pp. 155–169.
ICTSSICTSS-2014-WotawaB #automation #exclamation #testing
Plan It! Automated Security Testing Based on Planning (FW, JB), pp. 48–62.
ISSTAISSTA-2014-TrippFP #analysis #hybrid #javascript #partial evaluation #web
Hybrid security analysis of web JavaScript code via dynamic partial evaluation (OT, PF, MP), pp. 49–59.
VLDBVLDB-2013-Kozak #performance #similarity
Efficiency and Security in Similarity Cloud Services (SK), pp. 1450–1455.
ITiCSEITiCSE-2013-PatitsasL
Dr. Horrible’s fork bomb: a lab for introducing security issues in CS2 (EAP, DL), p. 318.
ITiCSEITiCSE-2013-QianYGBT #authentication #learning #mobile #network
Mobile device based authentic learning for computer network and security (KQ, MY, MG, PB, LT), p. 335.
CSMRCSMR-2013-BergerSK #architecture
Extracting and Analyzing the Implemented Security Architecture of Business Applications (BJB, KS, RK), pp. 285–294.
ICALPICALP-v2-2013-ChretienCD #automaton #protocol
From Security Protocols to Pushdown Automata (RC, VC, SD), pp. 137–149.
FDGFDG-2013-RyanSVC #education #game studies #network #using
Network Nightmares: Using games to teach networks and security (WR, JS, DV, JC), pp. 413–416.
HCIDUXU-NTE-2013-Langhorne #evaluation #online
Department of Homeland Security Websites Uncoupled: An Evaluation of Online Counterterrorism and Security Information across Agencies (ALL), pp. 112–119.
HCIHIMI-D-2013-LiaoLH #concept #modelling #ontology #perspective #towards
Towards an Ontological Interpretation on the i* Modeling Language Extended with Security Concepts: A Bunge-Wand-Weber Model Perspective (GYL, PJL, LTH), pp. 322–328.
HCIHIMI-HSM-2013-MoodyW #mobile #what
Security, But at What Cost? — An Examination of Security Notifications within a Mobile Application (GM, DW), pp. 391–399.
HCIOCSC-2013-KaratasBK #towards #visual notation
Towards Visual Configuration Support for Interdependent Security Goals (FK, MB, DK), pp. 375–384.
ICEISICEIS-J-2013-SuB13a #fine-grained #graph #identification
Foundation for Fine-Grained Security and DRM Control Based on a Service Call Graph Context Identification (ZS, FB), pp. 226–241.
ICEISICEIS-v2-2013-DelgadoORHG #information management #social
Proposal of an Interoperability Model for Social Security Information Systems (FDA, SO, RJR, JRH, JMG), pp. 451–458.
ICEISICEIS-v3-2013-NassarBBB #architecture #design #towards
Towards Security Awareness in Designing Service-oriented Architectures (PBN, YB, FB, KB), pp. 347–355.
KDDKDD-2013-Marty #how #visual notation
Cyber security: how visual analytics unlock insight (RM), p. 1139.
KDIRKDIR-KMIS-2013-CostaS #assessment #concept #enterprise #using
Enterprise to Cloud Security Assessment — A Method using OSSTMM 3.0 Concepts (RC, CS), pp. 571–578.
KDIRKDIR-KMIS-2013-Hugl #challenge
Crying for the Moon? — Current Challenges in Corporate Information Security Management (UH), pp. 579–586.
SEKESEKE-2013-AlshammariFC #bytecode #java #metric #source code
Security Metrics for Java Bytecode Programs (BA, CJF, DC), pp. 394–399.
MODELSMoDELS-2013-PerezGCCC #analysis #modelling #network #policy
Model-Driven Extraction and Analysis of Network Security Policies (SMP, JGA, FC, NCB, JC), pp. 52–68.
OnwardOnward-2013-ValleeWZFK #modelling #problem #reasoning
Usable security as a static-analysis problem: modeling and reasoning about user permissions in social-sharing systems (HQdlV, JMW, WZ, KF, SK), pp. 1–16.
PEPMPEPM-2013-WeijersHH #fault #higher-order #polymorphism
Security type error diagnosis for higher-order, polymorphic languages (JW, JH, SH), pp. 3–12.
PLDIPLDI-2013-Schneider #programming language
Programming languages in security: keynote (FBS), pp. 139–140.
POPLPOPL-2013-LivshitsC #automation #classification #towards
Towards fully automatic placement of security sanitizers and declassifiers (BL, SC), pp. 385–398.
QAPLQAPL-2013-NgoH #analysis #concurrent #multi #source code #thread
Quantitative Security Analysis for Multi-threaded Programs (TMN, MH), pp. 34–48.
ICSEICSE-2013-AlmorsyGI #analysis #architecture #automation #using
Automated software architecture security risk analysis using formalized signatures (MA, JG, ASI), pp. 662–671.
ICSEICSE-2013-Rimba #assurance #platform #using
Building high assurance secure applications using security patterns for capability-based platforms (PR), pp. 1401–1404.
SACSAC-2013-AccorsiSM #mining #on the #process
On the exploitation of process mining for security audits: the process discovery case (RA, TS, GM), pp. 1462–1468.
SACSAC-2013-CampioloSBG #twitter
Evaluating the utilization of Twitter messages as a source of security alerts (RC, LAFS, DMB, MAG), pp. 942–943.
SACSAC-2013-CarlosMPC
An updated threat model for security ceremonies (MCC, JEM, GP, RFC), pp. 1836–1843.
SACSAC-2013-JeonKKC #android
Enhancing security enforcement on unmodified Android (CJ, WK, BK, YC), pp. 1655–1656.
SACSAC-2013-KaratasK #approach #composition #flexibility
A flexible approach for considering interdependent security objectives in service composition (FK, DK), pp. 1919–1926.
SACSAC-2013-MartinaP #induction #multi #protocol #using #verification
Verifying multicast-based security protocols using the inductive method (JEM, LCP), pp. 1824–1829.
SACSAC-2013-ShinYR #android #visual notation
Supporting visual security cues for WebView-based Android apps (DS, HY, UR), pp. 1867–1876.
SACSAC-2013-TranLZ #architecture #metadata
Derivation of domain-specific architectural knowledge views from governance and security compliance metadata (HT, IL, UZ), pp. 1728–1733.
SACSAC-2013-VukovicD #distributed #estimation #on the
On the security of distributed power system state estimation under targeted attacks (OV, GD), pp. 666–672.
ASPLOSASPLOS-2013-MaiPXKM #invariant #verification
Verifying security invariants in ExpressOS (HM, EP, HX, STK, PM), pp. 293–304.
CGOCGO-2013-ArthurMRAB #debugging #named #profiling #scalability
Schnauzer: scalable profiling for likely security bug sites (WA, BM, RR, TMA, VB), p. 11.
DACDAC-2013-FanRRV #design #encryption #energy
Low-energy encryption for medical devices: security adds an extra design dimension (JF, OR, VR, IV), p. 6.
DACDAC-2013-RostamiBKJ #question
Balancing security and utility in medical devices? (MR, WB, FK, AJ), p. 6.
DACDAC-2013-YinQ
Improving PUF security with regression-based distiller (CEDY, GQ), p. 6.
DATEDATE-2013-DiazSSR #analysis #network #performance #simulation
Wireless sensor network simulation for security and performance analysis (AD, PS, JS, JR), pp. 432–435.
DATEDATE-2013-LeestT #hardware
Anti-counterfeiting with hardware intrinsic security (VvdL, PT), pp. 1137–1142.
DATEDATE-2013-SagstetterLSWBHJPPC #architecture #challenge #design #hardware
Security challenges in automotive hardware/software architecture design (FS, ML, SS, MW, AB, WRH, SJ, TP, AP, SC), pp. 458–463.
PDPPDP-2013-BasileCLP #analysis #reachability
Improved Reachability Analysis for Security Management (CB, DC, AL, CP), pp. 534–541.
PDPPDP-2013-NovikovaK #visualisation
Analytical Visualization Techniques for Security Information and Event Management (EN, IVK), pp. 519–525.
FASEFASE-2013-TrippPCCG #analysis #named #scalability #web
Andromeda: Accurate and Scalable Security Analysis of Web Applications (OT, MP, PC, RC, SG), pp. 210–225.
STOCSTOC-2013-ChungPS #simulation
Non-black-box simulation from one-way functions and applications to resettable security (KMC, RP, KS), pp. 231–240.
CAVCAV-2013-BiondiLTW #imperative #named
QUAIL: A Quantitative Security Analyzer for Imperative Code (FB, AL, LMT, AW), pp. 702–707.
CAVCAV-2013-MeierSCB #analysis #protocol #proving
The TAMARIN Prover for the Symbolic Analysis of Security Protocols (SM, BS, CC, DAB), pp. 696–701.
CAVCAV-2013-SosnovichGN #network #protocol #using
Finding Security Vulnerabilities in a Network Protocol Using Parameterized Systems (AS, OG, GN), pp. 724–739.
ICSTICST-2013-Buchler #testing
Security Testing with Fault-Models and Properties (MB), pp. 501–502.
ICSTICST-2013-CompagnaGB #as a service #process #validation
Business Process Compliance via Security Validation as a Service (LC, PG, ADB), pp. 455–462.
ICSTICST-2013-MunetohY #agile #development #framework #named #testing
RAILROADMAP: An Agile Security Testing Framework for Web-application Development (SM, NY), pp. 491–492.
ICTSSICTSS-2013-PellegrinoCM #developer #protocol
A Tool for Supporting Developers in Analyzing the Security of Web-Based Security Protocols (GP, LC, TM), pp. 277–282.
ISSTAISSTA-2013-TrippWG #approach #learning #testing #web
Finding your way in the testing jungle: a learning approach to web security testing (OT, OW, LG), pp. 347–357.
LICSLICS-2013-Comon-Lundh #logic #modelling #named #problem
LICS: Logic in Computer Security — Some Attacker’s Models and Related Decision Problems (HCL), p. 1.
LICSLICS-2013-Halpern #first-order #logic #proving #using
From Qualitative to Quantitative Proofs of Security Properties Using First-Order Conditional Logic (JYH), pp. 2–3.
WICSA-ECSAWICSA-ECSA-2012-Al-AzzaniB #architecture #evaluation #named #testing
SecArch: Architecture-level Evaluation and Testing for Security (SAA, RB), pp. 51–60.
SIGITESIGITE-2012-Lincke #case study #health
Planning organizational security: the health first case study (SJL), pp. 3–8.
FMFM-2012-Abadi #formal method
Software Security: A Formal Perspective — (Notes for a Talk) (MA), pp. 1–5.
SEFMSEFM-2012-VorobyovKS #approach #data flow
A Low-Overhead, Value-Tracking Approach to Information Flow Security (KV, PK, PS), pp. 367–381.
CoGVS-Games-2012-OliveiraCGR #game studies
Serious Game in Security: A Solution for Security Trainees (VO, AC, RG, CR), pp. 274–282.
CoGVS-Games-2012-TeseiBK #game studies #overview #safety
Survey on Serious Games Applied to Security, Safety and Crisis Management (AT, AB, RTK), pp. 320–321.
CHICHI-2012-BullingAS #using #visual notation
Increasing the security of gaze-based cued-recall graphical passwords using saliency masks (AB, FA, AS), pp. 3011–3020.
CSCWCSCW-2012-ChiaC #web
Community-based web security: complementary roles of the serious and casual contributors (PHC, JC), pp. 1023–1032.
ICPRICPR-2012-MaLWZH #authentication #multimodal
Enhancing biometric security with wavelet quantization watermarking based two-stage multimodal authentication (BM, CL, YW, ZZ, DH), pp. 2416–2419.
KDIRKDIR-2012-Martiny
Unsupervised Discovery of Significant Candlestick Patterns for Forecasting Security Price Movements (KM), pp. 145–150.
KEODKEOD-2012-PereiraS #approach #design #information management #ontology
An Ontology Approach in Designing Security Information Systems to Support Organizational Security Risk Knowledge (TSMP, HMDS), pp. 461–466.
SEKESEKE-2012-ChenL #approach #behaviour #elicitation #ontology #requirements
Eliciting Security Requirements in the Commanded Behavior Frame: An Ontology based Approach (XC, JL), pp. 61–65.
SEKESEKE-2012-MaarabaniAC #policy #testing
Testing Interoperability Security Policies (MEM, CA, ARC), pp. 464–469.
OnwardOnward-2012-HafizAJ #pattern matching
Growing a pattern language (for security) (MH, PA, REJ), pp. 139–158.
HILTHILT-2012-HardinSWP #domain-specific language
A DSL for cross-domain security (DSH, KS, MWW, THP), pp. 53–62.
RERE-2012-PajaDPRG #named #requirements #social
STS-tool: Socio-technical Security Requirements through social commitments (EP, FD, MP, PR, PG), pp. 331–332.
RERE-2012-SalehiePOAN #adaptation #runtime
Requirements-driven adaptive security: Protecting variable assets at runtime (MS, LP, IO, RA, BN), pp. 111–120.
RERE-2012-TawhidBCAMSABR #towards
Towards outcome-based regulatory compliance in aviation security (RT, EB, NC, MA, GM, AS, DA, SAB, GR), pp. 267–272.
REFSQREFSQ-2012-ChowdhuryMSK #diagrams #requirements #risk management
Aligning Mal-activity Diagrams and Security Risk Management for Security Requirements Definitions (MJMC, RM, GS, PK), pp. 132–139.
ASEASE-2012-HwangXKMT #evolution #policy #testing
Selection of regression system tests for security policy evolution (JH, TX, DEK, TM, YLT), pp. 266–269.
FSEFSE-2012-PasqualeMSCON #adaptation #named
SecuriTAS: a tool for engineering adaptive security (LP, CM, MS, LC, IO, BN), p. 19.
FSEFSE-2012-XiaoPTX #automation #documentation #policy
Automated extraction of security policies from natural-language software documents (XX, AMP, ST, TX), p. 12.
ICSEICSE-2012-Avancini #research #testing #web
Security testing of web applications: A research plan (AA), pp. 1491–1494.
ICSEICSE-2012-YskoutSJ #architecture #question
Does organizing security patterns focus architectural choices? (KY, RS, WJ), pp. 617–627.
SACSAC-2012-AccorsiS #consistency #mining #on the #process
On the exploitation of process mining for security audits: the conformance checking case (RA, TS), pp. 1709–1716.
SACSAC-2012-BalduzziZBKL #analysis
A security analysis of amazon’s elastic compute cloud service (MB, JZ, DB, EK, SL), pp. 1427–1434.
SACSAC-2012-BeusterG #modelling #policy #smarttech
Formal security policy models for smart card evaluations (GB, KG), pp. 1640–1642.
SACSAC-2012-MonakovaBS #process #safety
Security and safety of assets in business processes (GM, ADB, AS), pp. 1667–1673.
SACSAC-2012-RodoperBJT #framework #mobile #performance
An efficient security framework for mobile WiMAX (MR, AB, EJ, WT), pp. 1494–1501.
DACDAC-2012-RajendranPSK #analysis #logic #obfuscation
Security analysis of logic obfuscation (JR, YP, OS, RK), pp. 83–89.
DATEDATE-2012-BeaumontHN #architecture #execution #hardware #replication #using
SAFER PATH: Security architecture using fragmented execution and replication for protection against trojaned hardware (MRB, BDH, TN), pp. 1000–1005.
DATEDATE-2012-JiangEP #co-evolution #communication #constraints #design #distributed #embedded #realtime
Co-design techniques for distributed real-time embedded systems with communication security constraints (KJ, PE, ZP), pp. 947–952.
OSDIOSDI-2012-WangCJZK #integer
Improving Integer Security for Systems with KINT (XW, HC, ZJ, NZ, MFK), pp. 163–177.
PDPPDP-2012-BaumannS #analysis #markov #modelling #network
Markovian Modeling and Security Measure Analysis for Networks under Flooding DoS Attacks (HB, WS), pp. 298–302.
PDPPDP-2012-GavaGP #algorithm #performance #protocol
Performance Evaluations of a BSP Algorithm for State Space Construction of Security Protocols (FG, MG, FP), pp. 170–174.
PDPPDP-2012-OchsenschlagerR #requirements
Security Requirements for Uniformly Parameterised Cooperations (PO, RR), pp. 288–292.
PDPPDP-2012-RuizHMDKC #analysis #component #embedded #modelling
A Methodology for the Analysis and Modeling of Security Threats and Attacks for Systems of Embedded Components (JFR, RH, AM, VD, IVK, AC), pp. 261–268.
TACASTACAS-2012-ArmandoAABCCCCCCEFMMOPPRRDTV #architecture #automation #framework #platform #trust #validation
The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures (AA, WA, TA, MB, AC, AC, RC, YC, LC, JC, GE, SF, MM, SM, DvO, GP, SEP, MR, MR, MTD, MT, LV), pp. 267–282.
ICSTICST-2012-ChoudharyDBJOI #challenge #internet #modelling #testing
Solving Some Modeling Challenges when Testing Rich Internet Applications for Security (SC, MED, GvB, GVJ, IVO, PI), pp. 850–857.
ICSTICST-2012-WehbiOB #monitoring #using
Events-Based Security Monitoring Using MMT Tool (BW, EMdO, MB), pp. 860–863.
IJCARIJCAR-2012-DelauneKP #constraints #protocol
Security Protocols, Constraint Systems, and Group Theories (SD, SK, DP), pp. 164–178.
TAPTAP-2012-ArmandoPCMB #automation #model checking #protocol #testing
From Model-Checking to Automated Testing of Security Protocols: Bridging the Gap (AA, GP, RC, AM, DB), pp. 3–18.
QoSAQoSA-ISARCS-2011-ArissX #modelling
Modeling security attacks with statecharts (OeA, DX), pp. 123–132.
QoSAQoSA-ISARCS-2011-KhanZ #component #embedded #monitoring
Building components with embedded security monitors (MUAK, MZ), pp. 133–142.
WICSAWICSA-2011-FaniyiBEK #architecture #predict
Evaluating Security Properties of Architectures in Unpredictable Environments: A Case for Cloud (FF, RB, AE, RK), pp. 127–136.
CSEETCSEET-2011-ChookittikulM #collaboration #effectiveness
Effective real-world project collaboration: Strategies from a cyber security degree program (WC, PEM), pp. 429–433.
ITiCSEITiCSE-2011-GuimaraesSA #education #game studies #using #video
Using video games to teach security (MAMG, HES, RA), p. 346.
ITiCSEITiCSE-2011-TaylorK #injection #student
Security injections: modules to help students remember, understand, and apply secure coding techniques (BT, SK), pp. 3–7.
SIGITESIGITE-2011-BaiT #contest #student
Cyber defense competition: enhancing student competency in information security (YB, CT), pp. 305–306.
SIGITESIGITE-2011-BassiouniG #development #education #network #research
Enhancing network security education with research and development content (MAB, RG), pp. 293–298.
MSRMSR-2011-ZamanAH #case study #debugging #performance
Security versus performance bugs: a case study on Firefox (SZ, BA, AEH), pp. 93–102.
SCAMSCAM-2011-AvanciniC #approach #search-based #testing #web
Security Testing of Web Applications: A Search-Based Approach for Cross-Site Scripting Vulnerabilities (AA, MC), pp. 85–94.
WCREWCRE-2011-BergerBS #android #case study
An Android Security Case Study with Bauhaus (BJB, MB, KS), pp. 179–183.
WCREWCRE-2011-TreudeFSS #case study #reverse engineering
An Exploratory Study of Software Reverse Engineering in a Security Context (CT, FMFF, MADS, MS), pp. 184–188.
SFMSFM-2011-CostaIMMS #trust
Security and Trust (GC, VI, FM, IM, RS), pp. 393–416.
CHICHI-2011-AyyavuJ #feedback #heuristic #privacy
Integrating user feedback with heuristic security and privacy management systems (PA, CJ), pp. 2305–2314.
CHICHI-2011-HayashiHC #authentication #visual notation
Security through a different kind of obscurity: evaluating distortion in graphical authentication schemes (EH, JIH, NC), pp. 2055–2064.
CHICHI-2011-LucaFMSHKH #internet #visualisation
Does MoodyBoard make internet use more secure?: evaluating an ambient security visualization tool (ADL, BF, MEM, JS, DH, NK, HH), pp. 887–890.
CHICHI-2011-MathiasenB #design #interactive
Experiencing security in interaction design (NRM, SB), pp. 2325–2334.
HCIHIMI-v1-2011-JeonKLW #analysis #smarttech
A Practical Analysis of Smartphone Security (WJ, JK, YL, DW), pp. 311–320.
HCIHIMI-v1-2011-Pavel11a #approach #composition #design #protocol
An Approach for Security Protocol Design Based on Zero-Knowledge Primitives Composition (OP), pp. 374–378.
CAiSECAiSE-2011-SchmidtJ #analysis #design #requirements #using
Connecting Security Requirements Analysis and Secure Design Using Patterns and UMLsec (HS, JJ), pp. 367–382.
ICEISICEIS-v1-2011-WeiY #analysis #behaviour #game studies #metric
Security Investment Analysis on Gaming Theory with Measurements of Cost and Decision Behavior (WW, RY), pp. 519–523.
ICEISICEIS-v2-2011-DingL #database #design
Based on “Scenarios-response” Model of Security Plans for Emergency Management System of Database Design (DD, XL), pp. 210–212.
ICEISICEIS-v3-2011-JiangZC #case study
Study on the Information Security System for Bank in China (XJ, ZZ, FC), pp. 190–195.
ICEISICEIS-v3-2011-ShenYZT #analysis #documentation
Analysis of Core Documents in Information Security Based on Mapping Knowledge Domains (HZS, QJY, QJZ, LyT), pp. 421–427.
KDDKDD-2011-McCue
Operational security analytics: doing more with less (CM), p. 782.
KEODKEOD-2011-BoinskiOSK #integration #ontology
Security Ontology Construction and Integration (TB, PO, JS, HK), pp. 369–374.
SEKESEKE-2011-SanfordWX #analysis #modelling #using
Security Analysis of FileZilla Server Using Threat Models (MS, DW, DX), pp. 678–682.
SEKESEKE-2011-WagnerFF #process #using
Using Security Patterns to Tailor Software Process (RW, LMF, ABF), pp. 672–677.
ECMFAECMFA-2011-JurjensMOS #evolution #incremental #modelling #verification
Incremental Security Verification for Evolving UMLsec models (JJ, LM, MO, HS), pp. 52–68.
OOPSLAOOPSLA-2011-SonMS #named #what
RoleCast: finding missing security checks when you do not know what checks are (SS, KSM, VS), pp. 1069–1084.
PLDIPLDI-2011-SrivastavaBMS #api #detection #implementation #multi #policy #using
A security policy oracle: detecting security holes using multiple API implementations (VS, MDB, KSM, VS), pp. 343–354.
PPDPPPDP-2011-BourdierC #analysis #network #policy #term rewriting #using
Symbolic analysis of network security policies using rewrite systems (TB, HC), pp. 77–88.
SASSAS-2011-Mitchell #program analysis #web
Program Analysis for Web Security (JCM), p. 4.
RERE-2011-FailyF #elicitation #requirements #usability
Eliciting usable security requirements with misusability cases (SF, IF), pp. 339–340.
RERE-2011-FranqueiraTYWN
Risk and argument: A risk-based argumentation method for practical security (VNLF, TTT, YY, RW, BN), pp. 239–248.
REFSQREFSQ-2011-KnaussHSIJ #requirements
Supporting Requirements Engineers in Recognising Security Issues (EK, SHH, KS, SI, JJ), pp. 4–18.
ICSEICSE-2011-Davies #reuse
Measuring subversions: security and legal risk in reused software artifacts (JD), pp. 1149–1151.
ICSEICSE-2011-Jurjens #automation #evolution #modelling #uml
Automated security hardening for evolving UML models (JJ), pp. 986–988.
ICSEICSE-2011-Smith #functional #requirements #testing #using
Systematizing security test case planning using functional requirements phrases (BS), pp. 1136–1137.
SACSAC-2011-Blech #encryption #logic #proving
Proving the security of ElGamal encryption via indistinguishability logic (JOB), pp. 1625–1632.
SACSAC-2011-SohrMN #aspect-oriented #mobile
Software security aspects of Java-based mobile phones (KS, TM, AN), pp. 1494–1501.
SACSAC-2011-WoodraskaSX #mutation testing #testing
Security mutation testing of the FileZilla FTP server (DW, MS, DX), pp. 1425–1430.
SACSAC-2011-ZhuYXLYGQLCG #monitoring #named #platform
VASP: virtualization assisted security monitor for cross-platform protection (MZ, MY, MX, BL, PY, SG, ZQ, LL, YC, HG), pp. 554–559.
DACDAC-2011-WeiP #using
Integrated circuit security techniques using variable supply voltage (SW, MP), pp. 248–253.
DATEDATE-2011-AliCMB #encryption #hardware #multi
Multi-level attacks: An emerging security concern for cryptographic hardware (SA, RSC, DM, SB), pp. 1176–1179.
DATEDATE-2011-SreedharK11a
Physically unclonable functions for embeded security based on lithographic variation (AS, SK), pp. 1632–1637.
PDPPDP-2011-KotenkoSD #analysis #information management #social
Security Analysis of Information Systems Taking into Account Social Engineering Attacks (IVK, MS, ED), pp. 611–618.
PDPPDP-2011-OchsenschlagerR #self
Security Properties of Self-Similar Uniformly Parameterised Systems of Cooperations (PO, RR), pp. 640–645.
PDPPDP-2011-SchmidtFSF #architecture #named
TrustBox: A Security Architecture for Preventing Data Breaches (MS, SF, RS, BF), pp. 635–639.
SOSPSOSP-2011-ColpNZACDLW
Breaking up is hard to do: security and functionality in a commodity hypervisor (PC, MN, JZ, WA, GC, TD, PL, AW), pp. 189–202.
ESOPESOP-2011-FournetP #compilation #data flow
Compiling Information-Flow Security to Minimal Trusted Computing Bases (CF, JP), pp. 216–235.
ESOPESOP-2011-HuntS #exponential #polynomial #type system
From Exponential to Polynomial-Time Security Typing via Principal Types (SH, DS), pp. 297–316.
FASEFASE-2011-HateburHJS #design #development #modelling #requirements
Systematic Development of UMLsec Design Models Based on Security Requirements (DH, MH, JJ, HS), pp. 232–246.
STOCSTOC-2011-Pass #standard
Limits of provable security from standard assumptions (RP), pp. 109–118.
CADECADE-2011-AlbertiAR #analysis #automation #named #policy
ASASP: Automated Symbolic Analysis of Security Policies (FA, AA, SR), pp. 26–33.
CADECADE-2011-ArnaudCD #protocol #recursion #testing
Deciding Security for Protocols with Recursive Tests (MA, VC, SD), pp. 49–63.
ICSTICST-2011-DadeauHK #generative #protocol #testing
Mutation-Based Test Generation from Security Protocols in HLPSL (FD, PCH, RK), pp. 240–248.
ICSTICST-2011-LetarteGM #evolution #php #web
Security Model Evolution of PHP Web Applications (DL, FG, EM), pp. 289–298.
ICSTICST-2011-Zech #in the cloud #testing
Risk-Based Security Testing in Cloud Computing Environments (PZ), pp. 411–414.
TAPTAP-2011-BuchlerOP #testing
Security Mutants for Property-Based Testing (MB, JO, AP), pp. 69–77.
DocEngDocEng-2010-SimskeSAE #documentation #ecosystem #forensics
Document imaging security and forensics ecosystem considerations (SJS, MS, GBA, PE), pp. 41–50.
DRRDRR-2010-ChenL #on the #pseudo #usability
On the usability and security of pseudo-signatures (JC, DPL), pp. 1–10.
SIGITESIGITE-2010-ChoiLO #distance #education
Feasibility of virtual security laboratory for three-tiered distance education (YBC, SL, THO), pp. 53–58.
SIGITESIGITE-2010-LewisL #education #network
TLS man-in-the-middle laboratory exercise for network security education (JL, PL), pp. 117–120.
SIGITESIGITE-2010-RutherfoordR #internet #privacy
Privacy and ethical concerns in internet security (RHR, JKR), pp. 131–134.
SIGITESIGITE-2010-WangHY #education #network #using
Using VMware VCenter lab manager in undergraduate education for system administration and network security (XW, GCH, RY), pp. 43–52.
MSRMSR-2010-GegickRX #case study #debugging #identification #industrial #mining
Identifying security bug reports via text mining: An industrial case study (MG, PR, TX), pp. 11–20.
MSRMSR-2010-MauczkaSFBG #mining
Mining security changes in FreeBSD (AM, CS, FF, MB, TG), pp. 90–93.
SEFMSEFM-2010-Pavlovic #effectiveness #overview #perspective
The Unreasonable Ineffectiveness of Security Engineering: An Overview (DP), pp. 12–18.
SFMSFM-2010-MalacariaH #data flow
Information Theory and Security: Quantitative Information Flow (PM, JH), pp. 87–134.
SFMSFM-2010-WolterR #performance #trade-off
Performance and Security Tradeoff (KW, PR), pp. 135–167.
CHICHI-2010-BlomVSGAA #mobile #safety
Fear and the city: role of mobile services in harnessing safety and security in urban use contexts (JB, DV, MS, JG, KA, RA), pp. 1841–1850.
CHICHI-2010-DenningBFGKM
Patients, pacemakers, and implantable defibrillators: human values and security for wireless implantable medical devices (TD, AB, BF, BTG, TK, WHM), pp. 917–926.
ICEISICEIS-ISAS-2010-JiagueFGKLMS #functional #modelling #policy
Model-driven Engineering of Functional Security Policies (MEJ, MF, FG, PK, RL, JM, RSD), pp. 374–379.
ICPRICPR-2010-KunduD #image
Lossless ROI Medical Image Watermarking Technique with Enhanced Security and High Payload Embedding (MKK, SD), pp. 1457–1460.
ICPRICPR-2010-YangBGB
Renewable Minutiae Templates with Tunable Size and Security (BY, CB, DG, PB), pp. 878–881.
KMISKMIS-2010-MacePM #editing #ontology
Ontology Editing Tool for Information Security and Human Factors Experts (JCM, SEP, APAvM), pp. 207–212.
SEKESEKE-2010-El-Attar #analysis #case study #precise #robust
Developing Precise Misuse Cases with Security Robustness Analysis (MEA), pp. 571–576.
SEKESEKE-2010-SeguraS #named #peer-to-peer
P2PSecT: Peer-to-peer Security Testbed (ES, XS), pp. 783–786.
SEKESEKE-2010-WyethZ #architecture #specification
Formal Specification of Software Architecture Security Tactics (AW, CZ), pp. 172–175.
PLDIPLDI-2010-ChenCS #compilation #verification
Type-preserving compilation of end-to-end verification of security enforcement (JC, RC, NS), pp. 412–423.
POPLPOPL-2010-BhargavanFG #composition #protocol #type system #verification
Modular verification of security protocol code by typing (KB, CF, ADG), pp. 445–456.
REFSQREFSQ-2010-IslamMW #elicitation #framework #privacy #requirements #towards
Towards a Framework to Elicit and Manage Security and Privacy Requirements from Laws and Regulations (SI, HM, SW), pp. 255–261.
ASEASE-2010-Abi-AntounB #architecture
Analyzing security architectures (MAA, JMB), pp. 3–12.
SACSAC-2010-CappelliCGL #analysis #requirements
Transparency versus security: early analysis of antagonistic requirements (CC, HdSC, BGB, JCSdPL), pp. 298–305.
SACSAC-2010-ClaycombLSK #network #policy
A group-based security policy for wireless sensor networks (WC, RL, DS, BK), pp. 778–785.
SACSAC-2010-ClaycombS #analysis #framework
A framework for risk analysis in virtual directory security (WC, DS), pp. 1881–1882.
SACSAC-2010-GrossklagsRCC #named #network
Nudge: intermediaries’ role in interdependent network security (JG, SR, AAC, JC), pp. 1879–1880.
SACSAC-2010-LombardiP
Transparent security for cloud (FL, RDP), pp. 414–415.
DACDAC-2010-WeiMP #hardware
Gate-level characterization: foundations and hardware security applications (SW, SM, MP), pp. 222–227.
DATEDATE-2010-Barker #aspect-oriented #network
Security aspects in 6lowPan networks (RB), p. 660.
OSDIOSDI-2010-Chlipala #policy #static analysis
Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications (AC), pp. 105–118.
PDPPDP-2010-GastiC #encryption #mobile
Breaking and Fixing the Self Encryption Scheme for Data Security in Mobile Devices (PG, YC), pp. 624–630.
PDPPDP-2010-MasonGC #architecture #evaluation #network #parallel
Evaluation of a Massively Parallel Architecture for Network Security Applications (BCM, DG, CLC), pp. 85–91.
ESOPESOP-2010-KingJMJJS #automation
Automating Security Mediation Placement (DK, SJ, DM, TJ, SJ, SAS), pp. 327–344.
FoSSaCSFoSSaCS-2010-CassezMZ #complexity #data flow
The Complexity of Synchronous Notions of Information Flow Security (FC, RvdM, CZ), pp. 282–296.
CAVCAV-2010-Jha #legacy
Retrofitting Legacy Code for Security (SJ), p. 19.
CSLCSL-2010-BasinC #protocol
Degrees of Security: Protocol Guarantees in the Face of Compromising Adversaries (DAB, CJFC), pp. 1–18.
ICSTICST-2010-ZimmermannNW #predict
Searching for a Needle in a Haystack: Predicting Security Vulnerabilities for Windows Vista (TZ, NN, LAW), pp. 421–428.
IJCARIJCAR-2010-ChevalCD #analysis #automation #constraints #equivalence
Automating Security Analysis: Symbolic Equivalence of Constraint Systems (VC, HCL, SD), pp. 412–426.
LICSLICS-2010-Abadi
The Fine Print of Security (MA), p. 110.
ICDARICDAR-2009-GarainH #authentication #documentation
Machine Authentication of Security Documents (UG, BH), pp. 718–722.
SIGMODSIGMOD-2009-CorcoranSH #web
Cross-tier, label-based security enforcement for web applications (BJC, NS, MWH), pp. 269–282.
SIGMODSIGMOD-2009-NehmeLBR #approach #data type #named #privacy #towards
StreamShield: a stream-centric approach towards security and privacy in data stream environments (RVN, HSL, EB, EAR), pp. 1027–1030.
ITiCSEITiCSE-2009-SaidGMJ #database
Database and database application security (HES, MAMG, ZM, LJ), pp. 90–93.
SIGITESIGITE-2009-Hartpence #case study #experience #network #source code
Qos content and experiences for IT, networking and security programs (BH), pp. 60–64.
CSMRCSMR-2009-NagyM #analysis #fault
Static Security Analysis Based on Input-Related Software Faults (CN, SM), pp. 37–46.
FMFM-2009-McIverM #case study #composition #refinement
Sums and Lovers: Case Studies in Security, Compositionality and Refinement (AM, CCM), pp. 289–304.
FMFM-2009-McIverMM #probability
Security, Probability and Nearly Fair Coins in the Cryptographers’ Café (AM, LM, CM), pp. 41–71.
RTARTA-2009-BursucC #algebra #bound #protocol
Protocol Security and Algebraic Properties: Decision Results for a Bounded Number of Sessions (SB, HCL), pp. 133–147.
HCIHCD-2009-KondoY #case study
HCD Case Study for the Information Security Training System (AK, MY), pp. 979–985.
HCIHIMI-DIE-2009-Ocenasek09b #architecture #towards
Towards Security Issues in ZigBee Architecture (PO), pp. 587–593.
HCIHIMI-DIE-2009-TarasewichNS #mobile #privacy
Exploring Employee Perspectives on Information Privacy and Security in the Mobile Environment (PT, BN, MS), pp. 171–180.
ICEISICEIS-ISAS-2009-ArmenterosMMS #communication #dependence #prototype
Security and Dependability in Ambient Intelligence Scenarios — The Communication Prototype (ÁA, AM, AM, DS), pp. 49–56.
ICEISICEIS-ISAS-2009-Barjis09a #information management #modelling #process
Information Systems Security based on Business Process Modeling (JB), pp. 213–218.
ICEISICEIS-ISAS-2009-SunyaevKMK #analysis #health
Security Analysis of the German Electronic Health Card’s Peripheral Parts (AS, AK, CM, HK), pp. 19–26.
SEKESEKE-2009-Abu-NimehMM #privacy #requirements
Integrating Privacy Requirements into Security Requirements Engineering (SAN, SM, NRM), pp. 542–547.
MODELSMoDELS-2009-LloydJ #analysis #authentication #ml #using
Security Analysis of a Biometric Authentication System Using UMLsec and JML (JL, JJ), pp. 77–91.
MODELSMoDELS-2009-LloydJ #analysis #authentication #ml #using
Security Analysis of a Biometric Authentication System Using UMLsec and JML (JL, JJ), pp. 77–91.
ECOOPECOOP-2009-DamJLP #java #monitoring #parallel #thread
Security Monitor Inlining for Multithreaded Java (MD, BJ, AL, FP), pp. 546–569.
AdaEuropeAdaEurope-2009-DelangePF #architecture #requirements #safety #validation
Validating Safety and Security Requirements for Partitioned Architectures (JD, LP, PHF), pp. 30–43.
RERE-2009-ElahiY #analysis #requirements #trade-off #trust
Trust Trade-off Analysis for Security Requirements Engineering (GE, ESKY), pp. 243–248.
RERE-2009-LongLYJ #approach #evaluation #requirements
AVT Vector: A Quantitative Security Requirements Evaluation Approach Based on Assets, Vulnerabilities and Trustworthiness of Environment (TL, LL, YY, ZJ), pp. 377–378.
ESEC-FSEESEC-FSE-2009-BezemerMD #automation #interactive #testing #web
Automated security testing of web widget interactions (CPB, AM, AvD), pp. 81–90.
SACSAC-2009-AhamedKHZ #towards #trust
Towards developing a trust-based security solution (SIA, DK, CSH, MZ), pp. 2204–2205.
SACSAC-2009-HoqueRA #authentication #privacy #protocol #robust #using
Supporting recovery, privacy and security in RFID systems using a robust authentication protocol (MEH, FR, SIA), pp. 1062–1066.
SACSAC-2009-LombardiP #kernel #linux #named #virtual machine
KvmSec: a security extension for Linux kernel virtual machines (FL, RDP), pp. 2029–2034.
SACSAC-2009-SchryenK #open source #towards
Open source vs. closed source software: towards measuring security (GS, RK), pp. 2016–2023.
SACSAC-2009-YokoyamaHSK #internet #operating system #policy
Simplifying security policy descriptions for internet servers in secure operating systems (TY, MH, MS, KK), pp. 326–333.
DATEDATE-2009-PatelPR #architecture #framework #named
CUFFS: An instruction count based architectural framework for security of MPSoCs (KP, SP, RGR), pp. 779–784.
SOSPSOSP-2009-YipWZK #data flow
Improving application security with data flow assertions (AY, XW, NZ, MFK), pp. 291–304.
FASEFASE-2009-HermannEE #graph #inheritance #network
Transformation of Type Graphs with Inheritance for Ensuring Security in E-Government Networks (FH, HE, CE), pp. 325–339.
FASEFASE-2009-HuismanT #automaton #ml
A Formal Connection between Security Automata and JML Annotations (MH, AT), pp. 340–354.
STOCSTOC-2009-LinPV #concurrent #framework
A unified framework for concurrent security: universal composability from stand-alone non-malleability (HL, RP, MV), pp. 179–188.
CADECADE-2009-CiobacaDK #convergence #equation #protocol
Computing Knowledge in Security Protocols under Convergent Equational Theories (SC, SD, SK), pp. 355–370.
CAVCAV-2009-AbadiBC #modelling #protocol #proving
Models and Proofs of Protocol Security: A Progress Report (MA, BB, HCL), pp. 35–49.
ICSTICST-2009-MouelhiTB #functional #policy #testing
Transforming and Selecting Functional Test Cases for Security Policy Testing (TM, YLT, BB), pp. 171–180.
TAPTAP-2009-Chetali #certification #formal method #smarttech #testing
Security Testing and Formal Methods for High Levels Certification of Smart Cards (BC), pp. 1–5.
FATESTestCom-FATES-2009-MarchandDJ #automation #data access #testing
Automatic Testing of Access Control for Security Properties (HM, JD, TJ), pp. 113–128.
VMCAIVMCAI-2009-Cortier #protocol #verification
Verification of Security Protocols (VC), pp. 5–13.
ECSAECSA-2008-ChatzigiannakisLSS
A Security Model for Internet-Based Digital Asset Management Systems (IC, VL, DS, PGS), pp. 326–329.
DocEngDocEng-2008-GormishWPH #approach #distributed #documentation #flexibility #metadata
Document logs: a distributed approach to metadata for better security and flexibility (MJG, GW, KWP, PH), pp. 119–122.
CSEETCSEET-2008-Epstein08a #process #re-engineering
A Software Engineering Course with an Emphasis on Software Processes and Security (RGE), pp. 67–73.
ITiCSEITiCSE-2008-CatuognoS #internet #network
An internet role-game for the laboratory of network security course (LC, ADS), pp. 240–244.
SIGITESIGITE-2008-Meiselwitz
Information security across disciplines (GM), pp. 99–104.
SIGITESIGITE-2008-Walden #education #web
Integrating web application security into the IT curriculum (JW), pp. 187–192.
SIGITESIGITE-2008-Wang #concurrent #education #thread
A security thread in a thread-based curriculum (AJAW), pp. 193–200.
ICALPICALP-B-2008-Canetti #analysis #composition #performance
Composable Formal Security Analysis: Juggling Soundness, Simplicity and Efficiency (RC), pp. 1–13.
ICALPICALP-C-2008-PrabhakaranR #encryption
Homomorphic Encryption with CCA Security (MP, MR), pp. 667–678.
ICALPICALP-C-2008-WehnerW #bound #composition
Composable Security in the Bounded-Quantum-Storage Model (SW, JW), pp. 604–615.
FMFM-2008-ChetaliN #evaluation #formal method #industrial #using
Industrial Use of Formal Methods for a High-Level Security Evaluation (BC, QHN), pp. 198–213.
FMFM-2008-GrandyBSSR #protocol #verification
Verification of Mondex Electronic Purses with KIV: From a Security Protocol to Verified Code (HG, MB, KS, GS, WR), pp. 165–180.
FMFM-2008-LintelmanRLS #formal method
Formal Methods for Trustworthy Skies: Building Confidence in the Security of Aircraft Assets Distribution (SL, RR, ML, KS), pp. 406–410.
SEFMSEFM-2008-Giacobazzi #abstract interpretation
Abstract Interpretation in Code Security (RG), p. 3.
HaskellHaskell-2008-RussoCH #data flow #haskell #library
A library for light-weight information-flow security in haskell (AR, KC, JH), pp. 13–24.
ICGTICGT-2008-Grohmann #encryption #graph
Security, Cryptography and Directed Bigraphs (DG), pp. 487–489.
CHICHI-2008-ReederBCRBHS #authoring #policy #visualisation
Expandable grids for visualizing and authoring computer security policies (RWR, LB, LFC, MKR, KB, KH, HS), pp. 1473–1482.
CHICHI-2008-StollTES #named #visualisation
Sesame: informing user security decisions with system visualization (JS, CST, WKE, KS), pp. 1045–1054.
CAiSECAiSE-2008-MatuleviciusMMDHG #adaptation #development #information management #risk management
Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development (RM, NM, HM, ED, PH, NG), pp. 541–555.
EDOCEDOC-2008-Quint #as a service #automation #distributed
SOA Security — as a Service Automatic Conversion in Distributed Infrastructures (BQ).
EDOCEDOC-2008-SommestadEJ #analysis #architecture #enterprise #graph #modelling
Combining Defense Graphs and Enterprise Architecture Models for Security Analysis (TS, ME, PJ), pp. 349–355.
ICEISICEIS-ISAS2-2008-HuberSK #analysis #framework #health
Security Analysis of the Health Care Telematics Infrastructure in Germany (MJH, AS, HK), pp. 144–153.
ICEISICEIS-ISAS2-2008-KiyomotoOT #automation #generative #on the fly #protocol
On-the-Fly Automatic Generation of Security Protocols (SK, HO, TT), pp. 97–104.
SEKESEKE-2008-LiuLZL #logic #protocol
Supremum of Agent Number Needed in Analyzing Security Protocols Based on Horn Logic (FL, ZL, TZ, ML), pp. 795–801.
SEKESEKE-2008-Shaffer #domain model #source code #static analysis #verification
A Security Domain Model for Static Analysis and Verification of Software Programs (ABS), pp. 673–678.
SEKESEKE-2008-TekbacakTD #approach #certification #data access #semantics #using
A Semantic Based Certification and Access Control Approach Using Security Patterns on SEAGENT (FT, TT, OD), pp. 741–744.
SEKESEKE-2008-TsigkritisS #dependence #runtime
Diagnosing Runtime Violations of Security & Dependability Properties (TT, GS), pp. 661–666.
ECMFAECMDA-FA-2008-ClavelSBE #experience #industrial #modelling
Model-Driven Security in Practice: An Industrial Experience (MC, VTdS, CB, ME), pp. 326–337.
MODELSMoDELS-2008-MouelhiFBT #deployment #framework #modelling #policy #specification #testing
A Model-Based Framework for Security Policy Specification, Deployment and Testing (TM, FF, BB, YLT), pp. 537–552.
MODELSMoDELS-2008-MouelhiFBT #deployment #framework #modelling #policy #specification #testing
A Model-Based Framework for Security Policy Specification, Deployment and Testing (TM, FF, BB, YLT), pp. 537–552.
POPLPOPL-2008-FournetR #data flow #encryption #implementation
Cryptographically sound implementations for typed information-flow security (CF, TR), pp. 323–335.
PPDPPPDP-2008-OlarteV #monad
The expressivity of universal timed CCP: undecidability of Monadic FLTL and closure operators for security (CO, FDV), pp. 8–19.
RERE-2008-CalleleNS #game studies #requirements #video
Balancing Security Requirements and Emotional Requirements in Video Games (DC, EN, KS), pp. 319–320.
RERE-2008-WeissM #requirements
Selecting Security Patterns that Fulfill Security Requirements (MW, HM), pp. 169–172.
ICSEICSE-2008-JurjensSB #analysis #mobile #modelling
Model-based security analysis for mobile communications (JJ, JS, PB), pp. 683–692.
ICSEICSE-2008-WhittleWH #case study #execution #modelling
Executable misuse cases for modeling security concerns (JW, DW, MH), pp. 121–130.
ICSEICSE-2008-XiaoLG #distributed #protocol
Developing a security protocol for a distributed decision support system in a healthcare environment (LX, PHL, AG), pp. 673–682.
SACSAC-2008-DelessyF #process
A pattern-driven security process for SOA applications (NAD, EBF), pp. 2226–2227.
SACSAC-2008-GarciaT #semantics #using #web #web service
Web service security management using semantic web techniques (DZGG, MBFdT), pp. 2256–2260.
SACSAC-2008-OlarteV #concurrent #constraints #semantics
Universal concurrent constraint programing: symbolic semantics and applications to security (CO, FDV), pp. 145–150.
SACSAC-2008-ZhangNLH #approach #enterprise #modelling #network
A model-based semi-quantitative approach for evaluating security of enterprise networks (ZZ, FNA, XL, PHH), pp. 1069–1074.
ASPLOSASPLOS-2008-LvinNBZ #named #reliability
Archipelago: trading address space for reliability and security (VBL, GN, EDB, BGZ), pp. 115–124.
ASPLOSASPLOS-2008-NightingalePCF #hardware
Parallelizing security checks on commodity hardware (EBN, DP, PMC, JF), pp. 308–318.
DACDAC-2008-PatelP #design #hardware #named #reliability
SHIELD: a software hardware design methodology for security and reliability of MPSoCs (KP, SP), pp. 858–861.
DATEDATE-2008-ThoguluvaRC #architecture #performance #programmable #using
Efficient Software Architecture for IPSec Acceleration Using a Programmable Security Processor (JT, AR, STC), pp. 1148–1153.
OSDIOSDI-2008-ZeldovichKDK #hardware #memory management #policy #using
Hardware Enforcement of Application Security Policies Using Tagged Memory (NZ, HK, MD, CK), pp. 225–240.
FASEFASE-2008-JurjensSY #analysis #automation #using
Automated Analysis of Permission-Based Security Using UMLsec (JJ, JS, YY), pp. 292–295.
CAVCAV-2008-BackesLMP #abstraction #analysis #protocol
The CASPA Tool: Causality-Based Abstraction for Security Protocol Analysis (MB, SL, MM, KP), pp. 419–422.
CAVCAV-2008-Cremers #analysis #protocol #verification
The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols (CJFC), pp. 414–418.
ICLPICLP-2008-Beauxis #concurrent #modelling #probability
Probabilistic and Concurrent Models for Security (RB), pp. 801–802.
ICLPICLP-2008-BonattiCOS #privacy #trust
Policy-Driven Negotiations and Explanations: Exploiting Logic-Programming for Trust Management, Privacy & Security (PAB, JLDC, DO, LS), pp. 779–784.
ICLPICLP-2008-Tsitovich #detection #model checking #using
Detection of Security Vulnerabilities Using Guided Model Checking (AT), pp. 822–823.
IJCARIJCAR-2008-Comon-Lundh #automation #challenge #protocol #verification
Challenges in the Automated Verification of Security Protocols (HCL), pp. 396–409.
ISSTAISSTA-2008-BalzarottiBCFKRVV #testing
Are your votes really counted?: testing the security of real-world electronic voting systems (DB, GB, MC, VF, RAK, WKR, FV, GV), pp. 237–248.
MBTMBT-2008-Jurjens #case study #modelling #testing #using
Model-based Security Testing Using UMLsec: A Case Study (JJ), pp. 93–104.
FATESTestCom-FATES-2008-ShuCLLSL #framework #named #network #paradigm #testing
VCSTC: Virtual Cyber Security Testing Capability — An Application Oriented Paradigm for Network Infrastructure Protection (GS, DC, ZL, NL, LS, DL), pp. 119–134.
VMCAIVMCAI-2008-Pistoia #program analysis #programming language
Program Analysis and Programming Languages for Security (MP), p. 7.
VLDBVLDB-2007-WongCHKM #mining #outsourcing
Security in Outsourcing of Association Rule Mining (WKW, DWC, EH, BK, NM), pp. 111–122.
ITiCSEITiCSE-2007-Ghafarian #assurance
Ideas for projects in undergraduate information assurance and security courses (AG), p. 322.
SIGITESIGITE-2007-GuimaraesM #animation #database #education #using
Using animation courseware in the teaching of database security (MAMG, MM), pp. 253–258.
SIGITESIGITE-2007-Pan #development
Security auditing course development (YP), pp. 259–266.
ICALPICALP-2007-KiayiasZ #adaptation #composition
Trading Static for Adaptive Security in Universally Composable Zero-Knowledge (AK, HSZ), pp. 316–327.
IFMIFM-2007-BraghinSB #automation #mobile #policy #verification
Automated Verification of Security Policies in Mobile Code (CB, NS, KBA), pp. 37–53.
SEFMSEFM-2007-GrandyBSR #encoding #named #protocol
ASN1-light: A Verified Message Encoding for Security Protocols (HG, RB, KS, WR), pp. 195–204.
SEFMSEFM-2007-SalehD #approach #novel #verification
Verifying Security Properties of Cryptoprotocols: A Novel Approach (MS, MD), pp. 349–360.
CHICHI-2007-SinghCDAF #design #social
Password sharing: implications for security design based on social practice (SS, AC, CD, GA, MF), pp. 895–904.
HCIHCI-AS-2007-HuangRS #overview #people
A Survey of Factors Influencing People’s Perception of Information Security (DLH, PLPR, GS), pp. 906–915.
HCIHCI-AS-2007-ZouDDQ #dependence #information management
Dependability and Security in Medical Information System (XZ, YSD, BND, MQ), pp. 549–558.
HCIHCI-IDU-2007-EktareY
The Balancing Act Between Computer Security and Convenience (ME, YY), pp. 731–735.
HCIHCI-IPT-2007-HuangT #scalability #smarttech
A Wearable Computing Environment for the Security of a Large-Scale Factory (JyH, CHT), pp. 1113–1122.
HCIHCI-MIE-2007-CulenR #design #personalisation #privacy
Designing Personalized Media Center with Focus on Ethical Issues of Privacy and Security (ALC, YR), pp. 829–835.
EDOCEDOC-2007-ChenAQH #network #self
Self-Configuration of Network Security (HC, YBAN, GQ, SH), pp. 97–110.
EDOCEDOC-2007-LiningtonL #approach #behaviour #modelling #using
Incorporating Security Behaviour into Business Models Using a Model Driven Approach (PFL, PL), pp. 405–413.
EDOCEDOC-2007-MohammadCWWS #architecture #multi #quality
A Multi-Layer Security Enabled Quality of Service (QoS) Management Architecture (AM, AC, GW, CW, RAS), pp. 423–434.
ICEISICEIS-EIS-2007-Egyhazy #architecture #comparison #design
Comparison of Five Architecture Description Languages on Design Focus, Security and Style (CJE), pp. 270–277.
ICEISICEIS-EIS-2007-EnstromWH #assurance #enterprise
A Reference Model for Enterprise Security — High Assurance Enterprise Security (DWE, DW, SH), pp. 355–364.
ICEISICEIS-EIS-2007-FosterLHS
A Change Strategy for Organisational Security: The Role of Critical Success Factors (SF, KL, PH, AS), pp. 375–380.
ICEISICEIS-EIS-2007-KukhunS #enterprise #information management #pervasive
Interoperability in Pervasive Enterprise Information Systems — A Double-Faced Coin Between Security And Accessability (DAK, FS), pp. 237–242.
ICEISICEIS-EIS-2007-MehrS #modelling #uml
Modelling of Message Security Concerns with UML (FM, US), pp. 365–374.
SEKESEKE-2007-ShiN #component #java #named #static analysis
SAFES: A Static Analysis for Field Security in Java Components (AS, GN), pp. 302–307.
LOPSTRLOPSTR-2007-BossiPR #algebra #process #refinement
Action Refinement in Process Algebra and Security Issues (AB, CP, SR), pp. 201–217.
POPLPOPL-2007-Malacaria
Assessing security threats of looping constructs (PM), pp. 225–235.
POPLPOPL-2007-YuCIS #javascript
JavaScript instrumentation for browser security (DY, AC, NI, IS), pp. 237–249.
AdaSIGAda-2007-Chapman #named
MF1: security by construction (RC), pp. 5–6.
REFSQREFSQ-2007-DarimontL #requirements #uml
Security Requirements for Civil Aviation with UML and Goal Orientation (RD, ML), pp. 292–299.
ASEASE-2007-Abi-AntounWT #consistency #data flow #diagrams #implementation #modelling
Checking threat modeling data flow diagrams for implementation conformance and security (MAA, DW, PT), pp. 393–396.
ASEASE-2007-JurjensY #modelling #tool support
Tools for model-based security engineering: models vs. code (JJ, YY), pp. 545–546.
ESEC-FSEESEC-FSE-2007-Hanna #implementation #lightweight #named #network #protocol #verification
SLEDE: lightweight verification of sensor network security protocol implementations (YH), pp. 591–594.
ICSEICSE-2007-BestJN #distributed #information management #modelling #using
Model-Based Security Engineering of Distributed Information Systems Using UMLsec (BB, JJ, BN), pp. 581–590.
ICSEICSE-2007-PistoiaFFY #enterprise #modelling #policy #validation
When Role Models Have Flaws: Static Validation of Enterprise Security Policies (MP, SJF, RJF, EY), pp. 478–488.
ICSEICSE-2007-RubinM #education #re-engineering
Creating a Computer Security Curriculum in a Software Engineering Program (BSR, BSM), pp. 732–735.
ICSEICSE-2007-SkogsrudBCT #protocol
Managing Impacts of Security Protocol Changes in Service-Oriented Applications (HS, BB, FC, FT), pp. 468–477.
SACSAC-2007-KoralalageRMGC #approach #lifecycle #privacy
POP method: an approach to enhance the security and privacy of RFID systems used in product lifecycle with an anonymous ownership transferring mechanism (KHSSK, MRS, JM, YG, JC), pp. 270–275.
SACSAC-2007-MorimotoSGC #specification #verification
Formal verification of security specifications with common criteria (SM, SS, YG, JC), pp. 1506–1512.
SACSAC-2007-NoordendeBT #mobile #using
Guarding security sensitive content using confined mobile agents (Gv'N, FMTB, AST), pp. 48–55.
SACSAC-2007-OrlovskyR #distributed #policy
Decentralized enforcement of security policies for distributed computational systems (AO, DR), pp. 241–248.
SACSAC-2007-SpanoudakisKA #monitoring #towards
Towards security monitoring patterns (GS, CK, KA), pp. 1518–1525.
SACSAC-2007-YaoKBT #delivery #distributed #web
Decentralized authorization and data security in web content delivery (DY, YK, EB, RT), pp. 1654–1661.
DACDAC-2007-KoushanfarP #encryption
CAD-based Security, Cryptography, and Digital Rights Management (FK, MP), pp. 268–269.
DATEDATE-2007-VerbauwhedeS #design #trust
Design methods for security and trust (IV, PS), pp. 672–677.
HPDCHPDC-2007-DemchenkoSGLGK
Security and dynamics in customer controlled virtual workspace organisation (YD, FS, LG, CTAMdL, DLG, OK), pp. 231–232.
PDPPDP-2007-AldinucciD #cost analysis
The cost of security in skeletal systems (MA, MD), pp. 213–220.
PDPPDP-2007-CilardoCMR #delivery #hardware #programmable #web #web service
Combining Programmable Hardware and Web Services Technologies for Delivering High-Performance and Interoperable Security (AC, LC, AM, LR), pp. 381–386.
PDPPDP-2007-CilardoCMR07a #approach #evaluation #performance
Performance Evaluation of Security Services: An Experimental Approach (AC, LC, AM, LR), pp. 387–394.
ESOPESOP-2007-MantelR #classification #what
Controlling the What and Where of Declassification in Language-Based Security (HM, AR), pp. 141–156.
TACASTACAS-2007-CortierKS #analysis #automation
Automatic Analysis of the Security of XOR-Based Key Management Schemes (VC, GK, GS), pp. 538–552.
AMOSTA-MOST-2007-MassonJPJD #automation #generative #modelling #testing
Automatic generation of model based tests for a class of security properties (PAM, JJ, JCP, EJ, GD), pp. 12–22.
SIGMODSIGMOD-2006-ManjhiAMMOT #data-driven #scalability #web
Simultaneous scalability and security for data-intensive web applications (AM, AA, BMM, TCM, CO, AT), pp. 241–252.
CSEETCSEET-2006-MeadH #case study #education #re-engineering #requirements
Security Requirements Engineering for Software Systems: Case Studies in Support of Software Engineering Education (NRM, EDH), pp. 149–158.
SIGITESIGITE-2006-Gutierrez #approach #learning #named
Stingray: a hands-on approach to learning information security (FG), pp. 53–58.
SIGITESIGITE-2006-Holland-Minkley #named
Cyberattacks: a lab-based introduction to computer security (AMHM), pp. 39–46.
SIGITESIGITE-2006-LahoudT #distance #education
Information security labs in IDS/IPS for distance education (HAL, XT), pp. 47–52.
WCREWCRE-2006-MoonenM
Code Based Software Security Assessments (LM, SM), p. 313.
ICALPICALP-v2-2006-HarnikN #bound #hybrid #on the
On Everlasting Security in the Hybrid Bounded Storage Model (DH, MN), pp. 192–203.
FMFM-2006-DelahayeED #using
Certifying Airport Security Regulations Using the Focal Environment (DD, JFÉ, VDG), pp. 48–63.
FMFM-2006-Johnson #effectiveness #re-engineering
Cost Effective Software Engineering for Security (DRJ), pp. 607–611.
FMFM-2006-Jurjens #modelling
Model-Based Security Engineering for Real (JJ), pp. 600–606.
FMFM-2006-Oheimb #formal method
Formal Methods in the Security Business: Exotic Flowers Thriving in an Expanding Niche (DvO), pp. 592–597.
FMFM-2006-Stephan #formal method #lightweight #plugin
Formal Methods for Security: Lightweight Plug-In or New Engineering Discipline (WS), pp. 587–591.
CHICHI-2006-WuMG #question
Do security toolbars actually prevent phishing attacks? (MW, RCM, SLG), pp. 601–610.
CAiSECAiSE-2006-BrylMMZ #design #modelling #requirements
Designing Security Requirements Models Through Planning (VB, FM, JM, NZ), pp. 33–47.
EDOCEDOC-2006-AndersonR #enterprise
Information Security Guidance for Enterprise Transformation (JAA, VR), pp. 459–462.
EDOCEDOC-2006-TangCLZY #evaluation #performance #web #web service
A Performance Evaluation of Web Services Security (KT, SC, DL, JZ, BY), pp. 67–74.
EDOCEDOC-2006-WangCL #enterprise #persistent
Anonymity and Security Support for Persistent Enterprise Conversation (CW, DKWC, HfL), pp. 471–476.
ICEISICEIS-ISAS-2006-BenferhatB #policy
Argument-Based Approaches in Prioritized Conflicting Security Policies (SB, REB), pp. 349–354.
CIKMCIKM-2006-BaileyHM #documentation #enterprise #implementation #performance #trade-off
Secure search in enterprise webs: tradeoffs in efficient implementation for document level security (PB, DH, BM), pp. 493–502.
CIKMCIKM-2006-Kielman #realtime
The real-time nature and value of homeland security information (JK), p. 3.
ICPRICPR-v4-2006-XieZH
NDFT-based Audio Watermarking Scheme with High Security (LX, JZ, HH), pp. 270–273.
SEKESEKE-2006-Merz #approach #java #using
Using the Dynamic Proxy Approach to Introduce Role-Based Security to Java Data Objects (MM), pp. 404–409.
SEKESEKE-2006-PilskalnsA #design #ocl #testing #uml #using
Using UML Designs to Generate OCL for Security Testing (OP, AAA), pp. 505–510.
MODELSMoDELS-2006-HafnerAB #architecture #modelling #qvt #towards
Towards a MOF/QVT-Based Domain Architecture for Model Driven Security (MH, MA, RB), pp. 275–290.
SPLCSPL-BOOK-2006-ArciniegasDRCBO #architecture #evolution #product line #reasoning
Architecture Reasoning for Supporting Product Line Evolution: An Example on Security (JLA, JCD, JLR, RC, JBM, MO), pp. 327–372.
SPLCSPL-BOOK-2006-FaegriH #architecture #product line
A Software Product Line Reference Architecture for Security (TEF, SOH), pp. 275–326.
MODELSMoDELS-2006-HafnerAB #architecture #modelling #qvt #towards
Towards a MOF/QVT-Based Domain Architecture for Model Driven Security (MH, MA, RB), pp. 275–290.
QAPLQAPL-2005-LanotteMT06 #classification #probability
A Classification of Time and/or Probability Dependent Security Properties (RL, AMS, AT), pp. 177–193.
LOPSTRLOPSTR-2006-MantelSK #data flow #proving #verification
Combining Different Proof Techniques for Verifying Information Flow Security (HM, HS, TK), pp. 94–110.
POPLPOPL-2006-HuntS #on the
On flow-sensitive security types (SH, DS), pp. 79–90.
QAPLQAPL-2006-AdaoMRV #analysis #protocol #towards
Towards a Quantitative Analysis of Security Protocols (PA, PM, TR, LV), pp. 3–25.
ASEASE-2006-Jurjens #analysis #automation #java #proving #source code #theorem proving #using
Security Analysis of Crypto-based Java Programs using Automated Theorem Provers (JJ), pp. 167–176.
ICSEICSE-2006-JurjensF #modelling #tool support
Tools for model-based security engineering (JJ, JF), pp. 819–822.
SACSAC-2006-CreeseGRX #ad hoc #multi
Bootstrapping multi-party ad-hoc security (SC, MG, BR, MX), pp. 369–375.
SACSAC-2006-HeatherS #analysis #infinity #protocol
To infinity and beyond or, avoiding the infinite in security protocol analysis (JH, SS), pp. 346–353.
SACSAC-2006-MorimotoSGC #specification #standard #verification
A security specification verification technique based on the international standard ISO/IEC 15408 (SM, SS, YG, JC), pp. 1802–1803.
SACSAC-2006-WelchL #policy
Policy-driven reflective enforcement of security policies (IW, FL), pp. 1580–1584.
CASECASE-2006-Tan #automation
Automatic Interpretation of Human and Vehicle Motion for Enhanced Security (TT), p. 2.
CGOCGO-2006-ZhangZP #compilation #optimisation
Compiler Optimizations to Reduce Security Overhead (TZ, XZ, SP), pp. 346–357.
DACDAC-2006-AroraRRSJC #architecture #mobile #multi
Software architecture exploration for high-performance security processing on a multiprocessor mobile SoC (DA, AR, SR, MS, NKJ, STC), pp. 496–501.
DACDAC-2006-RagelP #monitoring #named #reliability
IMPRES: integrated monitoring for processor reliability and security (RGR, SP), pp. 502–505.
DACDAC-2006-WangLLYHWH #design #framework #network #platform
A network security processor design based on an integrated SOC design and test platform (CHW, CYL, MSL, JCY, CTH, CWW, SYH), pp. 490–495.
DATEDATE-DF-2006-AkselrodAA #architecture #debugging #framework #independence #multi #platform
Platform independent debug port controller architecture with security protection for multi-processor system-on-chip ICs (DA, AA, YA), pp. 30–35.
HPCAHPCA-2006-ShiFGLZY #architecture #in memory #memory management #named
InfoShield: a security architecture for protecting information usage in memory (WS, JBF, GG, HHSL, YZ, JY), pp. 222–231.
STOCSTOC-2006-KushilevitzLR #composition #protocol
Information-theoretically secure protocols and security under composition (EK, YL, TR), pp. 109–118.
FATESFATES-RV-2006-FalconeFMR #calculus #framework #network #policy
A Test Calculus Framework Applied to Network Security Policies (YF, JCF, LM, JLR), pp. 55–69.
ICLPICLP-2006-LopezPPRV #concurrent #constraints #declarative #framework #programming
A Declarative Framework for Security: Secure Concurrent Constraint Programming (HAL, CP, JAP, CR, FDV), pp. 449–450.
LICSLICS-2006-Gordon #implementation #protocol
Provable Implementations of Security Protocols (ADG), pp. 345–346.
ICTSSTestCom-2006-DarmaillacqFGMR #generative #network #testing
Test Generation for Network Security Rules (VD, JCF, RG, LM, JLR), pp. 341–356.
ICTSSTestCom-2006-ShuL #monitoring #protocol #testing
Message Confidentiality Testing of Security Protocols — Passive Monitoring and Active Checking (GS, DL), pp. 357–372.
PODSPODS-2005-AbadiW #analysis #documentation #encryption #xml
Security analysis of cryptographically controlled access to XML documents (MA, BW), pp. 108–117.
ITiCSEITiCSE-2005-TobinW #education #using
Using a windows attack intRusion emulator (AWARE) to teach computer security awareness (DLTJ, MSW), pp. 213–217.
SIGITESIGITE-2005-Crowley #development #open source
Open source centric information security lab development (EC), pp. 57–63.
SIGITESIGITE-2005-DardickL #forensics
Interdisciplinary minor in digital forensics, security and law (GSD, LKL), p. 371.
SIGITESIGITE-2005-DarkEL #assurance #education #integration
Integration of information assurance and security into the IT2005 model curriculum (MJD, JJE, BML), pp. 7–14.
SIGITESIGITE-2005-Hartpence #education
Teaching wireless security for results (BH), pp. 89–93.
SIGITESIGITE-2005-Robila #distributed #education
Distributed computing and computer security education (SAR), pp. 383–384.
SIGITESIGITE-2005-RobilaB #requirements
Writing requirements in computer security (SAR, CB), pp. 385–386.
SIGITESIGITE-2005-Valentine
Practical computer security: a new service course based upon the national strategy to secure cyberspace (DWV), pp. 185–189.
SIGITESIGITE-2005-Wang #interactive
Web-based interactive courseware for information security (AJAW), pp. 199–204.
ICSMEICSM-2005-Jurjens #comprehension #implementation
Understanding Security Goals Provided by Crypto-Protocol Implementations (JJ), pp. 643–646.
IWPCIWPC-2005-HogganvikS #comprehension #on the
On the Comprehension of Security Risk Scenarios (IH, KS), pp. 115–124.
WCREWCRE-2005-WangCD #using
Enhancing Security Using Legality Assertions (LW, JRC, TRD), pp. 35–44.
ICALPICALP-2005-DattaDMST #logic #polynomial #probability #protocol #semantics
Probabilistic Polynomial-Time Semantics for a Protocol Security Logic (AD, AD, JCM, VS, MT), pp. 16–29.
ICALPICALP-2005-Hopper #on the
On Steganographic Chosen Covertext Security (NH), pp. 311–323.
ICALPICALP-2005-LipmaaWB #verification
Designated Verifier Signature Schemes: Attacks, New Security Notions and a New Construction (HL, GW, FB), pp. 459–471.
ICALPICALP-2005-TamassiaT #bound
Computational Bounds on Hierarchical Data Processing with Applications to Information Security (RT, NT), pp. 153–165.
FMFM-2005-AndronickCP #embedded #smarttech #source code #verification
Formal Verification of Security Properties of Smart Card Embedded Source Code (JA, BC, CPM), pp. 302–317.
FMFM-2005-BuchholtzGHM #analysis #framework #performance #platform
End-to-End Integrated Security and Performance Analysis on the DEGAS Choreographer Platform (MB, SG, VH, CM), pp. 286–301.
IFMIFM-2005-BracherK #specification #testing
Enabling Security Testing from Specification to Code (SB, PK), pp. 150–166.
EDOCEDOC-2005-JohanssonJ #assessment #enterprise
Assessment of Enterprise Information Security — The Importance of Prioritization (EJ, PJ), pp. 207–218.
ICEISICEIS-v1-2005-Fernandez #design #uml #using
Security Patterns and Secure Systems Design Using UML (EBF), p. 21.
ICEISICEIS-v3-2005-HafnerBB #architecture #standard #web #web service #workflow
A Security Architecture for Inter-Organizational Workflows: Putting Security Standards for Web Services Together (MH, RB, MB), pp. 128–135.
SEKESEKE-2005-CooperDW #approach #architecture #aspect-oriented #modelling #reuse
Modeling Reusable Security Aspects for Software Architectures: a Pattern Driven Approach (KMLC, LD, WEW), pp. 158–162.
SEKESEKE-2005-KongOF #analysis #formal method #workflow
Formal Analysis of Workflow Systems with Security Considerations (WK, KO, KF), pp. 531–536.
MODELSMoDELS-2005-HafnerB #modelling #uml #workflow
Realizing Model Driven Security for Inter-organizational Workflows with WS-CDL and UML 2.0 (MH, RB), pp. 39–53.
MODELSMoDELS-2005-HafnerB #modelling #uml #workflow
Realizing Model Driven Security for Inter-organizational Workflows with WS-CDL and UML 2.0 (MH, RB), pp. 39–53.
OOPSLAOOPSLA-2005-MartinLL #fault #query #using
Finding application errors and security flaws using PQL: a program query language (MCM, VBL, MSL), pp. 365–383.
QAPLQAPL-2004-BodeiCDBNNP05 #evaluation #performance #protocol
Performance Evaluation of Security Protocols Specified in LySa (CB, MC, PD, MB, FN, HRN, CP), pp. 167–189.
PLDIPLDI-2005-BauerLW #policy
Composing security policies with polymer (LB, JL, DW), pp. 305–314.
PPDPPPDP-2005-EchahedP #declarative #policy
Security policy in a declarative style (RE, FP), pp. 153–163.
PPDPPPDP-2005-Mitchell #analysis #logic #network #protocol
Security analysis of network protocols: logical and computational methods (JCM), pp. 151–152.
SASSAS-2005-Gordon #calculus #process
From Typed Process Calculi to Source-Based Security (ADG), p. 2.
RERE-2005-GiorginiMMZ #modelling #requirements
Modeling Security Requirements Through Ownership, Permission and Delegation (PG, FM, JM, NZ), pp. 167–176.
RERE-2005-GiorginiMMZ05a #automation #named #requirements
ST-Tool: A CASE Tool for Security Requirements Engineering (PG, FM, JM, NZ), pp. 451–452.
ASEASE-2005-JurjensY #analysis
Code security analysis with assertions (JJ, MY), pp. 392–395.
ICSEICSE-2005-AvotsDLL #analysis #c #pointer
Improving software security with a C pointer analysis (DA, MD, VBL, MSL), pp. 332–341.
ICSEICSE-2005-Jurjens #effectiveness #modelling #tool support #uml
Sound methods and effective tools for model-based security engineering with UML (JJ), pp. 322–331.
SACSAC-2005-AdaikkalavanC #approach #named #web
SmartGate: a smart push-pull approach to support role-based security in web gateways (RA, SC), pp. 1727–1731.
SACSAC-2005-Khurana #scalability
Scalable security and accounting services for content-based publish/subscribe systems (HK), pp. 801–807.
SACSAC-2005-Menezes #adaptation #case study #coordination #self
Self-organization and computer security: a case study in adaptive coordination (RM), pp. 467–468.
SACSAC-2005-SohrDA #information management #policy #specification
Formal specification of role-based security policies for clinical information systems (KS, MD, GJA), pp. 332–339.
SACSAC-2005-YangEY #database #semistructured data #specification
Mediation security specification and enforcement for heterogeneous databases (LY, RKE, HY), pp. 354–358.
CCCC-2005-LiCKB #approach
A Compiler-Based Approach to Data Security (FL, GC, MTK, RRB), pp. 188–203.
DACDAC-2005-ChoM #network #pattern matching
A pattern matching coprocessor for network security (YHC, WHMS), pp. 234–239.
DATEDATE-2005-FaroukS #algorithm #communication #encryption #hybrid #implementation
An Improved FPGA Implementation of the Modified Hybrid Hiding Encryption Algorithm (MHHEA) for Data Communication Security (HAF, MS), pp. 76–81.
HPCAHPCA-2005-ZhangGYZG #memory management #multi #named #symmetry
SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors (YZ, LG, JY, XZ, RG), pp. 352–362.
PDPPDP-2005-TerstyanszkyDGKSWK #legacy
Security Mechanisms for Legacy Code Applications in GT3 Environment (GT, TD, AG, TK, KS, SCW, PK), pp. 220–226.
ESOPESOP-2005-CortierW #automation #protocol #proving
Computationally Sound, Automated Proofs for Security Protocols (VC, BW), pp. 157–171.
ESOPESOP-2005-Myers #policy #programming
Programming with Explicit Security Policies (ACM), pp. 1–4.
FASEFASE-2005-JurjensS #analysis #development #tool support #uml
Tools for Secure Systems Development with UML: Security Analysis with ATPs (JJ, PS), pp. 305–309.
FASEFASE-2005-Mostowski #formal method #java #logic #verification
Formalisation and Verification of Java Card Security Properties in Dynamic Logic (WM), pp. 357–371.
FoSSaCSFoSSaCS-2005-FocardiRS #calculus #process
Bridging Language-Based and Process Calculi Security (RF, SR, AS), pp. 299–315.
CADECADE-2005-Steel #api #constraints #deduction #modelling
Deduction with XOR Constraints in Security API Modelling (GS), pp. 322–336.
CAVCAV-2005-ArmandoBBCCCDHKMMORSTVV #automation #internet #protocol #validation
The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications (AA, DAB, YB, YC, LC, JC, PHD, PCH, OK, JM, SM, DvO, MR, JS, MT, LV, LV), pp. 281–285.
ICLPICLP-2005-CorinSE #analysis #constraints #protocol
PS-LTL for Constraint-Based Security Protocol Analysis (RC, AS, SE), pp. 439–440.
LICSLICS-2005-BlanchetAF #automation #protocol #verification
Automated Verification of Selected Equivalences for Security Protocols (BB, MA, CF), pp. 331–340.
SIGMODSIGMOD-2004-FanCG #query #xml
Secure XML Querying with Security Views (WF, CYC, MNG), pp. 587–598.
SIGMODSIGMOD-2004-Maurer #database #encryption
The Role of Cryptography in Database Security (UMM), pp. 5–10.
SIGMODSIGMOD-2004-RosenthalW #research #scalability #state of the art
Security of Shared Data in Large Systems: State of the Art and Research Directions (AR, MW), pp. 962–964.
VLDBVLDB-2004-RosenthalW #research #scalability #state of the art
Security of Shared Data in Large Systems: State of the Art and Research Directions (AR, MW), p. 1242.
CSEETCSEET-2004-McGraw
Software Security Clue Distribution (GM), pp. 6–7.
ITiCSEITiCSE-WGR-2004-Campbell #assurance
IT security and data assurance: a new resource for two-year colleges (RDC), p. 20.
SIGITESIGITE-2004-BolzRR
Safely train security engineers regarding the dangers presented by denial of service attacks (CB, WR, BLR), pp. 66–72.
SIGITESIGITE-2004-Crowley #design #learning
Experiential learning and security lab design (EC), pp. 169–176.
SIGITESIGITE-2004-Dark #assessment #learning #performance #risk management #student
Assessing student performance outcomes in an information security risk assessment, service learning course (MJD), pp. 73–78.
SIGITESIGITE-2004-HigbyB
Wireless security patch management system (CH, MB), pp. 165–168.
SIGITESIGITE-2004-JonesR #education #named
Honeynets: an educational resource for IT security (JKJ, GWR), pp. 24–28.
SIGITESIGITE-2004-MasonJT #approach #collaboration #network
Network and systems security, a collaborative approach (SM, DJ, LT), p. 279.
SIGITESIGITE-2004-Morneau #design #network
Designing an information security program as a core competency of network technologists (KAM), pp. 29–32.
SIGITESIGITE-2004-RomneyS #education #multi #network #platform
An isolated, multi-platform network sandbox for teaching IT security system engineers (GWR, BRS), pp. 19–23.
SIGITESIGITE-2004-StevensonR #architecture #education
Teaching security best practices by architecting and administering an IT security lab (BRS, GWR), pp. 182–187.
ICALPICALP-2004-AbadiC #equation #protocol
Deciding Knowledge in Security Protocols Under Equational Theories (MA, VC), pp. 46–58.
SEFMSEFM-2004-LanotteMT #decidability #parametricity #probability
Decidability Results for Parametric Probabilistic Transition Systems with an Application to Security (RL, AMS, AT), pp. 114–121.
EDOCEDOC-2004-YoshiokaHF #coordination #performance
Security Patterns: A Method for Constructing Secure and Efficient Inter-Company Coordination Systems (NY, SH, AF), pp. 84–97.
ICEISICEIS-v2-2004-BelsisGSD #implementation #information management
Implementing Knowledge Management Techniques for Security Purposes (PB, SG, CS, ID), pp. 535–540.
ICEISICEIS-v3-2004-ChapmanS #enterprise #guidelines #on the
On Information Security Guidelines for Small/Medium Enterprises (DC, LS), pp. 3–9.
ICEISICEIS-v3-2004-MouratidisGM #design #information management #using
Using Security Attack Scenarios to Analyse Security During Information Systems Design (HM, PG, GAM), pp. 10–17.
ICEISICEIS-v3-2004-Tu #using
Using SAP System Configuration Security Test to Comply with Sarbanesoxley Act (JHT), pp. 581–583.
ICEISICEIS-v3-2004-VasiuD #architecture #web #web service #xml
A Requirement for a XML Web Services Security Architecture (LV, CD), pp. 60–66.
ICEISICEIS-v5-2004-Mikulecky #design #library
Digital Library: Design and Security Considerations (SM), pp. 295–300.
SEKESEKE-2004-GaoDYHBC #case study #design
Applying Aspect-Orientation in Designing Security Systems: A Case Study (SG, YD, HY, XH, KB, KMLC), pp. 360–365.
SEKESEKE-2004-YangEY #approach #aspect-oriented
Enhancing Mediation Security by Aspect-Oriented Approach (LY, RKE, HY), pp. 155–160.
SEKESEKE-2004-YuHDM #architecture #design
Integrating Security Administration into Software Architectures Design (HY, XH, YD, LM), pp. 416–420.
UMLUML-2004-AbieAKMR #uml
Integrating a Security Requirement Language with UML (HA, DBA, TK, SM, TR), pp. 350–364.
UMLUML-2004-JurjensS #automation #modelling #requirements #verification
Automated Verification of UMLsec Models for Security Requirements (JJ, PS), pp. 365–379.
LOPSTRLOPSTR-2004-BossiPR #imperative
Unwinding Conditions for Security in Imperative Languages (AB, CP, SR), pp. 85–100.
AdaSIGAda-2004-ChapmanH #analysis #data flow #modelling #safety
Enforcing security and safety models with an information flow analysis tool (RC, AH), pp. 39–46.
AdaSIGAda-2004-Davis #component #information management #lifecycle
Information systems security engineering: a critical component of the systems engineering lifecycle (JFD), pp. 13–18.
RERE-2004-HaleyLMN #requirements #trust
The Effect of Trust Assumptions on the Elaboration of Security Requirements (CBH, RCL, JDM, BN), pp. 102–111.
RERE-2004-LinNIJ #bound #problem #using
Using Abuse Frames to Bound the Scope of Security Problems (LL, BN, DCI, MJ), pp. 354–355.
FSEFSE-2004-Wolf #question #re-engineering
Is security engineering really just good software engineering? (ALW), p. 1.
ICSEICSE-2004-Lamsweerde #anti #requirements
Elaborating Security Requirements by Construction of Intentional Anti-Models (AvL), pp. 148–157.
SACSAC-2004-BellaR
Editoral message: special track on computer security (GB, PR), pp. 373–374.
SACSAC-2004-BravettiLZG #e-commerce #quality #web #web service
Web Services for E-commerce: guaranteeing security access and quality of service (MB, RL, GZ, RG), pp. 800–806.
SACSAC-2004-CarvalhoCSBF #mobile #network #using
Using mobile agents as roaming security guards to test and improve security of hosts and networks (MMC, TBC, NS, MRB, KMF), pp. 87–93.
DACDAC-2004-RaviKLMR #design #embedded
Security as a new dimension in embedded system design (SR, PCK, RBL, GM, AR), pp. 753–760.
DATEDATE-v1-2004-RenaudinBPTSG
High Security Smartcards (MR, GFB, PP, JPT, LS, FG), pp. 228–233.
HPDCHPDC-2004-DenisAHVKB #communication #performance #problem
Wide-Area Communication for Grids: An Integrated Solution to Connectivity, Performance and Security Problems (AD, OA, RFHH, KV, TK, HEB), pp. 97–106.
OSDIOSDI-2004-RinardCDRLB
Enhancing Server Availability and Security Through Failure-Oblivious Computing (MCR, CC, DD, DMR, TL, WSB), pp. 303–316.
FoSSaCSFoSSaCS-2004-RamanathanMST #analysis #bisimulation #equivalence #network #probability #protocol
Probabilistic Bisimulation and Equivalence for Security Analysis of Network Protocols (AR, JCM, AS, VT), pp. 468–483.
STOCSTOC-2004-PrabhakaranS
New notions of security: achieving universal composability without trusted setup (MP, AS), pp. 242–251.
TACASTACAS-2004-PiazzaPR #named #persistent
CoPS — Checker of Persistent Security (CP, EP, SR), pp. 144–152.
VMCAIVMCAI-2004-BartheBR #compilation
Security Types Preserving Compilation: (GB, AB, TR), pp. 2–15.
VMCAIVMCAI-2004-Guttman #protocol #trust
Security, Protocols, and Trust (JDG), p. 1.
ITiCSEITiCSE-2003-AzadeganLOWZ
An undergraduate track in computer security (SA, ML, MO, ALW, MZ), pp. 207–210.
CSMRCSMR-2003-LundBS #assessment #maintenance
Maintaining Results from Security Assessment (MSL, FdB, KS), pp. 341–350.
ICSMEICSM-2003-DaCostaDMP
Characterizing the “Security Vulnerability Likelihood” of Software Functions (DD, CD, SM, VP), p. 266–?.
FMFME-2003-ArmandoCG #analysis #graph #model checking #protocol #satisfiability #using
SAT-Based Model-Checking of Security Protocols Using Planning Graph Analysis (AA, LC, PG), pp. 875–893.
FMFME-2003-Vigna
A Topological Characterization of TCP/IP Security (GV), pp. 914–939.
SEFMSEFM-2003-BossiFPR #data flow #refinement
Refinement Operators and Information Flow Security (AB, RF, CP, SR), pp. 44–53.
SEFMSEFM-2003-LanotteMT #automaton #bisimulation #probability
Weak Bisimulation for Probabilistic Timed Automata and Applications to Security (RL, AMS, AT), pp. 34–43.
CAiSECAiSE-2003-MouratidisGM #information management #modelling #towards
Integrating Security and Systems Engineering: Towards the Modelling of Secure Information Systems (HM, PG, GAM), pp. 63–78.
EDOCEDOC-2003-BurtBROA #data access #modelling #unification
Model Driven Security: Unification of Authorization Models for Fine-Grain Access Control (CCB, BRB, RRR, AMO, MA), pp. 159–173.
ICEISICEIS-v2-2003-HoeschlBBMRBT
Structured Contextual Search for the Un Security Council (HCH, TCDB, AB, EdSM, MSR, RMB, IT), pp. 100–107.
ICEISICEIS-v3-2003-MouratidisMGG #information management #requirements #using
Analysing Security Requirements of Information Systems Using Tropos (HM, GAM, AG, PG), pp. 623–626.
ICEISICEIS-v3-2003-SerraoNT #analysis #open source #operating system
Open Source Security Analysis — Evaluating Security of Open Source vs. Closed Source Operating Systems (CS, DN, PT), pp. 433–440.
ICEISICEIS-v4-2003-McPhersonHHK #architecture #web #web service #xml
Guardian Knowledge Farm Agents and Security Architectures: Web Services, XML, and Wireless Mappings (MM, GH, BH, GK), pp. 244–253.
ICEISICEIS-v4-2003-Vasiu #trust #web #web service
Security Web Services Based on Trust (LV), pp. 369–376.
SEKESEKE-2003-AbdullahS #framework #towards
A Step toward building Dynamic Security Infrastructure (ISA, EHS), pp. 483–488.
ECOOPECOOP-2003-Abadi
Built-in Object Security (MA), p. 1.
ECOOPECOOP-2003-Gunter #api #embedded
Open APIs for Embedded Security (CAG), pp. 225–247.
REFSQREFSQ-J-2002-AntonEC03 #behaviour #policy #privacy #requirements
Precluding incongruous behavior by aligning software requirements with security and privacy policies (AIA, JBE, RAC), pp. 967–977.
RERE-2003-KaiyaSMK #analysis #java #mobile #policy #requirements #trade-off
Trade-off Analysis between Security Policies for Java Mobile Codes and Requirements for Java Application (HK, KS, YM, KK), pp. 357–358.
RERE-2003-LinNIJM #requirements
Introducing Abuse Frames for Analysing Security Requirements (LL, BN, DCI, MJ, JDM), pp. 371–372.
RERE-2003-LiuYM #analysis #privacy #requirements #social
Security and Privacy Requirements Analysis within a Social Setting (LL, ESKY, JM), pp. 151–161.
ICSEICSE-2003-KemmererV #detection #internet
Internet Security and Intrusion Detection (RAK, GV), pp. 748–749.
SACSAC-2003-AbendrothJ #framework
A Unified Security Framework for Networked Applications (JA, CDJ), pp. 351–357.
SACSAC-2003-AtluriAGA #constraints #multi #self
Self-Manifestation of Composite Multimedia Objects to Satisfy Security Constraints (VA, NRA, AG, IA), pp. 927–934.
CGOCGO-2003-ZhangG #slicing
Hiding Program Slices for Software Security (XZ, RG), pp. 325–336.
HPDCHPDC-2003-WelchSFBCGKMPT #grid
Security for Grid Services (VW, FS, ITF, JB, KC, JG, CK, SM, LP, ST), pp. 48–57.
PDPPDP-2003-SethiB #ad hoc #named #network
CRESQ: Providing QoS and Security in Ad hoc Networks (PS, GB), p. 544–?.
ESOPESOP-2003-Comon-LundhC
Security Properties: Two Agents Are Sufficient (HCL, VC), pp. 99–113.
ESOPESOP-2003-GiambiagiD #implementation #on the #protocol
On the Secure Implementation of Security Protocols (PG, MD), pp. 144–158.
ESOPESOP-2003-Leroy #perspective #programming language #static analysis
Computer Security from a Programming Language and Static Analysis Perspective (XL), pp. 1–9.
FASEFASE-2003-ScottBM #mobile #policy
Spatial Security Policies for Mobile Agents in a Sentient Computing Environment (DJS, ARB, AM), pp. 102–117.
CAVCAV-2003-BozgaLP #automation #named #protocol #verification
HERMES: An Automatic Tool for Verification of Secrecy in Security Protocols (LB, YL, MP), pp. 219–222.
ICLPICLP-2003-Musumbu #simulation
Simulating Security Systems Based on Logigrams (KM), pp. 498–499.
ICSTSAT-2003-ArmandoC #analysis #protocol #satisfiability
Abstraction-Driven SAT-based Analysis of Security Protocols (AA, LC), pp. 257–271.
VMCAIVMCAI-2003-BossiFPR #bisimulation #verification
Bisimulation and Unwinding for Verifying Possibilistic Security Properties (AB, RF, CP, SR), pp. 223–237.
VLDBVLDB-2002-BettiniJWW #policy
Provisions and Obligations in Policy Management and Security Applications (CB, SJ, XSW, DW), pp. 502–513.
ICSMEICSM-2002-JiwnaniZ #maintenance #perspective
Maintaining Software with a Security Perspective (KJ, MVZ), pp. 194–203.
RTARTA-2002-Mitchell #analysis #multi #protocol
Multiset Rewriting and Security Protocol Analysis (JCM), pp. 19–22.
EDOCEDOC-2002-AagedalBDGRS #assessment #enterprise #modelling #risk management
Model-Based Risk Assessment to Improve Enterprise Security (JØA, FdB, TD, BAG, DR, KS), p. 51–?.
ICEISICEIS-2002-BelsisGS #enterprise
An Enterprise IT Security Data Model (MAB, ANG, LS), pp. 885–891.
ICEISICEIS-2002-HuangH
Managing Security in Electronic Business (KH, KH), pp. 1086–1091.
ICEISICEIS-2002-PantiSTV #automation #protocol #verification
Automatic Verification of Security in Payment Protocols for Electronic Commerce (MP, LS, ST, SV), pp. 968–974.
ICEISICEIS-2002-Srinivas #concept #java #network
Network Security Concepts and Java (RS), p. 23.
CIKMCIKM-2002-AvantBBFSW #semantics
Semantic technology applications for homeland security (DA, MB, CB, MF, APS, YSW), pp. 611–613.
UMLUML-2002-LodderstedtBD #modelling #named #uml
SecureUML: A UML-Based Modeling Language for Model-Driven Security (TL, DAB, JD), pp. 426–441.
LOPSTRLOPSTR-2002-BossiFPR #data flow #proving
A Proof System for Information Flow Security (AB, RF, CP, SR), pp. 199–218.
POPLPOPL-2002-AbadiB #logic programming #protocol #source code
Analyzing security protocols with secrecy types and logic programs (MA, BB), pp. 33–44.
SASSAS-2002-Blanchet #authentication #protocol
From Secrecy to Authenticity in Security Protocols (BB), pp. 342–359.
SASSAS-2002-CorinE #constraints #protocol #verification
An Improved Constraint-Based System for the Verification of Security Protocols (RC, SE), pp. 326–341.
SASSAS-2002-Zanotti #abstract interpretation
Security Typings by Abstract Interpretation (MZ), pp. 360–375.
RERE-2002-CrookILN #anti #requirements
Security Requirements Engineering: When Anti-Requirements Hit the Fan (RC, DCI, LL, BN), pp. 203–205.
ICSEICSE-2002-Butler #approach #attribute grammar
Security attribute evaluation method: a cost-benefit approach (SAB), pp. 232–240.
SACSAC-2002-AljarehR #collaboration #multi #network
A task-based security model to facilitate collaboration in trusted multi-agency networks (SA, BNR), pp. 744–749.
SACSAC-2002-BarbutiBF #abstract interpretation #bytecode #java
Checking security of Java bytecode by abstract interpretation (RB, CB, NDF), pp. 229–236.
SACSAC-2002-Bell #interactive #policy #simulation
Interactive simulation of security policies (GB), pp. 247–252.
SACSAC-2002-BorealeB #analysis #automation #protocol
Experimenting with STA, a tool for automatic analysis of security protocols (MB, MGB), pp. 281–285.
SACSAC-2002-BurnsideCMMDR #mobile #protocol
Proxy-based security protocols in networked mobile devices (MB, DEC, TM, AM, SD, RLR), pp. 265–272.
SACSAC-2002-DunningR #communication
Security status display and browser interframe communication (LAD, SR), pp. 237–241.
SACSAC-2002-TanM #mobile
Certificates for mobile code security (HKT, LM), pp. 76–81.
SACSAC-2002-ThompsonWM #testing
Software security vulnerability testing in hostile environments (HHT, JAW, FEM), pp. 260–264.
DACDAC-2002-RaviRPS #design #framework #platform
System design methodologies for a wireless security processing platform (SR, AR, NRP, MS), pp. 777–782.
PDPPDP-2002-BucheggerB #ad hoc #mobile #network #robust #towards
Nodes Bearing Grudges: Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Networks (SB, JYLB), pp. 403–410.
STOCSTOC-2002-DziembowskiM #bound #proving
Tight security proofs for the bounded-storage model (SD, UMM), pp. 341–350.
CAVCAV-2002-ArmandoBBCCMRTVV #analysis #protocol
The AVISS Security Protocol Analysis Tool (AA, DAB, MB, YC, LC, SM, MR, MT, LV, LV), pp. 349–353.
CAVCAV-2002-ChevalierV #automation #bound #protocol #verification
Automated Unbounded Verification of Security Protocols (YC, LV), pp. 324–337.
VMCAIVMCAI-2002-BernardeschiF #abstract interpretation #bytecode #java #model checking
Combining Abstract Interpretation and Model Checking for Analysing Security Properties of Java Bytecode (CB, NDF), pp. 1–15.
VMCAIVMCAI-2002-FocardiPR #bisimulation #data flow #proving
Proofs Methods for Bisimulation Based Information Flow Security (RF, CP, SR), pp. 16–31.
SCAMSCAM-2001-WeberSR #case study #constraints #detection #optimisation #using
A Case Study in Detecting Software Security Vulnerabilities Using Constraint Optimization (MW, VS, CR), pp. 3–13.
WCREWCRE-2001-CifuentesWE #analysis #debugging #decompiler
Computer Security Analysis through Decompilation and High-Level Debugging (CC, TW, MVE), pp. 375–380.
FLOPSFLOPS-2001-Delzanno #case study #debugging #prolog #protocol #specification
Specifying and Debugging Security Protocols via Hereditary Harrop Formulas and λ Prolog — A Case-study (GD), pp. 123–137.
ICEISICEIS-v2-2001-MartinCLG #e-commerce #policy
Planning Security Policy on E-Commerce (MM, AC, JL, RG), pp. 915–919.
CIKMCIKM-2001-Rosenthal #documentation #question #what
What Can Researches Do to Improve Security of Data and Documents? (AR), p. 593.
ECOOPECOOP-2001-CaromelV #component #java
Reflections on MOPs, Components, and Java Security (DC, JV), pp. 256–274.
TOOLSTOOLS-USA-2001-McClure #delivery #how #privacy
Hacking = Privacy: How Computer Hacking Can Shore Up Your Defenses and Deliver the Closest Ideal to Security Available (SM), p. 7.
LOPSTRLOPSTR-2001-DelzannoE #debugging #logic programming #protocol #proving
Proof Theory, Transformations, and Logic Programming for Debugging Security Protocols (GD, SE), pp. 76–90.
PADLPADL-2001-BellaB #analysis #constraints #protocol
Soft Constraints for Security Protocol Analysis: Confidentiality (GB, SB), pp. 108–122.
POPLPOPL-2001-Mitchell #programming language
Programming language methods in computer security (JCM), pp. 1–3.
SASSAS-2001-GordonJ #analysis #protocol
A Type and Effect Analysis of Security Protocols (ADG, AJ), p. 432.
SASSAS-2001-Schneider #what #why
Language-Based Security: What’s Needed and Why (FBS), p. 374.
RERE-2001-Hall01a #modelling #network #specification #validation
Specification Modeling and Validation Applied to Network Security Gateways (RJH), pp. 289–291.
RERE-2001-Spafford #privacy
The Hidden Meta-Requirements of Security and Privacy (EHS), p. 10.
ASEASE-2001-ChevalierV #lazy evaluation #protocol #verification
A Tool for Lazy Verification of Security Protocols (YC, LV), pp. 373–376.
ASEASE-2001-Fenkam #specification #verification
Security Specification and Verification (PF), p. 434.
ASEASE-2001-Hall #modelling #network #product line #specification #validation
Specification Modeling and Validation Applied to a Family of Network Security Products (RJH), pp. 71–80.
FSEESEC-FSE-2001-BasinRV #corba
A formal data-model of the CORBA security service (DAB, FR, LV), pp. 303–304.
SACSAC-2001-VuongSD #distributed #policy #using #xml
Managing security policies in a distributed environment using eXtensible markup language (XML) (NNV, GS, YD), pp. 405–411.
HPDCHPDC-2001-HumphreyT #grid
Security Implications of Typical Grid Computing Usage Scenarios (MH, MRT), pp. 95–103.
HPDCHPDC-2001-JohnstonTJ #overview
Overview of Security Considerations for Computational and Data Grids (WEJ, ST, KRJ), pp. 439–440.
ESOPESOP-2001-Mitchell #analysis #calculus #polynomial #probability #process #protocol
Probabilistic Polynomial-Time Process Calculus and Security Protocol Analysis (JCM), pp. 23–29.
CAVCAV-2001-SongPP #automation #generative #implementation #named #protocol #verification
AGVI — Automatic Generation, Verification, and Implementation of Security Protocols (DXS, AP, DP), pp. 241–245.
LICSLICS-2001-MitchellRST #analysis #calculus #probability #process #protocol
Probabilistic Polynominal-Time Process Calculus and Security Protocol Analysis (JCM, AR, AS, VT), pp. 3–5.
ICALPICALP-2000-BaudronPS #multi
Extended Notions of Security for Multicast Public Key Cryptosystems (OB, DP, JS), pp. 499–511.
ICFPICFP-2000-SkalkaS
Static enforcement of security with types (CS, SFS), pp. 34–45.
CAiSECAiSE-2000-LiuLW #named
CHAOS: An Active Security Mediation System (DL, KHL, GW), pp. 232–246.
ICEISICEIS-2000-Barker #approach #logic
Information Security: A Logic Based Approach (SB), pp. 9–14.
ECOOPECOOP-2000-Gong
Developing Security Systems in the Real World (LG), p. 251.
TOOLSTOOLS-ASIA-2000-KhanHZ #component #composition
Security Characterization of Software Components and Their Composition (KMK, JH, YZ), pp. 240–249.
TOOLSTOOLS-ASIA-2000-TaoJY #adaptation #mobile #modelling #network #research #self
The Research on Dynamic Self-Adaptive Network Security Model Based on Mobile Agent (JT, LJr, QY), pp. 134–139.
TOOLSTOOLS-ASIA-2000-XingsheX #corba #design #implementation
Design and Implementation of CORBA Security Service (XZ, XL), pp. 140–147.
TOOLSTOOLS-PACIFIC-2000-SindreO #case study #elicitation #requirements
Eliciting Security Requirements by Misuse Cases (GS, ALO), pp. 120–131.
TOOLSTOOLS-USA-2000-MegaacheKJ #architecture
A Role-Based Security Architecture for Business Intelligence (SM, TK, GRRJ), pp. 295–306.
POPLPOPL-2000-Walker #policy #type system
A Type System for Expressive Security Policies (DW), pp. 254–267.
ASEASE-2000-LiuR #automation #using
Automated Security Checking and Patching Using TestTalk (CL, DJR), pp. 261–264.
ICSEFoSE-2000-DevanbuS #re-engineering #roadmap
Software engineering for security: a roadmap (PTD, SGS), pp. 227–239.
PDPPDP-2000-PuliafitoT
Security mechanisms for the MAP agent system (AP, OT), pp. 84–91.
STOCSTOC-2000-BihamBBMR #proving #quantum
A proof of the security of quantum key distribution (EB, MB, POB, TM, VPR), pp. 715–724.
STOCSTOC-2000-KatzY #encryption #probability
Complete characterization of security notions for probabilistic private-key encryption (JK, MY), pp. 245–254.
TACASTACAS-2000-BenerecettiG #logic #model checking #protocol #using
Model Checking Security Protocols Using a Logic of Belief (MB, FG), pp. 519–534.
TACASTACAS-2000-ClarkeJM #partial order #protocol #reduction #verification
Partial Order Reductions for Security Protocol Verification (EMC, SJ, WRM), pp. 503–518.
WRLAWRLA-2000-BasinD #analysis #comparison #haskell #maude #protocol
Maude versus Haskell: an Experimental Comparison in Security Protocol Analysis (DAB, GD), pp. 235–256.
WICSAWICSA-1999-Butler
Security Issues with the Global Command and Control System (GCCS) (SAB), pp. 407–422.
ICDARICDAR-1999-UrecheP #aspect-oriented #documentation
Document Transport, Transfer, and Exchange: Security and Commercial Aspects (OU, RP), pp. 585–588.
FMFM-v1-1999-FocardiM #approach
A Uniform Approach for the Definition of Security Properties (RF, FM), pp. 794–813.
FMFM-v1-1999-LincolnMMS #analysis #equivalence #polynomial #probability
Probabilistic Polynomial-Time Equivalence and Security Analysis (PL, JCM, MM, AS), pp. 776–793.
FMFM-v1-1999-LotzKW #hardware
A Formal Security Model for Microprocessor Hardware (VL, VK, GW), pp. 718–737.
HCIHCI-EI-1999-Grinchenko #internet #quality
Quality of Information in Internet as an Information Security Basis (TAG), pp. 111–115.
SACSAC-1999-RowMAW #linux #network
Security Issues in Small Linux Networks (WMR, DJM, BLA, AHW), pp. 506–510.
SOSPSOSP-1999-MazieresKKW #file system
Separating key management from file system security (DM, MK, MFK, EW), pp. 124–139.
FoSSaCSFoSSaCS-1999-Abadi #protocol #specification
Security Protocols and Specifications (MA), pp. 1–13.
CADECADE-1999-Weidenbach #analysis #automation #first-order #logic #protocol #towards
Towards an Automatic Analysis of Security Protocols in First-Order Logic (CW), pp. 314–328.
LICSLICS-1999-MalacariaH #game studies #nondeterminism #program analysis
Non-Deterministic Games and Program Analysis: An Application to Security (PM, CH), pp. 443–452.
LICSLICS-1999-Paulson #protocol #proving
Proving Security Protocols Correct (LCP), pp. 370–381.
FMFM-1998-KoobUW #formal method #modelling #policy #process #topic #using
The New Topicality of Using Formal Models of Security Policy within the Security Engineering Process (FK, MU, SW), pp. 302–310.
KDDKDD-1998-LaneB #concept #identification #learning #online
Approaches to Online Learning and Concept Drift for User Identification in Computer Security (TL, CEB), pp. 259–263.
POPLPOPL-1998-LeroyR
Security Properties of Typed Applets (XL, FR), pp. 391–403.
AdaSIGAda-1998-MichellSW #safety
Looking into Safety with the Safety and Security Rapporteur Group (SM, MS, BAW), pp. 7–11.
DACDAC-1998-HauckK
Data Security for Web-based CAD (SH, SK), pp. 788–793.
CAVCAV-1998-Mitchell #analysis #finite #protocol
Finite-State Analysis of Security Protocols (JCM), pp. 71–76.
ADLADL-1997-WinslettCJS #library #policy #privacy #transaction #web
Assuring Security and Privacy for Digital Library Transactions on the Web: Client and Server Security Policies (MW, NC, VEJ, IS), pp. 140–152.
ICSMEICSM-2000-BasharKKSW #tool support
Low-threat security patches and tools (MAB, GK, MGK, EHS, SSWJ), pp. 306–313.
ESECESEC-FSE-1997-Kemmerer #distributed
Security Issues in Distributed Software (RAK), pp. 52–59.
ICSEICSE-1997-Hefner #lessons learnt #maturity
Lessons Learned with the Systems Security Engineering Capability Maturity Model (RH), pp. 566–567.
SOSPSOSP-1997-WallachBDF #architecture #java
Extensible Security Architecture for Java (DSW, DB, DD, EWF), pp. 116–128.
TAPSOFTTAPSOFT-1997-VolpanoS #approach #type system
A Type-Based Approach to Program Security (DMV, GS), pp. 607–621.
SIGMODSIGMOD-1996-Tajima #database #detection #object-oriented #static analysis
Static Detection of Security Flaws in Object-Oriented Databases (KT), pp. 341–352.
SACSAC-1996-McBride
Security considerations for active messages (RAM), pp. 463–467.
TACASTACAS-1996-FocardiG #automation #composition #verification
Automatic Compositional Verification of Some Security Properties (RF, RG), pp. 167–186.
STOCSTOC-1995-Yao #metric #protocol #quantum
Security of quantum protocols against coherent measurements (ACCY), pp. 67–75.
VLDBVLDB-1994-IdrisGC #database
Providing Dynamic Security Control in a Federated Database (NBI, WAG, RFC), pp. 13–23.
FMFME-1994-Cherkaoui #analysis #specification
Specification and Analysis of a Security Management System (OC), pp. 66–82.
CAiSECAiSE-1994-HofmannH #design #information management #quality #requirements
Reaching out for Quality: Considering Security Requirements in the Design of Information Systems (HFH, RH), pp. 105–118.
SACSAC-1994-ChangGVWO #empirical #reuse #social
A reuse experiment in the social security sector (SCC, APMG, HvV, EW, HO), pp. 94–98.
FMFME-1993-Boswell #policy #specification #validation
Specification and Validation of a Security Policy Model (AB), pp. 42–51.
CAiSECAiSE-1993-Chung #development #information management #requirements
Dealing with Security Requirements During the Development of Information Systems (LC), pp. 234–251.
TOOLSTOOLS-EUROPE-1993-DollimoreX
The Private Access Channel: A Security Mechanism for Shared Distribution Objects (JD, WX), pp. 211–221.
SOSPSOSP-WIP-1991-Reiter92 #distributed
Integrating Security in a Group Oriented Distributed System (MKR), p. 27.
KDDKDD-1991-OLeary #database #information management
Knowledge Discovery as a Threat to Database Security (DEO), pp. 507–516.
ICSEICSE-1991-Jahl #evaluation
The Information Technology Security Evaluation Criteria (CJ), pp. 306–312.
STOCSTOC-1991-Maurer #encryption #independence
Perfect Cryptographic Security from Partially Independent Channels (UMM), pp. 561–571.
OOPSLAOOPSLA-1989-Thuraisingham #database #object-oriented
Mandatory Security in Object-Oriented Database Systems (BMT), pp. 203–210.
SIGMODSIGMOD-1988-MazumdarSS #proving #theorem proving #using
Resolving the Tension between Integrity and Security Using a Theorem Prover (SM, DWS, TS), pp. 233–242.
SIGMODSIGMOD-1987-Morgenstern #database #knowledge base #multi
Security and Inference in Multilevel Database and Knowledge-Base Systems (MM), pp. 357–373.
VLDBVLDB-1986-SpoonerKWSH #ada #component #framework
Framework for the Security Component of an Ada DBMS (DLS, AMK, GW, JS, DH), pp. 347–354.
STOCSTOC-1986-Cleve
Limits on the Security of Coin Flips when Half the Processors Are Faulty (RC), pp. 364–369.
STOCSTOC-1985-HastadS #encryption
The Cryptographic Security of Truncated Linearly Related Variables (JH, AS), pp. 356–362.
POPLPOPL-1983-Strom
Mechanisms for Compile-Time Enforcement of Security (RES), pp. 276–284.
SOSPSOSP-1983-Silverman #kernel #operating system #verification
Reflections on the Verification of the Security of an Operating System Kernel (JMS), pp. 143–154.
STOCSTOC-1983-Ben-OrCS #encryption #on the
On the Cryptographic Security of Single RSA Bits (MBO, BC, AS), pp. 421–430.
VLDBVLDB-1981-BussolatiM #approach #database #modelling
A Database Approach to Modelling and Managing Security Information (UB, GM), pp. 532–542.
SOSPSOSP-J-1979-WalkerKP80 #kernel #specification #verification
Specification and Verification of the UCLA Unix Security Kernel (BJW, RAK, GJP), pp. 118–131.
VLDBVLDB-1979-DownsP #database
Data Base Management Systems Security and INGRES (DD, GJP), pp. 280–290.
SOSPSOSP-1979-WalkerKP #kernel #specification #verification
Specification and Verification of the UCLA Unix Security Kernel (BJW, RAK, GJP), pp. 64–65.
VLDBVLDB-1978-Davida #privacy
Security and Privacy (GID), p. 54.
VLDBVLDB-1978-HsiaoKM #database #privacy
Privacy and Security of Data Communications and Data Bases (DKH, DSK, SEM), pp. 55–67.
SOSPSOSP-1977-FeiertagLR #design #multi #proving
Proving Multilevel Security of a System Design (RJF, KNL, LR), pp. 57–65.
ICSEICSE-1976-NeumannFLR #development #multi #proving
Software Development and Proofs of Multi-Level Security (PGN, RJF, KNL, LR), pp. 421–428.
SOSPSOSP-J-1975-Millen76 #kernel #validation
Security Kernel Validation in Practice (JKM), pp. 243–250.
SOSPSOSP-1975-JonesL #policy
The Enforcement of Security Policies for Computation (AKJ, RJL), pp. 197–206.
SOSPSOSP-1975-Schroeder #kernel #multi
Engineering a Security Kernel for Multics (MDS), pp. 25–32.

Bibliography of Software Language Engineering in Generated Hypertext (BibSLEIGH) is created and maintained by Dr. Vadim Zaytsev.
Hosted as a part of SLEBOK on GitHub.