The authors present a system for sound static checking of security policies for database-backed web applications. The tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling ...Download Now
Current Electronic Toll Pricing (ETP) implementations rely on on-board units sending fine-grained location data to the service provider. The authors present PrETP, a privacy-preserving ETP system in which on-board units can prove that they use genuine data and perform correct operations while disclosing the minimum amount of location data. PrETP ...Download Now
Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. The authors present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5% ...Download Now
Submit Your Content
Get your content listed in our directory for free!
Our directory is the largest library of vendor-supplied technical content on the web. It's also the first place IT decision makers turn to when researching technology solutions. Our members are already finding your competitors' papers here - shouldn't they find yours too?