USENIX Association

Displaying 1-3 of 3 results

  • White Papers // Sep 2010

    Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications

    The authors present a system for sound static checking of security policies for database-backed web applications. The tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling...

    Provided By USENIX Association

  • White Papers // Jun 2010

    Adapting Software Fault Isolation to Contemporary CPU Architectures

    Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. The authors present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5%...

    Provided By USENIX Association

  • White Papers // Jun 2010

    PrETP: Privacy-Preserving Electronic Toll Pricing

    Current Electronic Toll Pricing (ETP) implementations rely on on-board units sending fine-grained location data to the service provider. The authors present PrETP, a privacy-preserving ETP system in which on-board units can prove that they use genuine data and perform correct operations while disclosing the minimum amount of location data. PrETP...

    Provided By USENIX Association

  • White Papers // Jun 2010

    Adapting Software Fault Isolation to Contemporary CPU Architectures

    Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of questionable provenance, an interesting use case for native plugins in a Web browser. The authors present software fault isolation schemes for ARM and x86-64 that provide control-flow and memory integrity with average performance overhead of under 5%...

    Provided By USENIX Association

  • White Papers // Sep 2010

    Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications

    The authors present a system for sound static checking of security policies for database-backed web applications. The tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling...

    Provided By USENIX Association

  • White Papers // Jun 2010

    PrETP: Privacy-Preserving Electronic Toll Pricing

    Current Electronic Toll Pricing (ETP) implementations rely on on-board units sending fine-grained location data to the service provider. The authors present PrETP, a privacy-preserving ETP system in which on-board units can prove that they use genuine data and perform correct operations while disclosing the minimum amount of location data. PrETP...

    Provided By USENIX Association