Our society's widespread dependence on networked information systems for everything from
personal finance to military communications makes it essential to improve the security of …

Adding a sound information flow security policy to an existing program is a difficult task that
requires major analysis of andchanges to the program. In this paper we show how …

Dr. Gary McGraw, a well-known software security expert, said,“First things first—make sure
you know how to code, and have been doing so for years. It is better to be a developer (and …

Current standard security practices do not provide substantial assurance that the end-to-end
behavior of a computing system satisfies important security policies such as confidentiality …

Teaching secure programming Page 1 Education Editors: Matt Bishop, bishop@cs.ucdavis.edu
Deborah A. Frincke, deborah.frincke@pnl.com Discussions of what should be taught inevitably …

A precise characterization of those security policies enforceable by program rewriting is
given. This also exposes and rectifies problems in prior work, yielding a better …

This book provides a set of design and implementation guidelines for writing secure
programs for Linux and Unix systems. Such programs include application programs used as …

Abstract Language-based information flow methods offer a principled way to enforce strong
security properties, but enforcing noninterference is too inflexible for realistic applications …

From the beginning of electronic computing until 15 years ago, the 'game'of attack and
defense was played on a system by system basis, with defenders relying on physical …

This paper presents FABLE, a core formalism for a programming language in which
programmers may specify security policies and reason that these policies are properly …