Bytecode verification is a crucial security component for Java applets, on the Web and on
embedded devices such as smart cards. This paper reviews the various bytecode …

We present the design and implementation of a typechecker for verifying security properties
of the source code of cryptographic protocols and access control mechanisms. The …

Bytecode verification is a crucial security component for Java applets, on the Web and on
embedded devices such as smart cards. This paper describes the main bytecode verification …

Security is a major, frequent concern in extensible software systems such as Java Virtual
Machines and the Common Language Runtime. These systems aim to enable simple …

Access control mechanisms are often used with the intent of enforcing confidentiality and
integrity policies, but few rigorous connections have been made between information flow …

In this paper we survey static analysis methods for identifying security vulnerabilities in
software systems. We cover three areas that have been associated with sources of security …

System call whitelisting is a powerful sandboxing approach that can significantly reduce the
capabilities of an attacker if an application is compromised. Given a policy that specifies …

Java 2 has a security architecture that protects systems from unauthorized access by mobile
or statically configured code. The problem is in manually determining the set of security …

Information-flow type systems are a promising approach for enforcing strong end-to-end
confidentiality and integrity policies. Such policies, however, are usually specified in terms of …

The aim of this chapter is to explain, by example, some methods for reasoning about
equivalence of programs based directly upon a type system and an operational semantics …