Software Engineering and Methodology (TOSEM)


Search Issue
enter search term and/or author name


ACM Transactions on Software Engineering and Methodology (TOSEM), Volume 9 Issue 4, Oct. 2000

SAFKASI: a security mechanism for language-based systems
Edward W. Felten, Andrew W. Appel, Dan S. Wallach
Pages: 341-378
DOI: 10.1145/363516.363520
In order to run untrusted code in the same process as trusted code, there must be a mechanism to allow dangerous calls to determine if their caller is authorized to exercise the privilege of using the dangerous routine. Java systems have adopted...

Proof linking: modular verification of mobile programs in the presence of lazy, dynamic linking
Robert D. Cameron, Philip W. L. Fong
Pages: 379-409
DOI: 10.1145/363516.363523
Although mobile code systems typically employ link-time code verifiers to protect host computers from potentially malicious code, implementation flaws in the verifiers may still leave the host system vulnerable to attack. Compounding the...

Protecting privacy using the decentralized label model
Andrew C. Myers, Barbara Liskov
Pages: 410-442
DOI: 10.1145/363516.363526
Stronger protection is needed for the confidentiality and integrity of data, because programs containing untrusted code are the rule rather than the exception. Information flow control allows the enforcement of end-to-end security policies, but...

Verifying security protocols with Brutus
S. Jha, E. M. Clarke, W. Marrero
Pages: 443-487
DOI: 10.1145/363516.363528
Due to the rapid growth of the “Internet” and the “World Wide Web” security has become a very important concern in the design and implementation of software systems. Since security has become an important issue, the...

A compiler for analyzing cryptographic protocols using noninterference
Antonio Durante, Roberto Gorrieri, Riccardo Focardi
Pages: 488-528
DOI: 10.1145/363516.363532
The Security Process Algebra (SPA) is a CCS-like specification languag e where actions belong to two different levels of confidentiality. It has been used to define several noninterference-like security properties whose verification has been...