References

  1. M. Abadi, M. Burrows, B. W. Lampson & G. D. Plotkin (1993): A Calculus for Access Control in Distributed Systems. ACM Transactions on Programming Languages and Systems 15(4), pp. 706–734, doi:10.1145/155183.155225.
  2. M. S. Ager, O. Danvy & J. Midtgaard (2005): A Functional Correspondence between Monadic Evaluators and Abstract Machines for Languages with Computational Effects. Theoretical Computer Science 342, pp. 4–28, doi:10.1016/j.tcs.2005.06.008.
  3. A. Banerjee & D. A. Naumann (2001): A Simple Semantics and Static Analysis for Java Security. Technical Report CS Report 2001-1. Stevens Institute of Technology. Available at http://www.cs.stevens-tech.edu/~naumann/tr2001.ps.
  4. A. Banerjee & D. A. Naumann (2002): Representation Independence, Confinement and Access Control. In: ACM Symposium on Principles of Programming Languages, pp. 166–177, doi:10.1145/503272.503289.
  5. A. Banerjee & D. A. Naumann (2005): Stack-based Access Control for Secure Information Flow. Journal of Functional Programming 15(2), pp. 131–177, doi:10.1017/S0956796804005453.
  6. F. Besson, T. Blanc, C. Fournet & A. D. Gordon (2004): From Stack Inspection to Access Control: A Security Analysis for Libraries. In: Computer Security Foundations Workshop (CSFW), pp. 61–75, doi:10.1109/CSFW.2004.11.
  7. F. Besson, T. P. Jensen & D. Le Métayer (2001): Model Checking Security Properties of Control Flow Graphs. Journal of Computer Security 9(3), pp. 217–250.
  8. F. Besson, T. de Grenier de Latour & T. P. Jensen (2005): Interfaces for Stack Inspection. Journal of Functional Programming 15(2), pp. 179–217, doi:10.1017/S0956796804005465.
  9. P. Centonze, R. J. Flynn & M. Pistoia (2007): Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies. In: Computer Security Applications Conference (ACSAC), pp. 292–303, doi:10.1109/ACSAC.2007.14.
  10. J. Clements & M. Felleisen (2004): A Tail-recursive Machine with Stack Inspection. ACM Transactions on Programming Languages and Systems 26(6), pp. 1029–1052, doi:10.1145/1034774.1034778.
  11. C. Fournet & A. D. Gordon (2003): Stack inspection: Theory and Variants. ACM Transactions on Programming Languages and Systems 25(3), pp. 360–399, doi:10.1145/641909.641912.
  12. L. Gong (1999): Inside Java 2 Platform Security. Addison-Wesley.
  13. B. A. LaMacchia, S. Lange, M. Lyons, R. Martin & K. T. Price (2002): .NET Framework Security. Addison-Wesley.
  14. M. Pistoia, A. Banerjee & D. A. Naumann (2007): Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model. In: 28th IEEE Symposium on Security and Privacy, pp. 149–163, doi:10.1109/SP.2007.10.
  15. F. Pottier, C. Skalka & S. Smith (2005): A Systematic Approach to Static Access Control. ACM Transactions on Programming Languages and Systems 27(2), pp. 344–382, doi:10.1145/1057387.1057392.
  16. C. Skalka (2002): Types for Programming Language-Based Security. The Johns Hopkins University.
  17. C. Skalka & S. Smith (2000): Static Enforcement of Security with Types. In: International Conference on Functional Programming, pp. 34–45, doi:10.1145/351240.351244.
  18. C. Skalka, S. Smith & D. Van Horn (2008): Types and Trace Effects of Higher Order Programs. Journal of Functional Programming 18(2), pp. 179–249, doi:10.1017/S0956796807006466.
  19. D. Wallach, A. Appel & E. Felten (2000): SAFKASI: A Security Mechanism for Language-based Systems. ACM Transactions on Software Engineering and Methodology 9(4), pp. 341–378, doi:10.1145/363516.363520.
Comments and questions to: eptcs@eptcs.org
For website issues: webmaster@eptcs.org