M. Abadi, M. Burrows, B. W. Lampson & G. D. Plotkin (1993):
A Calculus for Access Control in Distributed Systems.
ACM Transactions on Programming Languages and Systems 15(4),
pp. 706–734,
doi:10.1145/155183.155225.
M. S. Ager, O. Danvy & J. Midtgaard (2005):
A Functional Correspondence between Monadic Evaluators and Abstract Machines for Languages with Computational Effects.
Theoretical Computer Science 342,
pp. 4–28,
doi:10.1016/j.tcs.2005.06.008.
A. Banerjee & D. A. Naumann (2001):
A Simple Semantics and Static Analysis for Java Security.
Technical Report CS Report 2001-1.
Stevens Institute of Technology.
Available at http://www.cs.stevens-tech.edu/~naumann/tr2001.ps.
A. Banerjee & D. A. Naumann (2002):
Representation Independence, Confinement and Access Control.
In: ACM Symposium on Principles of Programming Languages,
pp. 166–177,
doi:10.1145/503272.503289.
A. Banerjee & D. A. Naumann (2005):
Stack-based Access Control for Secure Information Flow.
Journal of Functional Programming 15(2),
pp. 131–177,
doi:10.1017/S0956796804005453.
F. Besson, T. Blanc, C. Fournet & A. D. Gordon (2004):
From Stack Inspection to Access Control: A Security Analysis for Libraries.
In: Computer Security Foundations Workshop (CSFW),
pp. 61–75,
doi:10.1109/CSFW.2004.11.
F. Besson, T. P. Jensen & D. Le Métayer (2001):
Model Checking Security Properties of Control Flow Graphs.
Journal of Computer Security 9(3),
pp. 217–250.
F. Besson, T. de Grenier de Latour & T. P. Jensen (2005):
Interfaces for Stack Inspection.
Journal of Functional Programming 15(2),
pp. 179–217,
doi:10.1017/S0956796804005465.
P. Centonze, R. J. Flynn & M. Pistoia (2007):
Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies.
In: Computer Security Applications Conference (ACSAC),
pp. 292–303,
doi:10.1109/ACSAC.2007.14.
J. Clements & M. Felleisen (2004):
A Tail-recursive Machine with Stack Inspection.
ACM Transactions on Programming Languages and Systems 26(6),
pp. 1029–1052,
doi:10.1145/1034774.1034778.
C. Fournet & A. D. Gordon (2003):
Stack inspection: Theory and Variants.
ACM Transactions on Programming Languages and Systems 25(3),
pp. 360–399,
doi:10.1145/641909.641912.
L. Gong (1999):
Inside Java 2 Platform Security.
Addison-Wesley.
B. A. LaMacchia, S. Lange, M. Lyons, R. Martin & K. T. Price (2002):
.NET Framework Security.
Addison-Wesley.
M. Pistoia, A. Banerjee & D. A. Naumann (2007):
Beyond Stack Inspection: A Unified Access-Control and Information-Flow Security Model.
In: 28th IEEE Symposium on Security and Privacy,
pp. 149–163,
doi:10.1109/SP.2007.10.
F. Pottier, C. Skalka & S. Smith (2005):
A Systematic Approach to Static Access Control.
ACM Transactions on Programming Languages and Systems 27(2),
pp. 344–382,
doi:10.1145/1057387.1057392.
C. Skalka (2002):
Types for Programming Language-Based Security.
The Johns Hopkins University.
C. Skalka & S. Smith (2000):
Static Enforcement of Security with Types.
In: International Conference on Functional Programming,
pp. 34–45,
doi:10.1145/351240.351244.
C. Skalka, S. Smith & D. Van Horn (2008):
Types and Trace Effects of Higher Order Programs.
Journal of Functional Programming 18(2),
pp. 179–249,
doi:10.1017/S0956796807006466.
D. Wallach, A. Appel & E. Felten (2000):
SAFKASI: A Security Mechanism for Language-based Systems.
ACM Transactions on Software Engineering and Methodology 9(4),
pp. 341–378,
doi:10.1145/363516.363520.