In the early days of the web, content was designed and hosted by a single person, group, or
organization. No longer. Webpages are increasingly composed of content from myriad …

We introduce the RT framework, a family of role-based trust management languages for
representing policies and credentials in distributed authorization. RT combines the strengths of …

This book presents a framework for the analysis of syntactic, operational and semantic
properties of programming languages. The framework is based on a mathematical system called …

A methodology is presented for using a general-purpose state enumeration tool, Mur/spl phi/,
to analyze cryptographic and security-related protocols. We illustrate the feasibility of the …

Abstract data type declarations appear in typed programming languages like Ada, Alphard,
CLU and ML. This form of declaration binds a list of identifiers to a type with associated …

Web spoofing is a significant problem involving fraudulent email and web sites that trick
unsuspecting users into revealing private information. We discuss some aspects of common …

Cross-Site Request Forgery (CSRF) is a widely exploited web site vulnerability. In this paper,
we present a new variation on CSRF attacks, login CSRF, in which the attacker forges a …

Sesquiterpene lactones are characteristic constituents of the Compositae but also occur
sporadically in other angiosperm families and even in some liverworts. These bitter substances …

Contextual integrity is a conceptual framework for understanding privacy expectations and
their implications developed in the literature on law, public policy, and political philosophy. …

The idea of the social network is becoming increasingly popular among both social
anthropologists and sociologists as one way of understanding behavior, par ญ ticularly in larger …