Paper presented by Adam Chlipala at the USENIX Symposium on Operating Systems Design and Implementation 2010.

We present a system for sound static checking of security policies for database-backed Web applications. Our tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling who may read or write which cells of these and other tables.

The BBC’s Animation Director incorrectly states “they clearly are not designed to fly”…the BBC should have looked at footage of the penguins underwater instead of just in the air.

Richard Park from Sourcefire has a great write up on managing VMware vShield configurations with perl scripts.

We’ll focus today on how to use the API to programatically make firewall rule changes. Here are some of the things you can do with the API:

• List the current firewall ruleset
• Add new rules
• Get a list of past firewall revisions
• Revert back to a previous ruleset revision

as predicted by Sydney Harris