Formalisation of a capability machine and principles for reasoning about security properties
Primary LanguageCoqOtherNOASSERTION