Principal Investigator Daniel Jackson
Finding security holes in web applications by lightweight static analysis; eliminates need for explicit security policy by looking for anomalies in access control.