T. Dierks and C. Allen, The TLS protocol version 1, 1999.
DOI : 10.17487/rfc2246

A. Smith, Open source, open standards and re-use: Government action plan, 2009.

P. Pietzuch, D. Eyers, S. Kounev, and B. Shand, Towards a common API for publish/subscribe, Proceedings of the 2007 inaugural international conference on Distributed event-based systems , DEBS '07, pp.152-157, 2007.
DOI : 10.1145/1266894.1266924

D. E. Bell, L. Padula, and L. J. , Secure computer systems: Mathematical foundations and model, The MITRE Corp, 1973.

A. Myers and B. Liskov, Protecting privacy using the decentralized label model, ACM Transactions on Software Engineering and Methodology, vol.9, issue.4, pp.410-442, 2000.
DOI : 10.1145/363516.363526

M. Krohn, A. Yip, and M. Brodsky, Information flow control for standard OS abstractions, SOSP '07, pp.321-334, 2007.

M. Migliavacca, I. Papagiannis, D. Eyers, B. Shand, J. Bacon et al., High-performance event processing with information security, USENIX Annual Technical Conference, pp.1-15, 2010.

J. Bacon, K. Moody, and W. Yao, A model of OASIS role-based access control and its support for active security, ACM Transactions on Information and System Security, vol.5, issue.4, pp.492-540, 2002.
DOI : 10.1145/581271.581276

J. Singh, L. Vargas, and J. Bacon, A model for controlling data flow in distributed healthcare environments, The Proceedings of the Second ICST International Conference on Pervasive Computing Technologies for Healthcare, pp.188-191, 2008.
DOI : 10.4108/ICST.PERVASIVEHEALTH2008.2572

C. Neuman, T. Yu, S. Hartman, and K. Raeburn, RFC 4120: The Kerberos network authentication service (V5), 2005.

D. Chadwick, G. Zhao, S. Otenko, R. Laborde, L. Su et al., PERMIS: a modular authorization infrastructure, Concurrency and Computation: Practice and Experience, vol.23, issue.4, pp.1341-1357, 2008.
DOI : 10.1002/cpe.1284

. Oasis-security and T. Services, Security assertion markup language (SAML) V2.0 technical overview, Committee Draft, p.2, 2008.

E. Hammer-lahav, RFC 5849: The OAuth 1.0 protocol, 2010.

J. Singh, D. M. Eyers, and J. Bacon, Controlling historical information dissemination in publish/subscribe, Proceedings of the 2008 workshop on Middleware security, MidSec '08, pp.34-39, 2008.
DOI : 10.1145/1463342.1463349

. Google, App Engine Java overview, 2010.

M. Migliavacca, I. Papagiannis, D. M. Eyers, B. Shand, J. Bacon et al., Distributed Middleware Enforcement of Event Flow Security Policy, 11th International ACM/IFIP/USENIX Middleware Conference, 2010.
DOI : 10.1007/978-3-642-16955-7_17
URL : https://hal.archives-ouvertes.fr/hal-01055277

J. Bacon, D. M. Eyers, J. Singh, B. Shand, M. Migliavacca et al., Security in multi-domain event-based systems, it -Information Technology, vol.51, issue.5, pp.277-284, 2009.

C. Duhigg, Stock traders find speed pays, in milliseconds. The New York Times, 2009.

E. London-stock, Exchange hosting. http://www.londonstockexchange. com/traders-and-brokers/products-services, 2010.

I. Papagiannis, M. Migliavacca, D. M. Eyers, B. Shand, J. Bacon et al., Enforcing user privacy in web applications using Erlang, 2010.

D. Evans and D. M. Eyers, Efficient Policy Checking across Administrative Domains, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks, 2010.
DOI : 10.1109/POLICY.2010.36

D. Evans, D. M. Eyers, and J. Bacon, Linking Policies to the Spatial Environment, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks, 2010.
DOI : 10.1109/POLICY.2010.31

J. J. Meyer and R. J. Wieringa, Deontic Logic in Computer Science, 1993.

D. Evans and D. M. Eyers, Deontic logic for modelling data flow and use compliance, Proceedings of the 6th international workshop on Middleware for pervasive and ad-hoc computing, MPAC '08, pp.19-24, 2008.
DOI : 10.1145/1462789.1462793