H. M. Levy, Capability-Based Computer Systems, 1984.

M. Miller, Robust composition: Towards a unified approach to access control and concurrency control, 2006.

M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay, Safe active content in sanitized javascript

A. S. Tanenbaum, R. Van-renesse, H. Van-staveren, G. J. Sharp, and S. J. Mullender, Experiences with the amoeba distributed operating system, Comm. ACM, 1990.

. Mozilla-developer and . Network, Script security Available: https://developer.mozilla.org/en-US/docs

B. Lampson, Protection, ACM SIGOPS Operating Systems Review, vol.8, issue.1, pp.18-24, 1974.
DOI : 10.1145/775265.775268

R. Sandhu-erlingsson and F. B. Schneider, Role-based access control Advances in Computers, IRM enforcement of Java stack inspection IEEE Symposium on Security and Privacy, pp.237-286, 1998.

A. Birgisson, M. Dhawan, U. Erlingsson, V. Ganapathy, and L. Iftode, Enforcing authorization policies using transactional memory introspection, Proceedings of the 15th ACM conference on Computer and communications security, CCS '08, 2008.
DOI : 10.1145/1455770.1455800

D. Garg and F. Pfenning, Noninference in constructive authorization logic, IEEE Computer Security Foundations Workshop (CSFW), 2006.

M. Miller, K. Yee, J. Shapiro, and C. Inc, Capability myths demolished, 2003.

S. Maffeis, J. C. Mitchell, and A. Taly, Object Capabilities and Isolation of Untrusted Web Applications, 2010 IEEE Symposium on Security and Privacy, 2010.
DOI : 10.1109/SP.2010.16

S. Drossopoulou and J. Noble, The need for capability policies, Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs, FTfJP '13, 2013.
DOI : 10.1145/2489804.2489811

L. Jia, S. Sen, D. Garg, and A. Datta, A Logic of Programs with Interface-Confined Code, 2015 IEEE 28th Computer Security Foundations Symposium, 2015.
DOI : 10.1109/CSF.2015.38

D. Devriese, L. Birkedal, and F. Piessens, Reasoning about Object Capabilities with Logical Relations and Effect Parametricity, 2016 IEEE European Symposium on Security and Privacy (EuroS&P), 2016.
DOI : 10.1109/EuroSP.2016.22

N. Hardy, The Confused Deputy, ACM SIGOPS Operating Systems Review, vol.22, issue.4, pp.36-38, 1988.
DOI : 10.1145/54289.871709

L. Huang, A. Moshchuk, H. J. Wang, S. Schecter, C. J. Mao et al., Clickjacking: Attacks and defenses Information integrity policies, USENIX Security Symposium, 2012. [20] P. Li Workshop on Formal Aspects in Security and Trust (FAST), 2003.

A. Sabelfeld and A. C. Myers, Language-based information-flow security, IEEE Journal on Selected Areas in Communications, vol.21, issue.1, pp.5-19, 2003.
DOI : 10.1109/JSAC.2002.806121

C. Fournet and T. Rezk, Cryptographically sound implementations for typed information-flow security, ACM Symposium on Principles of Programming Languages (POPL), 2008.

S. Saghafi, K. Fisler, and S. Krishnamurthi, Features and object capabilities, Proceedings of the 11th annual international conference on Aspect-oriented Software Development, AOSD '12, 2012.
DOI : 10.1145/2162049.2162053

G. Boudol, Secure Information Flow as a Safety Property, Workshop on Formal Aspects in Security and Trust (FAST), 2008.
DOI : 10.1007/978-3-642-01465-9_2

J. A. Goguen and J. Meseguer, Security Policies and Security Models, 1982 IEEE Symposium on Security and Privacy, 1982.
DOI : 10.1109/SP.1982.10014

A. Mettler, D. Wagner, and T. Close, Joe-E: A securityoriented subset of Java, Network and Distributed System Security Symposium (NDSS), 2010.

A. Chander, J. C. Mitchell, and D. Dean, A state-transition model of trust management and access control, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001., 2001.
DOI : 10.1109/CSFW.2001.930134

T. C. Murray and G. Lowe, Analysing the Information Flow Properties of Object-Capability Patterns, Formal Aspects in Security and Trust, 2009.
DOI : 10.1007/978-3-642-12459-4_7

S. Drossopoulou and J. Noble, How to Break the Bank: Semantics of Capability Policies, International Conference on Integrated Formal Methods (iFM), 2014.
DOI : 10.1007/978-3-319-10181-1_2

C. Dimoulas, S. Moore, A. Askarov, and S. Chong, Declarative Policies for Capability Control, 2014 IEEE 27th Computer Security Foundations Symposium, 2014.
DOI : 10.1109/CSF.2014.9

S. Drossopoulou, J. Noble, and M. S. Miller, Swapsies on the Internet, Proceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security, PLAS'15, 2015.
DOI : 10.1145/2786558.2786564

A. Birgisson, A. Russo, and A. Sabelfeld, Capabilities for information flow, Proceedings of the ACM SIGPLAN 6th Workshop on Programming Languages and Analysis for Security, PLAS '11, 2011.
DOI : 10.1145/2166956.2166961