Modular string-sensitive permission analysis with demand-driven precision

In modern software systems, programs are obtained by dynamically assembling components. This has made it necessary to subject component providers to access-control restrictions. What permissions should be granted to each component? Too few permissions may cause run-time authorization failures, too m...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:2009 IEEE 31st International Conference on Software Engineering s. 177 - 187
Hlavní autoři: Geay, Emmanuel, Pistoia, Marco, Takaaki Tateishi, Ryder, Barbara G., Dolby, Julian
Médium: Konferenční příspěvek
Jazyk:angličtina
Vydáno: Washington, DC, USA IEEE Computer Society 16.05.2009
IEEE
Edice:ACM Conferences
Témata:
Algorithm design and analysis
Authorization
General and reference > Cross-computing tools and techniques > Reliability
Inspection
Java
Laboratories
Permission
Prototypes
Runtime environment
Security
Software and its engineering > Software notations and tools
Software and its engineering > Software organization and properties > Extra-functional properties > Software reliability
Testing
ISBN:9781424434534, 142443453X
ISSN:0270-5257
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:In modern software systems, programs are obtained by dynamically assembling components. This has made it necessary to subject component providers to access-control restrictions. What permissions should be granted to each component? Too few permissions may cause run-time authorization failures, too many constitute a security hole. We have designed and implemented a composite algorithm for precise static permission analysis for Java and the CLR. Unlike previous work, the analysis is modular and fully integrated with a novel slicing-based string analysis that is used to statically compute the string values defining a permission and disambiguate permission propagation paths. The results of our research prototype on production-level Java code support the effectiveness, practicality, and precision of our techniques, and show outstanding improvement over previous work.
ISBN:9781424434534
142443453X
ISSN:0270-5257
DOI:10.1109/ICSE.2009.5070519