Sciweavers

ICSE
2009
IEEE-ACM

Modular string-sensitive permission analysis with demand-driven precision

15 years 1 months ago
Modular string-sensitive permission analysis with demand-driven precision
In modern software systems, programs are obtained by dynamically assembling components. This has made it necessary to subject component providers to access-control restrictions. What permissions should be granted to each component? Too few permissions may cause run-time authorization failures, too many constitute a security hole. We have designed and implemented a composite algorithm for precise static permission analysis for Java and the CLR. Unlike previous work, the analysis is modular and fully integrated with a novel slicing-based string analysis that is used to statically compute the string values defining a permission and disambiguate permission propagation paths. The results of our research prototype on production-level Java code support the effectiveness, practicality, and precision of our techniques, and show outstanding improvement over previous work.
Emmanuel Geay, Marco Pistoia, Takaaki Tateishi, Ba
Added 17 Nov 2009
Updated 17 Nov 2009
Type Conference
Year 2009
Where ICSE
Authors Emmanuel Geay, Marco Pistoia, Takaaki Tateishi, Barbara G. Ryder, Julian Dolby
Comments (0)