Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis

14 years 11 months ago

Download www.cs.rutgers.edu

This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints. Candidate fingerprints are automatically mined by clustering resource manipulations using concept analysis. These fingerprints are then used to identify security-sensitive operations performed by the server. Case studies with three real-world servers show that the approach can be used to identify security-sensitive operations with a few hours of manual effort and modest domain knowledge.

Vinod Ganapathy, Dave King 0002, Trent Jaeger, Som

Real-time Traffic

Candidate Fingerprints | ICSE 2007 | Idiomatic Resource Manipulations | Security-sensitive Operations | Software Engineering |

claim paper

Post Info
More Details (n/a)

Added	09 Dec 2009
Updated	09 Dec 2009
Type	Conference
Year	2007
Where	ICSE
Authors	Vinod Ganapathy, Dave King 0002, Trent Jaeger, Somesh Jha

Comments (0)

Sciweavers

Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis

Candidate Fingerprints | ICSE 2007 | Idiomatic Resource Manipulations | Security-sensitive Operations | Software Engineering |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers