Static Analysis for Computing Escapability and Mutability for Java Components

14 years 5 months ago

Download www.dcs.kcl.ac.uk

A common theme in information security is protection of trusted software components against unauthorized access by untrusted users. In the context of distributed object technologies, such as Enterprise Java Beans, this means preventing leaks of sensitive information to untrusted users, as well as preventing untrusted users from modifying sensitive information. In this paper, we propose an approach for identiﬁcation and classiﬁcation of potentially sensitive information that can leak out of trusted software components to untrusted parties. Unlike the current approaches to securing information ﬂow by extending the type system, our technique is based on static points-to, data- and control-dependence, and object mutability analyses.

Aiwu Shi, Gleb Naumovich

Real-time Traffic

SCAM 2005 | Sensitive Information | Software Components | Software Engineering | Untrusted Users |

claim paper

Post Info
More Details (n/a)

Added	25 Jun 2010
Updated	25 Jun 2010
Type	Conference
Year	2005
Where	SCAM
Authors	Aiwu Shi, Gleb Naumovich

Comments (0)

Sciweavers

Static Analysis for Computing Escapability and Mutability for Java Components

SCAM 2005 | Sensitive Information | Software Components | Software Engineering | Untrusted Users |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers