Title :
Language-based security analysis of database applications
Author_Institution :
Dept. of Comput. Sci. & Eng., Indian Inst. of Technol., Patna, Patna, India
Abstract :
In today´s information-age, databases are at the heart of information systems. Unauthorized leakage of confidential database information, while computed by the associated database applications, may put the system at risk. Language-based information flow analysis is a promising field of research to detect possible information leakage in any software systems. So far, researchers pay little attention to the case of applications embedding database languages. In this paper, we address the need of proper analysis of data manipulation languages, and we overview the possible extension of language-based approaches to the case of information systems supporting databases at the back-end.
Keywords :
authorisation; database languages; database management systems; confidential database information; data manipulation language; database language; information system; language-based information flow analysis; language-based security analysis; unauthorized leakage; Abstracts; Context; Database languages; Databases; Information systems; Security; Semantics; Database Query Languages; Information System; Language-based Information Flow; Static Analysis;
Conference_Titel :
Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on
Conference_Location :
Hooghly
Print_ISBN :
978-1-4799-4446-0
DOI :
10.1109/C3IT.2015.7060109
