DocumentCode
2155100
Title
Practical static analysis for inference of security-related program properties
Author
Liu, Yin ; Milanova, Ana
Author_Institution
Dept. of Comput. Sci., Rensselaer Polytech. Inst., Troy, NY
fYear
2009
fDate
17-19 May 2009
Firstpage
50
Lastpage
59
Abstract
We present a static analysis framework for inference of security-related program properties. Within this framework we design and implement ownership, immutability and information flow inference analyses for Java. We perform empirical investigation on a set of Java components, and on a set of established security benchmarks. The results indicate that the analyses are practical and precise, and therefore can be integrated in program comprehension tools that support reasoning about software security and software quality.
Keywords
Java; security of data; software quality; Java; information flow inference analyses; practical static analysis; security-related program properties; software quality; software security; Application software; Computer science; Computer security; Information analysis; Information security; Java; Programming profession; Software quality; Software tools; Visualization;
fLanguage
English
Publisher
ieee
Conference_Titel
Program Comprehension, 2009. ICPC '09. IEEE 17th International Conference on
Conference_Location
Vancouver, BC
ISSN
1092-8138
Print_ISBN
978-1-4244-3998-0
Electronic_ISBN
1092-8138
Type
conf
DOI
10.1109/ICPC.2009.5090027
Filename
5090027
Link To Document