• DocumentCode
    2155100
  • Title

    Practical static analysis for inference of security-related program properties

  • Author

    Liu, Yin ; Milanova, Ana

  • Author_Institution
    Dept. of Comput. Sci., Rensselaer Polytech. Inst., Troy, NY
  • fYear
    2009
  • fDate
    17-19 May 2009
  • Firstpage
    50
  • Lastpage
    59
  • Abstract
    We present a static analysis framework for inference of security-related program properties. Within this framework we design and implement ownership, immutability and information flow inference analyses for Java. We perform empirical investigation on a set of Java components, and on a set of established security benchmarks. The results indicate that the analyses are practical and precise, and therefore can be integrated in program comprehension tools that support reasoning about software security and software quality.
  • Keywords
    Java; security of data; software quality; Java; information flow inference analyses; practical static analysis; security-related program properties; software quality; software security; Application software; Computer science; Computer security; Information analysis; Information security; Java; Programming profession; Software quality; Software tools; Visualization;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Program Comprehension, 2009. ICPC '09. IEEE 17th International Conference on
  • Conference_Location
    Vancouver, BC
  • ISSN
    1092-8138
  • Print_ISBN
    978-1-4244-3998-0
  • Electronic_ISBN
    1092-8138
  • Type

    conf

  • DOI
    10.1109/ICPC.2009.5090027
  • Filename
    5090027