مرکز منطقه ای اطلاع رساني علوم و فناوري - Practical static analysis for inference of security-related program properties

DocumentCode :

2155100

Title :

Practical static analysis for inference of security-related program properties

Author :

Liu, Yin ; Milanova, Ana

Author_Institution :

Dept. of Comput. Sci., Rensselaer Polytech. Inst., Troy, NY

fYear :

2009

fDate :

17-19 May 2009

Firstpage :

Lastpage :

Abstract :

We present a static analysis framework for inference of security-related program properties. Within this framework we design and implement ownership, immutability and information flow inference analyses for Java. We perform empirical investigation on a set of Java components, and on a set of established security benchmarks. The results indicate that the analyses are practical and precise, and therefore can be integrated in program comprehension tools that support reasoning about software security and software quality.

Keywords :

Java; security of data; software quality; Java; information flow inference analyses; practical static analysis; security-related program properties; software quality; software security; Application software; Computer science; Computer security; Information analysis; Information security; Java; Programming profession; Software quality; Software tools; Visualization;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Program Comprehension, 2009. ICPC '09. IEEE 17th International Conference on

Conference_Location :

Vancouver, BC

ISSN :

1092-8138

Print_ISBN :

978-1-4244-3998-0

Electronic_ISBN :

1092-8138

Type :

conf

DOI :

10.1109/ICPC.2009.5090027

Filename :

5090027

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2155100