Title :
Reducing Unnecessary Conservativeness in Access Rights Analysis with String Analysis
Author :
Koganeyama, Mika ; Tabuchi, Naoshi ; Tateishi, Takaaki
Author_Institution :
Tokyo Res. Lab., Tokyo
Abstract :
The JavaTM2 runtime system has a security mechanism which guarantees the code under execution has appropriate access permissions to a certain system resource. Use of this security mechanism requires access control policies to specify what operations are permitted on each such resource at each program point. Previous work proposed a program analysis algorithm to statically infer a semi-optimal policy set from given program text. However the proposed method cannot calculate the optimal policy when the target resource is determined by string values at run-time, since it does not keep track of all potential string values generated through built-in or user-defined methods. This results in generating excessive access policies where actually unnecessary resource accesses are permitted. To overcome such limitations, we apply static string analysis to program variables relevant to access control policies. This paper shows that unnecessary permissions can be reduced with string analysis by applying it to analyzing open-source libraries.
Keywords :
Java; authorisation; program diagnostics; public domain software; software libraries; string matching; Java2 runtime system; access control policies; access permissions; access rights analysis; open-source libraries; static string analysis; unnecessary conservativeness reduction; Access control; Algorithm design and analysis; Failure analysis; Java; Libraries; Open source software; Permission; Runtime; Security; Testing;
Conference_Titel :
Software Engineering Conference, 2007. APSEC 2007. 14th Asia-Pacific
Conference_Location :
Aichi
Print_ISBN :
0-7695-3057-5
DOI :
10.1109/ASPEC.2007.47
