Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis

14 years 4 months ago

Download www.cs.rutgers.edu

This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints. Candidate fingerprints are automatically mined by clustering resource manipulations using concept analysis. These fingerprints are then used to identify security-sensitive operations performed by the server. Case studies with three real-world servers show that the approach can be used to identify security-sensitive operations with a few hours of manual effort and modest domain knowledge.

Vinod Ganapathy, Dave King 0002, Trent Jaeger, Som

Real-time Traffic

Candidate Fingerprints | ICSE 2007 | Idiomatic Resource Manipulations | Security-sensitive Operations | Software Engineering |

claim paper

Post Info
More Details (n/a)

Added	09 Dec 2009
Updated	09 Dec 2009
Type	Conference
Year	2007
Where	ICSE
Authors	Vinod Ganapathy, Dave King 0002, Trent Jaeger, Somesh Jha

Comments (0)

Sciweavers

Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis

Candidate Fingerprints | ICSE 2007 | Idiomatic Resource Manipulations | Security-sensitive Operations | Software Engineering |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers