Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SOSP
2009
ACM
2009
ACM
Improving application security with data flow assertions
RESIN is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. RESIN provides policy objects, which programmers use to specify assertion code and metadata; data tracking, which allows programmers to associate assertions with application data, and to keep track of assertions as the data flow through the application; and filter objects, which programmers use to define data flow boundaries at which assertions are checked. RESIN’s runtime checks data flow assertions by propagating policy objects along with data, as that data moves through the application, and then invoking filter objects when data crosses a data flow boundary, such as when writing data to the network or a file. Using RESIN, Web application programmers can prevent a range of problems, from SQL injection and cross-site scripting, to inadvertent password disclosure and missing access control checks. Adding a RESIN assertion to...
Real-time TrafficApplication Data | Assertions Comprising Tens | Data flow Assertions | Operating System | SOSP 2009 |
Related Content
| Added | 17 Mar 2010 |
| Updated | 17 Mar 2010 |
| Type | Conference |
| Year | 2009 |
| Where | SOSP |
| Authors | Alexander Yip, Xi Wang, Nickolai Zeldovich, M. Frans Kaashoek |
Comments (0)
Researcher Info
|
