Sciweavers

Share
SCAM
2005
IEEE

Static Analysis for Computing Escapability and Mutability for Java Components

10 years 9 months ago
Static Analysis for Computing Escapability and Mutability for Java Components
A common theme in information security is protection of trusted software components against unauthorized access by untrusted users. In the context of distributed object technologies, such as Enterprise Java Beans, this means preventing leaks of sensitive information to untrusted users, as well as preventing untrusted users from modifying sensitive information. In this paper, we propose an approach for identification and classification of potentially sensitive information that can leak out of trusted software components to untrusted parties. Unlike the current approaches to securing information flow by extending the type system, our technique is based on static points-to, data- and control-dependence, and object mutability analyses.
Aiwu Shi, Gleb Naumovich
Added 25 Jun 2010
Updated 25 Jun 2010
Type Conference
Year 2005
Where SCAM
Authors Aiwu Shi, Gleb Naumovich
Comments (0)
books