DocumentCode
1955148
Title
Improving perimeter security with security-oriented program transformations
Author
Hafiz, Munawar ; Johnson, Ralph E.
Author_Institution
Univ. of Illinois at Urbana-Champaign, Urbana, IL
fYear
2009
fDate
19-19 May 2009
Firstpage
61
Lastpage
67
Abstract
A security-oriented program transformation maps programs to security-augmented programs, i.e. it introduces a protection mechanism to make programs more secure. Our previous work defined security-oriented program transformations [6], introduced a catalog of transformations [8], and showed how program transformations could be applied to systematically eradicate various types of data injection attacks [9]. This paper shows how security-oriented program transformations could be used to improve the security of a system´s perimeter by introducing authentication, authorization and input validation components. The program transformation examples in this paper are JAVA specific, but the transformations could be implemented to use other authentication and authorization frameworks.
Keywords
object-oriented programming; security of data; JAVA; data injection attack; perimeter security; security-augmented program; security-oriented program transformation; Authentication; Authorization; Conferences; Data security; Design engineering; Filters; Java; Programming profession; Protection; Writing;
fLanguage
English
Publisher
ieee
Conference_Titel
Software Engineering for Secure Systems, 2009. SESS '09. ICSE Workshop on
Conference_Location
Vancouver, BC
Print_ISBN
978-1-4244-3725-2
Type
conf
DOI
10.1109/IWSESS.2009.5068460
Filename
5068460
Link To Document