• DocumentCode
    1955148
  • Title

    Improving perimeter security with security-oriented program transformations

  • Author

    Hafiz, Munawar ; Johnson, Ralph E.

  • Author_Institution
    Univ. of Illinois at Urbana-Champaign, Urbana, IL
  • fYear
    2009
  • fDate
    19-19 May 2009
  • Firstpage
    61
  • Lastpage
    67
  • Abstract
    A security-oriented program transformation maps programs to security-augmented programs, i.e. it introduces a protection mechanism to make programs more secure. Our previous work defined security-oriented program transformations [6], introduced a catalog of transformations [8], and showed how program transformations could be applied to systematically eradicate various types of data injection attacks [9]. This paper shows how security-oriented program transformations could be used to improve the security of a system´s perimeter by introducing authentication, authorization and input validation components. The program transformation examples in this paper are JAVA specific, but the transformations could be implemented to use other authentication and authorization frameworks.
  • Keywords
    object-oriented programming; security of data; JAVA; data injection attack; perimeter security; security-augmented program; security-oriented program transformation; Authentication; Authorization; Conferences; Data security; Design engineering; Filters; Java; Programming profession; Protection; Writing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Software Engineering for Secure Systems, 2009. SESS '09. ICSE Workshop on
  • Conference_Location
    Vancouver, BC
  • Print_ISBN
    978-1-4244-3725-2
  • Type

    conf

  • DOI
    10.1109/IWSESS.2009.5068460
  • Filename
    5068460