Language-based security analysis of database applications

Author

Halder, Raju

Author_Institution

Dept. of Comput. Sci. & Eng., Indian Inst. of Technol., Patna, Patna, India

fYear

2015

fDate

7-8 Feb. 2015

Firstpage

1

Lastpage

4

Abstract

In today´s information-age, databases are at the heart of information systems. Unauthorized leakage of confidential database information, while computed by the associated database applications, may put the system at risk. Language-based information flow analysis is a promising field of research to detect possible information leakage in any software systems. So far, researchers pay little attention to the case of applications embedding database languages. In this paper, we address the need of proper analysis of data manipulation languages, and we overview the possible extension of language-based approaches to the case of information systems supporting databases at the back-end.

Keywords

authorisation; database languages; database management systems; confidential database information; data manipulation language; database language; information system; language-based information flow analysis; language-based security analysis; unauthorized leakage; Abstracts; Context; Database languages; Databases; Information systems; Security; Semantics; Database Query Languages; Information System; Language-based Information Flow; Static Analysis;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer, Communication, Control and Information Technology (C3IT), 2015 Third International Conference on

Conference_Location

Hooghly

Print_ISBN

978-1-4799-4446-0

Type

conf

DOI

10.1109/C3IT.2015.7060109

Filename

7060109