Title :
Improving Data Integrity with a Java Mutability Analysis
Author :
Shi, Aiwu ; Naumovich, Gleb
Author_Institution :
Polytech. Univ., Brooklyn
Abstract :
This paper presents a static mutability analysis approach relying on escape information for Java components and uses the techniques to detect the security threats to data integrity before software components are deployed. In order to increase the precision of our analysis, we make a couple of significant modifications to mutability definitions based on previous work in the context of components. We extended our security analysis tool SecDetector with proposed mutability analysis, and used it to find potential threats to data integrity in Java components and lead developers to fix the security flaws. On the benchmarks in our experimental evaluation, we show that our tool can correctly find potential modification access violations with few false positives and provide evidence of the effectiveness of our techniques. While the analysis techniques are in the context of Java code, the basic concepts are applicable to other object-oriented programming languages as well.
Keywords :
Java; data integrity; security of data; Java mutability analysis; SecDetector security analysis tool; data integrity; object-oriented programming languages; potential modification access violations; security threats; software components; Accidents; Computer security; Data security; Information analysis; Information science; Information security; Java; Object oriented programming; Packaging; Software engineering;
Conference_Titel :
Software Engineering Conference, 2007. APSEC 2007. 14th Asia-Pacific
Conference_Location :
Aichi
Print_ISBN :
0-7695-3057-5
DOI :
10.1109/ASPEC.2007.23
