Title :
Team Edit Automata for Testing Security Property
Author :
Yang, Zhenrong ; Hanna, Aiman ; Debbabi, Mourad
Author_Institution :
Concordia Univ., Montreal
Abstract :
This paper introduces a mathematical model, called team edit automata, for evaluating software security properties. We use the model to describe security properties and their correlation in the software programs. The component automata can suppress and insert actions and report possible flaws. They are used to specify individual security properties. The team is composed of multiple component automata interacting through shared actions. It models the situation where some program events are concerned by multiple security properties jointly. The paper concludes by a case study of detecting memory management and pointer manipulation flaws in C/C++ programs.
Keywords :
C++ language; automata theory; object-oriented programming; program testing; security of data; storage management; C/C++ programs; component automata; mathematical model; memory management flaw; pointer manipulation flaws; software security property testing; team edit automata; Automata; Automatic testing; Information security; Information systems; Instruments; Mathematical model; Memory management; Safety; Software testing; System testing;
Conference_Titel :
Information Assurance and Security, 2007. IAS 2007. Third International Symposium on
Conference_Location :
Manchester
Print_ISBN :
0-7695-2876-7
Electronic_ISBN :
978-0-7695-2876-2
DOI :
10.1109/IAS.2007.45
