More Web Proxy on the site http://driver.im/

Article

Modular string-sensitive permission analysis with demand-driven precision

Authors:

Takaaki Tateishi,

Barbara G. Ryder,

Julian DolbyAuthors Info & Claims

ICSE '09: Proceedings of the 31st International Conference on Software Engineering

Pages 177 - 187

https://doi.org/10.1109/ICSE.2009.5070519

Published: 16 May 2009 Publication History

Abstract

In modern software systems, programs are obtained by dynamically assembling components. This has made it necessary to subject component providers to access-control restrictions. What permissions should be granted to each component? Too few permissions may cause run-time authorization failures, too many constitute a security hole. We have designed and implemented a composite algorithm for precise static permission analysis for Java and the CLR. Unlike previous work, the analysis is modular and fully integrated with a novel slicing-based string analysis that is used to statically compute the string values defining a permission and disambiguate permission propagation paths. The results of our research prototype on production-level Java code support the effectiveness, practicality, and precision of our techniques, and show outstanding improvement over previous work.

References

[1]

M. Bartoletti, P. Degano, and G. L. Ferrari. Static Analysis for Stack Inspection. In ConCoord 2001.

[2]

A. S. Christensen, A. Møller, and M. I. Schwartzbach. Precise Analysis of String Expressions. In SAS 2003.

Digital Library

[3]

Equinox Project, http://www.eclipse.org.

[4]

U. Erlingsson and F. B. Schneider. IRM Enforcement of Java Stack Inspection. In S&P 2000.

Digital Library

[5]

C. Flanagan and M. Felleisen. Componential Set-based Analysis. TOPLAS, 21(2), 1999.

Digital Library

[6]

L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers. Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2. In USITS 1997.

Digital Library

[7]

G. Grätzer. General Lattice Theory. Birkhäuser, 2nd ed., 2003.

[8]

D. Grove and C. Chambers. A Framework for Call Graph Construction Algorithms. TOPLAS, 23(6), 2001.

Digital Library

[9]

N. Hardy. The Confused Deputy (Or Why Capabilities Might Have Been Invented). OSR, 22(4), 1988.

Digital Library

[10]

S. Horwitz, T. W. Reps, and D. Binkley. Interprocedural Slicing Using Dependence Graphs. In PLDI 1988.

Digital Library

[11]

T. P. Jensen, D. L. Métayer, and T. Thorn. Verification of Control Flow Based Security Properties. In S&P 1999.

[12]

Java String Analyzer, http://www.brics.dk/JSA/.

[13]

L. Koved, M. Pistoia, and A. Kershenbaum. Access Rights Analysis for Java. In OOPSLA 2002.

Digital Library

[14]

P. Meunier, R. B. Findler, and M. Felleisen. Modular Setbased Analysis from Contracts. In POPL 2006.

Digital Library

[15]

Y. Minamide. Static Approximation of Dynamically Generated Web Pages. In WWW 2005.

Digital Library

[16]

A. C. Myers, A. Sabelfeld, and S. Zdancewic. Enforcing Robust Declassification. In CSFW 2004.

Digital Library

[17]

M. Pistoia, A. Banerjee, and D. A. Naumann. Beyond Stack Inspection: A Unified Access Control and Information Flow Security Model. In S&P 2007.

Digital Library

[18]

M. Pistoia, R. J. Flynn, L. Koved, and V. C. Sreedhar. Interprocedural Analysis for Privileged Code Placement and Tainted Variable Detection. In ECOOP 2005.

Digital Library

[19]

F. Pottier, C. Skalka, and S. F. Smith. A Systematic Approach to Static Access Control. In ESOP 2001.

Digital Library

[20]

A. Rountev and B. G. Ryder. Points-to analysis and side-effect analysis for programs built with precompiled library modules. In CC 2001.

Digital Library

[21]

A. Rountev, B. G. Ryder, and W. Landi. Data-Flow Analysis of Program Fragments. In FSE 1999.

Digital Library

[22]

J. H. Saltzer and M. D. Schroeder. The Protection of Information in Computer Systems. In Proceedings of the IEEE, 63, 1975.

[23]

O. Shivers. Control Flow Analysis in Scheme. In PLDI 1998.

Digital Library

[24]

SourceForge.net, http://www.sourceforge.net.

[25]

M. Sridharan, S. J. Fink, and R. Bodík. Thin Slicing. In PLDI 2007.

Digital Library

[26]

IBM Java Security Workbench Development for Java (SWORD4J), http://www.alphaworks.ibm.com/ tech/sword4j.

[27]

T. J. Watson Libraries for Analysis (WALA), http:// wala.sourceforge.net.

[28]

D. S. Wallach and E. W. Felten. Understanding Java Stack Inspection. In S&P 1998.

[29]

G. Wassermann and Z. Su. Sound and Precise Analysis of Web Applications for Injection Vulnerabilities. In PLDI 2007.

Digital Library

[30]

F. Yu, T. Bultan, M. Cova, and O. H. Ibarra. Symbolic String Verification: An Automata-Based Approach. In SPIN 2008.

Digital Library

[31]

W. Zhang and B. G. Ryder. Automatic Construction of Accurate Application Call Graph with Library Call Abstraction. Journal of Software Maintenance and Evolution, 19(4), 2007.

Digital Library

Cited By

Pailoor SWang XShacham HDillig I(2020)Automated policy synthesis for system call sandboxingProceedings of the ACM on Programming Languages10.1145/34282034:OOPSLA(1-26)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428203
van Ginkel NDe Groef WMassacci FPiessens FTolomei G(2019)A Server-Side JavaScript Security Architecture for Secure Integration of Third-Party LibrariesSecurity and Communication Networks10.1155/2019/96290342019Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.1155/2019/9629034
Li DLyu YWan MHalfond WDi Nitto EHarman MHeymans P(2015)String analysis for Java and Android applicationsProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786879(661-672)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786879
Show More Cited By

Index Terms

Modular string-sensitive permission analysis with demand-driven precision
1. General and reference
  1. Cross-computing tools and techniques
    1. Reliability
2. Software and its engineering
  1. Software notations and tools
  2. Software organization and properties
    1. Extra-functional properties
      1. Software reliability

Recommendations

Demand-driven context-sensitive alias analysis for Java
ISSTA '11: Proceedings of the 2011 International Symposium on Software Testing and Analysis

Software tools for program understanding, transformation, verification, and testing often require an efficient yet highly-precise alias analysis. Typically this is done by computing points-to information, from which alias queries can be answered. This ...
Demand-driven pointer analysis

Known algorithms for pointer analysis are “global” in the sense that they perform an exhaustive analysis of a program or program component. In this paper we introduce a demand-driven approach for pointer analysis. Specifically, we describe a demand-...
Bidirectionality in flow-sensitive demand-driven analysis
Abstract
Demand-driven methods for program analysis have primarily been viewed as efficient algorithms for computing the same information as the corresponding exhaustive methods, but for a given set of demands. We explore demand-driven flow-...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '09: Proceedings of the 31st International Conference on Software Engineering

May 2009

643 pages

ISBN:9781424434534

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

IEEE Computer Society

United States

Publication History

Published: 16 May 2009

Check for updates

Qualifiers

Article

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
226
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 16 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Pailoor SWang XShacham HDillig I(2020)Automated policy synthesis for system call sandboxingProceedings of the ACM on Programming Languages10.1145/34282034:OOPSLA(1-26)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428203
van Ginkel NDe Groef WMassacci FPiessens FTolomei G(2019)A Server-Side JavaScript Security Architecture for Secure Integration of Third-Party LibrariesSecurity and Communication Networks10.1155/2019/96290342019Online publication date: 1-Jan-2019
https://dl.acm.org/doi/10.1155/2019/9629034
Li DLyu YWan MHalfond WDi Nitto EHarman MHeymans P(2015)String analysis for Java and Android applicationsProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786879(661-672)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786879
Hermann BReif MEichberg MMezini MDi Nitto EHarman MHeymans P(2015)Getting to know you: towards a capability model for JavaProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786829(758-769)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786829
Margoor AKomondoor R(2015)Two techniques to improve the precision of a demand-driven null-dereference verification approachScience of Computer Programming10.1016/j.scico.2014.09.00698:P4(645-679)Online publication date: 1-Feb-2015
https://dl.acm.org/doi/10.1016/j.scico.2014.09.006
Zou YChen ZZheng YZhang XGao ZPăsăreanu CMarinov D(2014)Virtual DOM coverage for effective testing of dynamic web applicationsProceedings of the 2014 International Symposium on Software Testing and Analysis10.1145/2610384.2610399(60-70)Online publication date: 21-Jul-2014
https://dl.acm.org/doi/10.1145/2610384.2610399
Tateishi TPistoia MTripp O(2013)Path- and index-sensitive string analysis based on monadic second-order logicACM Transactions on Software Engineering and Methodology10.1145/2522920.252292622:4(1-33)Online publication date: 22-Oct-2013
https://dl.acm.org/doi/10.1145/2522920.2522926
Bartel AKlein JLe Traon YMonperrus MGoedicke MMenzies TSaeki M(2012)Automatically securing permission-based software by reducing the attack surface: an application to AndroidProceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering10.1145/2351676.2351722(274-277)Online publication date: 3-Sep-2012
https://dl.acm.org/doi/10.1145/2351676.2351722
Nikiforakis NMeert WYounan YJohns MJoosen W(2011)SessionShieldProceedings of the Third international conference on Engineering secure software and systems10.5555/1946341.1946351(87-100)Online publication date: 9-Feb-2011
https://dl.acm.org/doi/10.5555/1946341.1946351
Tateishi TPistoia MTripp ODwyer MTip F(2011)Path- and index-sensitive string analysis based on monadic second-order logicProceedings of the 2011 International Symposium on Software Testing and Analysis10.1145/2001420.2001441(166-176)Online publication date: 17-Jul-2011
https://dl.acm.org/doi/10.1145/2001420.2001441
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents