Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis
| dc.contributor.author | Ganapathy, Vinod | en_US |
| dc.contributor.author | King, Dave | en_US |
| dc.contributor.author | Jaeger, Trent | en_US |
| dc.contributor.author | Jha, Somesh | en_US |
| dc.date.accessioned | 2012-03-15T17:21:11Z | |
| dc.date.available | 2012-03-15T17:21:11Z | |
| dc.date.created | 2006 | en_US |
| dc.date.issued | 2006 | |
| dc.description.abstract | We present an approach based on concept analysis to retrofit legacy servers with mechanisms for authorization policy enforcement. Our approach is based upon the observation that security-sensitive operations are characterized by idiomatic resource manipulations, called fingerprints. We statically mine fingerprints using concept analysis and then use them to identify security-sensitive operations and locate where they are performed by the server. Case studies with three real-world servers show that our approach is affordable and effective. We were able to identify security-sensitive operations for each of these servers with a few hours of manual effort and modest domain knowledge. | en_US |
| dc.format.mimetype | application/pdf | en_US |
| dc.identifier.citation | TR1580 | en_US |
| dc.identifier.uri | http://digital.library.wisc.edu/1793/60534 | |
| dc.publisher | University of Wisconsin-Madison Department of Computer Sciences | en_US |
| dc.title | Mining Security-Sensitive Operations in Legacy Code Using Concept Analysis | en_US |
| dc.type | Technical Report | en_US |
Files
Original bundle
1 - 1 of 1