Abstract | ||
---|---|---|
his paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the obser- vation that security-sensitive operations performed by a server are characterized by idiomatic resource manipula- tions, called fingerprints. Candidate fingerprints are auto- matically mined by clustering resource manipulations using concept analysis. These fingerprints are then used to iden- tify security-sensitive operations performed by the server. Case studies with three real-world servers show that the approach can be used to identify security-sensitive opera- tions with a few hours of manual effort and modest domain knowledge. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1109/ICSE.2007.54 | ICSE |
Keywords | Field | DocType |
authorization policy enforcement,concept analysis,real-world server,idiomatic resource manipula,clustering resource manipulation,mining security-sensitive operations,security-sensitive opus,security-sensitive operation,tify security-sensitive operation,candidate fingerprint,case study,legacy server,legacy code,lattices,resource management,concolic testing,software systems,linux,software maintenance,file servers,pattern analysis,data mining,static analysis,access control,domain knowledge,authorization,fingerprint recognition,authorisation | Resource management,File server,Software engineering,Domain knowledge,Fingerprint recognition,Computer science,Server,Access control,Legacy code,Cluster analysis,Database | Conference |
ISSN | ISBN | Citations |
0270-5257 | 0-7695-2828-7 | 21 |
PageRank | References | Authors |
1.00 | 20 | 4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Vinod Ganapathy | 1 | 713 | 42.69 |
David King | 2 | 21 | 1.00 |
T Jaeger | 3 | 2635 | 255.67 |
S. Jha | 4 | 7921 | 539.19 |