Improving application security with data flow assertions
Alexander Yip,Xi Wang,Nickolai Zeldovich,M. Frans Kaashoek +3 more
- 11 Oct 2009
- pp 291-304
TL;DR: Using Resin, Web application programmers can prevent a range of problems, from SQL injection and cross-site scripting, to inadvertent password disclosure and missing access control checks, by allowing programmers to specify application-level data flow assertions.
read more
Abstract: Resin is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. Resin provides policy objects, which programmers use to specify assertion code and metadata; data tracking, which allows programmers to associate assertions with application data, and to keep track of assertions as the data flow through the application; and filter objects, which programmers use to define data flow boundaries at which assertions are checked. Resin's runtime checks data flow assertions by propagating policy objects along with data, as that data moves through the application, and then invoking filter objects when data crosses a data flow boundary, such as when writing data to the network or a file.Using Resin, Web application programmers can prevent a range of problems, from SQL injection and cross-site scripting, to inadvertent password disclosure and missing access control checks. Adding a Resin assertion to an application requires few changes to the existing application code, and an assertion can reuse existing code and data structures. For instance, 23 lines of code detect and prevent three previously-unknown missing access control vulnerabilities in phpBB, a popular Web forum application. Other assertions comprising tens of lines of code prevent a range of vulnerabilities in Python and PHP applications. A prototype of Resin incurs a 33% CPU overhead running the HotCRP conference management application.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones
William Enck,Peter Gilbert,Seungyeop Han,Vasant Tendulkar,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +8 more
TL;DR: TaintDroid as mentioned in this paper is an efficient, system-wide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data by leveraging Android's virtualized execution environment.
TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones
William Enck,Peter Gilbert,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +6 more
- 04 Oct 2010
TL;DR: Using TaintDroid to monitor the behavior of 30 popular third-party Android applications, this work found 68 instances of misappropriation of users' location and device identification information across 20 applications.
CryptDB: protecting confidentiality with encrypted query processing
Raluca Ada Popa,Catherine M. S. Redfield,Nickolai Zeldovich,Hari Balakrishnan +3 more
- 23 Oct 2011
TL;DR: The evaluation shows that CryptDB has low overhead, reducing throughput by 14.5% for phpBB, a web forum application, and by 26% for queries from TPC-C, compared to unmodified MySQL.
TaintDroid: an information flow tracking system for real-time privacy monitoring on smartphones
William Enck,Peter Gilbert,Byung-Gon Chun,Landon P. Cox,Jaeyeon Jung,Patrick McDaniel,Anmol Sheth +6 more
TL;DR: TaintDroid as mentioned in this paper is an efficient, systemwide dynamic taint tracking and analysis system capable of simultaneously tracking multiple sources of sensitive data by leveraging Android's virtualized execution environment.
327
DeFlaker: automatically detecting flaky tests
Jonathan Bell,Owolabi Legunsen,Michael Hilton,Lamyaa Eloussi,Tifany Yung,Darko Marinov +5 more
- 27 May 2018
TL;DR: This work presents the first extensive evaluation of rerunning failing tests and proposes a new technique, called DeFlaker, that detects if a test failure is due to a flaky test without rerunning and with very low runtime overhead.
References
A lattice model of secure information flow
TL;DR: The model provides a unifying view of all systems that restrict information flow, enables a classification of them according to security objectives, and suggests some new approaches to formulating the requirements of secure information flow among security classes.
The Ponder Policy Specification Language
Nicodemos Damianou,Naranker Dulay,Emil Lupu,Morris Sloman +3 more
- 29 Jan 2001
TL;DR: The Ponder language provides a common means of specifying security policies that map onto various access control implementation mechanisms for firewalls, operating systems, databases and Java.
•Journal Article
Boogie: a modular reusable verifier for object-oriented programs
TL;DR: A program verifier as discussed by the authors is a complex system that uses compiler technology, program semantics, property inference, verification-condition generation, automatic decision procedures, and a user interface, such as a graphical user interface.
759
Protecting privacy using the decentralized label model
Andrew C. Myers,Barbara Liskov +1 more
TL;DR: The article introduces the language Jif, an extension to Java that provides static checking of information flow using the decentralized label model, which improves on existing multilevel security models by allowing users to declassify information in a decentralized way, and by improving support for fine-grained data sharing.
616
Labels and event processes in the asbestos operating system
Petros Efstathopoulos,Maxwell Krohn,Steve VanDeBogart,Cliff Frey,David A. Ziegler,Eddie Kohler,David Mazières,M. Frans Kaashoek,Robert Morris +8 more
- 20 Oct 2005
TL;DR: A new event process abstraction provides lightweight, isolated contexts within a single process, allowing the same process to act on behalf of multiple users while preventing it from leaking any single user's data to any other user.