Security Framework to Verify the Low Level Implementation Codes
With the development of web-application, especially E-commerce, many software designers need to incorporate either low-level security functionalities into their programs. This involves the implementation of security features using Java Cryptography Architecture (JCA), Java Cryptography Extension (JC...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Tagungsbericht |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | 61 |
|---|---|
| container_issue | |
| container_start_page | 52 |
| container_title | |
| container_volume | |
| creator | Kim, Haeng-Kon Yang, Hae-Sool |
| description | With the development of web-application, especially E-commerce, many software designers need to incorporate either low-level security functionalities into their programs. This involves the implementation of security features using Java Cryptography Architecture (JCA), Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE) API provided by Sun Corporation [1]. Through our discovery, we find that many functional security related features in software systems are usually implemented by a few methods. The use of these methods results to some necessary structural patterns in reduced control flow graph of the program. In this papers, we present our way to recover the security features by recognizing these methods invocations automatically and transform the reduced control flow graph to state transition diagram through functional abstractions. We believe that it would not only facilitate the comprehension of the security framework implemented in the program, but also make the further verification of the security features possible. |
| doi_str_mv | 10.1007/11424826_6 |
| format | Conference Proceeding |
| fullrecord | <record><control><sourceid>pascalfrancis_sprin</sourceid><recordid>TN_cdi_pascalfrancis_primary_16990991</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>16990991</sourcerecordid><originalsourceid>FETCH-LOGICAL-p218t-a7105aabfa81628fac09c4627f2a8f3242978c82aa2cf22606aa7c71e4325de73</originalsourceid><addsrcrecordid>eNpFkEtLAzEUheMLrLUbf0E2gpvR5CaTx0qkWC0MuPCxHW7TRMfOi2Rs6b-3UtHVWXyHw-Ej5IKza86YvuFcgjSgSnVAJlYbkUsmgElpD8mIK84zIaQ9-mOQG8XhmIyYYJBZLcUpOUvpkzEG2sKI3D579xWrYUtnERu_6eKKDh1987EKWzp8eFp0G1r4ta_pvOlr3_h2wKHqWjrtlj6dk5OAdfKT3xyT19n9y_QxK54e5tO7IuuBmyFDzVmOuAhouAIT0DHrpAIdAE0QIGF32BlABBcAFFOI2mnupYB86bUYk8v9bo_JYR0itq5KZR-rBuO25MpaZi3f9a72vbRD7buP5aLrVqnkrPwRWP4LFN9fxlw9</addsrcrecordid><sourcetype>Index Database</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Security Framework to Verify the Low Level Implementation Codes</title><source>Springer Books</source><creator>Kim, Haeng-Kon ; Yang, Hae-Sool</creator><contributor>Gervasi, Osvaldo ; Gavrilova, Marina L. ; Taniar, David ; Laganà, Antonio ; Mun, Youngsong ; Lee, Heow Pueh ; Tan, Chih Jeng Kenneth ; Kumar, Vipin</contributor><creatorcontrib>Kim, Haeng-Kon ; Yang, Hae-Sool ; Gervasi, Osvaldo ; Gavrilova, Marina L. ; Taniar, David ; Laganà, Antonio ; Mun, Youngsong ; Lee, Heow Pueh ; Tan, Chih Jeng Kenneth ; Kumar, Vipin</creatorcontrib><description>With the development of web-application, especially E-commerce, many software designers need to incorporate either low-level security functionalities into their programs. This involves the implementation of security features using Java Cryptography Architecture (JCA), Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE) API provided by Sun Corporation [1]. Through our discovery, we find that many functional security related features in software systems are usually implemented by a few methods. The use of these methods results to some necessary structural patterns in reduced control flow graph of the program. In this papers, we present our way to recover the security features by recognizing these methods invocations automatically and transform the reduced control flow graph to state transition diagram through functional abstractions. We believe that it would not only facilitate the comprehension of the security framework implemented in the program, but also make the further verification of the security features possible.</description><identifier>ISSN: 0302-9743</identifier><identifier>ISBN: 9783540258612</identifier><identifier>ISBN: 3540258612</identifier><identifier>ISBN: 9783540258605</identifier><identifier>ISBN: 3540258604</identifier><identifier>EISSN: 1611-3349</identifier><identifier>EISBN: 9783540320449</identifier><identifier>EISBN: 354032044X</identifier><identifier>DOI: 10.1007/11424826_6</identifier><language>eng</language><publisher>Berlin, Heidelberg: Springer Berlin Heidelberg</publisher><subject>Applied sciences ; Computer science; control theory; systems ; Exact sciences and technology ; Reduced Control Flow Graph ; Security features ; Slicing ; State Transition Diagram</subject><ispartof>Computational Science and Its Applications – ICCSA 2005, 2005, p.52-61</ispartof><rights>Springer-Verlag Berlin Heidelberg 2005</rights><rights>2005 INIST-CNRS</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/11424826_6$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/11424826_6$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>309,310,775,776,780,785,786,789,4036,4037,27902,38232,41418,42487</link.rule.ids><backlink>$$Uhttp://pascal-francis.inist.fr/vibad/index.php?action=getRecordDetail&idt=16990991$$DView record in Pascal Francis$$Hfree_for_read</backlink></links><search><contributor>Gervasi, Osvaldo</contributor><contributor>Gavrilova, Marina L.</contributor><contributor>Taniar, David</contributor><contributor>Laganà, Antonio</contributor><contributor>Mun, Youngsong</contributor><contributor>Lee, Heow Pueh</contributor><contributor>Tan, Chih Jeng Kenneth</contributor><contributor>Kumar, Vipin</contributor><creatorcontrib>Kim, Haeng-Kon</creatorcontrib><creatorcontrib>Yang, Hae-Sool</creatorcontrib><title>Security Framework to Verify the Low Level Implementation Codes</title><title>Computational Science and Its Applications – ICCSA 2005</title><description>With the development of web-application, especially E-commerce, many software designers need to incorporate either low-level security functionalities into their programs. This involves the implementation of security features using Java Cryptography Architecture (JCA), Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE) API provided by Sun Corporation [1]. Through our discovery, we find that many functional security related features in software systems are usually implemented by a few methods. The use of these methods results to some necessary structural patterns in reduced control flow graph of the program. In this papers, we present our way to recover the security features by recognizing these methods invocations automatically and transform the reduced control flow graph to state transition diagram through functional abstractions. We believe that it would not only facilitate the comprehension of the security framework implemented in the program, but also make the further verification of the security features possible.</description><subject>Applied sciences</subject><subject>Computer science; control theory; systems</subject><subject>Exact sciences and technology</subject><subject>Reduced Control Flow Graph</subject><subject>Security features</subject><subject>Slicing</subject><subject>State Transition Diagram</subject><issn>0302-9743</issn><issn>1611-3349</issn><isbn>9783540258612</isbn><isbn>3540258612</isbn><isbn>9783540258605</isbn><isbn>3540258604</isbn><isbn>9783540320449</isbn><isbn>354032044X</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2005</creationdate><recordtype>conference_proceeding</recordtype><recordid>eNpFkEtLAzEUheMLrLUbf0E2gpvR5CaTx0qkWC0MuPCxHW7TRMfOi2Rs6b-3UtHVWXyHw-Ej5IKza86YvuFcgjSgSnVAJlYbkUsmgElpD8mIK84zIaQ9-mOQG8XhmIyYYJBZLcUpOUvpkzEG2sKI3D579xWrYUtnERu_6eKKDh1987EKWzp8eFp0G1r4ta_pvOlr3_h2wKHqWjrtlj6dk5OAdfKT3xyT19n9y_QxK54e5tO7IuuBmyFDzVmOuAhouAIT0DHrpAIdAE0QIGF32BlABBcAFFOI2mnupYB86bUYk8v9bo_JYR0itq5KZR-rBuO25MpaZi3f9a72vbRD7buP5aLrVqnkrPwRWP4LFN9fxlw9</recordid><startdate>2005</startdate><enddate>2005</enddate><creator>Kim, Haeng-Kon</creator><creator>Yang, Hae-Sool</creator><general>Springer Berlin Heidelberg</general><general>Springer</general><scope>IQODW</scope></search><sort><creationdate>2005</creationdate><title>Security Framework to Verify the Low Level Implementation Codes</title><author>Kim, Haeng-Kon ; Yang, Hae-Sool</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-p218t-a7105aabfa81628fac09c4627f2a8f3242978c82aa2cf22606aa7c71e4325de73</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2005</creationdate><topic>Applied sciences</topic><topic>Computer science; control theory; systems</topic><topic>Exact sciences and technology</topic><topic>Reduced Control Flow Graph</topic><topic>Security features</topic><topic>Slicing</topic><topic>State Transition Diagram</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kim, Haeng-Kon</creatorcontrib><creatorcontrib>Yang, Hae-Sool</creatorcontrib><collection>Pascal-Francis</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kim, Haeng-Kon</au><au>Yang, Hae-Sool</au><au>Gervasi, Osvaldo</au><au>Gavrilova, Marina L.</au><au>Taniar, David</au><au>Laganà, Antonio</au><au>Mun, Youngsong</au><au>Lee, Heow Pueh</au><au>Tan, Chih Jeng Kenneth</au><au>Kumar, Vipin</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Security Framework to Verify the Low Level Implementation Codes</atitle><btitle>Computational Science and Its Applications – ICCSA 2005</btitle><date>2005</date><risdate>2005</risdate><spage>52</spage><epage>61</epage><pages>52-61</pages><issn>0302-9743</issn><eissn>1611-3349</eissn><isbn>9783540258612</isbn><isbn>3540258612</isbn><isbn>9783540258605</isbn><isbn>3540258604</isbn><eisbn>9783540320449</eisbn><eisbn>354032044X</eisbn><abstract>With the development of web-application, especially E-commerce, many software designers need to incorporate either low-level security functionalities into their programs. This involves the implementation of security features using Java Cryptography Architecture (JCA), Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE) API provided by Sun Corporation [1]. Through our discovery, we find that many functional security related features in software systems are usually implemented by a few methods. The use of these methods results to some necessary structural patterns in reduced control flow graph of the program. In this papers, we present our way to recover the security features by recognizing these methods invocations automatically and transform the reduced control flow graph to state transition diagram through functional abstractions. We believe that it would not only facilitate the comprehension of the security framework implemented in the program, but also make the further verification of the security features possible.</abstract><cop>Berlin, Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/11424826_6</doi><tpages>10</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 0302-9743 |
| ispartof | Computational Science and Its Applications – ICCSA 2005, 2005, p.52-61 |
| issn | 0302-9743 1611-3349 |
| language | eng |
| recordid | cdi_pascalfrancis_primary_16990991 |
| source | Springer Books |
| subjects | Applied sciences Computer science control theory systems Exact sciences and technology Reduced Control Flow Graph Security features Slicing State Transition Diagram |
| title | Security Framework to Verify the Low Level Implementation Codes |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-29T09%3A01%3A55IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-pascalfrancis_sprin&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Security%20Framework%20to%20Verify%20the%20Low%20Level%20Implementation%20Codes&rft.btitle=Computational%20Science%20and%20Its%20Applications%20%E2%80%93%20ICCSA%202005&rft.au=Kim,%20Haeng-Kon&rft.date=2005&rft.spage=52&rft.epage=61&rft.pages=52-61&rft.issn=0302-9743&rft.eissn=1611-3349&rft.isbn=9783540258612&rft.isbn_list=3540258612&rft.isbn_list=9783540258605&rft.isbn_list=3540258604&rft_id=info:doi/10.1007/11424826_6&rft_dat=%3Cpascalfrancis_sprin%3E16990991%3C/pascalfrancis_sprin%3E%3Curl%3E%3C/url%3E&rft.eisbn=9783540320449&rft.eisbn_list=354032044X&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rfr_iscdi=true |