Results 1 - 10 of 919

Mining Security-Sensitive Operations in Legacy Code using Concept Analysis

by unknown authors
"... ..."
Abstract - Add to MetaCart
Abstract not found

permission. Extracting Models of Security-Sensitive Operations using String-Enhanced White-Box Exploration on Binaries

by Juan Caballero, Stephen Mccamant, Adam Barth, Dawn Song, Juan Caballero, Stephen Mccamant, Adam Barth, Dawn Song
"... personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires pri ..."
Abstract - Add to MetaCart
personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific

Securing ad hoc networks

by Lidong Zhou, Zygmunt J. Haas
"... Ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. The military tactical and other security-sensitive operation ..."
Abstract - Cited by 1064 (15 self) - Add to MetaCart
Ad hoc networks are a new wireless networking paradigm for mobile hosts. Unlike traditional mobile wireless networks, ad hoc networks do not rely on any fixed infrastructure. Instead, hosts rely on each other to keep the network connected. The military tactical and other security-sensitive

Mining securitysensitive operations in legacy code using concept analysis

by Vinod Ganapathy - In Proceedings of the 29th International Conference on Software Engineering (ICSE ’07 , 2007
"... This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints. ..."
Abstract - Cited by 9 (3 self) - Add to MetaCart
This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints

Abstract

by Vinod Ganapathy, David King, Trent Jaeger, Somesh Jha
"... This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints. ..."
Abstract - Add to MetaCart
This paper presents an approach to statically retrofit legacy servers with mechanisms for authorization policy enforcement. The approach is based upon the observation that security-sensitive operations performed by a server are characterized by idiomatic resource manipulations, called fingerprints

unknown title

by unknown authors
"... Abstract This paper presents an approach to statically retrofitlegacy servers with mechanisms for authorization policy enforcement. The approach is based upon the obser-vation that security-sensitive operations performed by a server are characterized by idiomatic resource manipula-tions, called fing ..."
Abstract - Add to MetaCart
Abstract This paper presents an approach to statically retrofitlegacy servers with mechanisms for authorization policy enforcement. The approach is based upon the obser-vation that security-sensitive operations performed by a server are characterized by idiomatic resource manipula-tions, called

Towards Automated Authorization Policy Enforcement Vinod GanapathyUniv. of Wisconsin-Madison

by unknown authors
"... 1 Motivation The goal of an authorization framework is to ensurethat security-sensitive operations on system resources are only performed by users who are permitted to do so bythe site-specific authorization policy. A popular architecture for constructing an authorization framework uses areference m ..."
Abstract - Add to MetaCart
1 Motivation The goal of an authorization framework is to ensurethat security-sensitive operations on system resources are only performed by users who are permitted to do so bythe site-specific authorization policy. A popular architecture for constructing an authorization framework uses areference

Consistency analysis of authorization hook placement in the Linux security modules framework

by Trent Jaeger, Antony Edwards, Xiaolan Zhang - ACM Transactions on Information and System Security (TISSEC , 2004
"... We present a consistency analysis approach to assist the Linux community in verifying the correctness of authorization hook placement in the Linux Security Modules (LSM) framework. The LSM framework consists of a set of authorization hooks inserted into the Linux kernel to enable additional authoriz ..."
Abstract - Cited by 22 (8 self) - Add to MetaCart
operations are authorized. Static analysis has been used previously to verified mediation (i.e., that some hook mediates access to a security-sensitive operation), but that work did not determine whether the necessary set of authorizations were checked. In this paper, we develop an approach to test

Reducing TCB complexity for security-sensitive applications: Three case studies

by Lenin Singaravelu, Calton Pu, Hermann Härtig, Christian Helmuth - In Proceedings of EuroSys 2006 , 2006
"... The future of digital systems is complexity, and complexity is the worst enemy of security.-- Bruce Schneier [40]. The large size and high complexity of securitysensitive applications and systems software is a primary cause for their poor testability and high vulnerability. One approach to alleviate ..."
Abstract - Cited by 65 (10 self) - Add to MetaCart
to alleviate this problem is to extract the security-sensitive parts of application and systems software, thereby reducing the size and complexity of software that needs to be trusted. At the system software level, we use the Nizza architecture which relies on a kernelized trusted computing base (TCB

Beyond stack inspection: A unified access-control and information-flow security model

by Marco Pistoia - In SP’07: Security and Privacy , 2007
"... Modern component-based systems, such as Java and Microsoft.NET Common Language Runtime (CLR), have adopted Stack-Based Access Control (SBAC). Its purpose is to use stack inspection to verify that all the code responsible for a security-sensitive action is sufficiently authorized to perform that acti ..."
Abstract - Cited by 23 (3 self) - Add to MetaCart
authorized code from executing a security-sensitive operation if less trusted code was previously executed. In this paper, we formally introduce Information-Based Access Control (IBAC), a novel security model that verifies that all and only the code responsible for a security-sensitive operation
Results 1 - 10 of 919