Transformational typing and unification for automatically correcting insecure programs
نویسندگان
چکیده
منابع مشابه
Eliminating Implicit Information Leaks by Transformational Typing and Unification
Before starting the security analysis of an existing system, the most likely outcome is often already clear, namely that the system is not entirely secure. Modifying a program such that it passes the analysis is a difficult problem and usually left entirely to the programmer. In this article, we show that and how unification can be used to compute such program transformations. This opens a new ...
متن کاملAutomatically Correcting Typing Errors for People with Motor Impairments
People with motor impairments often have difficulty entering text accurately when typing on a keyboard. These users also may have trouble correcting errors. We introduce TrueKeys, a system that automatically corrects typing errors as they occur. TrueKeys utilizes a word frequency list and a model of the user’s keyboard layout to identify typing errors and choose appropriate corrections. We eval...
متن کاملExterminator: Automatically Correcting Memory Errors
Programs written in C and C++ are susceptible to memory errors, including buffer overflows and dangling pointers. These errors, which can lead to crashes, erroneous execution, and security vulnerabilities, are notoriously costly to repair. Tracking down their location in the source code is difficult, even when the full memory state of the program is available. Once the errors are finally found,...
متن کاملTyping noninterference for reactive programs
We study the security property of noninterference for a class of synchronous programs called reactive programs. We consider a core reactive language, obtained by extending the imperative language of Volpano, Smith and Irvine with a form of scheduled parallelism and with reactive primitives that manipulate broadcast signals. The definition of noninterference has to be tuned to the particular nat...
متن کاملPreface Automatically Verifying Typing Constraints for a Data Processing Automatically Verifying Typing Constraints for a Data Processing Language
In this paper we present a new technique for automatically verifying typing constraints in the setting of a first-order data processing language with refinement types and dynamic type-tests. We achieve this by translating programs into a standard while language and then using a general-purpose verification tool. Our translation generates assertions in the while program that faithfully represent...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Information Security
سال: 2007
ISSN: 1615-5262,1615-5270
DOI: 10.1007/s10207-007-0016-z