Type-based Analysis of Financial APIs
نویسندگان
چکیده
We revise a known attack on the PIN verification framework, based on a weakness of the underlying security API. We specify this flawed API in an imperative language with cryptographic primitives and we show why its type-based verification fails in the type system of Myers, Sabelfeld and Zdancewic. We propose an improved API, extend the type system with cryptographic primitives for assuring integrity, and show our new API to be type-checkable. (for presentation only)
منابع مشابه
The Ranking of Financial Efficiency of Companies Accepted in Stock Exchange of Tehran between 2013 to 2016 through Financial Ratio Approach and Using DEA
Financial ratios provide an illustration of the financial situation, the company's returns, and the future opportunities of business units. Considering that in traditional methods, the effect of financial ratios on efficiency has been investigated so far, it did not look right; therefore, we sought a method that It can be used to see the effect of financial ratios. In the process of data envelo...
متن کاملThe Business Intelligence as a Service in the Cloud
Limitations imposed by the traditional practice in financial institutions of running risk analysis on the desktop mean many rely on models which assume a “normal” Gaussian distribution of events which can seriously underestimate the real risk. In this paper, we propose an alternative service which uses the elastic capacities of Cloud Computing to escape the limitations of the desktop and produc...
متن کاملMolecular identification and phylogenetic analysis of Lactobacillus and Bifidobacterium spp. isolated from gut of honeybees (Apis mellifera) from West Azerbaijan, Iran
Polymerase chain reaction and restriction fragment length polymorphism (PCR-RFLP) and phylogenetic analysis were used for molecular identification of lactic acid bacteria (LABs) isolated from Apis mellifera. Eighteen honeybee workers were collected from three different apiaries in West Azerbaijan. LABs from the gut of honeybees were isolated and cultured using routine biochemical proce...
متن کاملThe relationship between Structural risk and Expected return of sukuk
Sukuk is the most important Islamic financial securities designed based on Islamic laws, and the relationship between risk and return is the most basic concept in Islamic finance. The results of examining and comparing the similarities between bonds and sukuk show that the most important difference between these two financing tools is the type of asset backed by sukuk and the type of asset cont...
متن کاملFailures of Security APIs: A New Case
We report novel API attacks on a Captcha web service, and discuss lessons that we have learned. In so doing, we expand the horizon of security APIs research by extending it to a new setting. We also show that system architecture analysis is useful both for identifying vulnerabilities in security APIs and for fixing them.
متن کامل