Static Detection of Logic Flaws in Service-Oriented Applications
نویسندگان
چکیده
Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often security problems can be found at this level, because circumventing or misusing the required operations can lead to unexpected behaviour or to attacks, called application logic attacks. We investigate this issue, by using the CaSPiS calculus to model services, and by providing a Control Flow Analysis able to detect and prevent some possible misuses.
منابع مشابه
Online Anomaly Detection for Service-Oriented Components in OSGi-based Applications
OSGi has become one of the most promising frameworks for managing service-oriented and component-based applications. The OSGi-based service-oriented components delivered by different vendors are usually black-box program units which lack source code and design documents. Thus, it is difficult to evaluate their quality by static code analysis, and the defective components may lead to the failure...
متن کاملService-Oriented Logic Programming
We develop formal foundations for notions and mechanisms needed to support service-oriented computing. Our work builds on recent theoretical advancements in the algebraic structures that capture the way services are orchestrated and in the processes that formalize the discovery and binding of services to given client applications by means of logical representations of required and provided serv...
متن کاملStatic detection of C++ vtable escape vulnerabilities in binary code
Static binary code analysis is a longstanding technique used to find security defects in deployed proprietary software. The complexities of binary code compiled from object-oriented source languages (e.g. C++) has limited the utility of binary analysis to basic applications using simpler coding constructs, so vulnerabilities in object-oriented code remain undetected. In this paper, we present v...
متن کاملApplications of Fuzzy Program Graph in Symbolic Checking of Fuzzy Flip-Flops
All practical digital circuits are usually a mixture of combinational and sequential logic. Flip–flops are essential to sequential logic therefore fuzzy flip–flops are considered to be among the most essential topics of fuzzy digital circuit. The concept of fuzzy digital circuit is among the most interesting applications of fuzzy sets and logic due to the fact that if there has to be an ultimat...
متن کاملReversible Logic Multipliers: Novel Low-cost Parity-Preserving Designs
Reversible logic is one of the new paradigms for power optimization that can be used instead of the current circuits. Moreover, the fault-tolerance capability in the form of error detection or error correction is a vital aspect for current processing systems. In this paper, as the multiplication is an important operation in computing systems, some novel reversible multiplier designs are propose...
متن کامل