An automated tool for assessing security-critical designs and programs
| Data(s) |
2012
|
|---|---|
| Resumo |
This paper describes in detail our Security-Critical Program Analyser (SCPA). SCPA is used to assess the security of a given program based on its design or source code with regard to data flow-based metrics. Furthermore, it allows software developers to generate a UML-like class diagram of their program and annotate its confidential classes, methods and attributes. SCPA is also capable of producing Java source code for the generated design of a given program. This source code can then be compiled and the resulting Java bytecode program can be used by the tool to assess the program's overall security based on our security metrics. |
| Formato |
application/pdf |
| Identificador | |
| Relação |
http://eprints.qut.edu.au/56380/1/wiar2012_software_analysis_tool.pdf http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6210573 Alshammari, Bandar, Fidge, Colin J., & Corney, Diane (2012) An automated tool for assessing security-critical designs and programs. In Proceedings of WIAR '2012; National Workshop on Information Assurance Research, Riyadh, Saudi Arabia. http://purl.org/au-research/grants/ARC/LP0776344 |
| Direitos |
Copyright 2012 IEEE |
| Fonte |
School of Electrical Engineering & Computer Science; Institute for Future Environments; Information Security Institute; Science & Engineering Faculty |
| Palavras-Chave | #080303 Computer System Security #Object-Orientation #Software Security #Security Metrics #Security Analyser #Information Flow |
| Tipo |
Conference Paper |
