Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles 2009
DOI: 10.1145/1629575.1629604
|View full text |Cite
|
Sign up to set email alerts
|

Improving application security with data flow assertions

Abstract: RESIN is a new language runtime that helps prevent security vulnerabilities, by allowing programmers to specify application-level data flow assertions. RESIN provides policy objects, which programmers use to specify assertion code and metadata; data tracking, which allows programmers to associate assertions with application data, and to keep track of assertions as the data flow through the application; and filter objects, which programmers use to define data flow boundaries at which assertions are checked. RES… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

1
81
0

Year Published

2011
2011
2019
2019

Publication Types

Select...
4
3
3

Relationship

0
10

Authors

Journals

citations
Cited by 122 publications
(82 citation statements)
references
References 34 publications
1
81
0
Order By: Relevance
“…Run-Time Approaches to Web Application Security. Resin [37] is a runtime system that enforces information flow policies attached to data objects; it has been successfully applied to web applications. Jeeves [36], a similar language for enforcing information flow policies, has also been applied to the web.…”
Section: Related Workmentioning
confidence: 99%
“…Run-Time Approaches to Web Application Security. Resin [37] is a runtime system that enforces information flow policies attached to data objects; it has been successfully applied to web applications. Jeeves [36], a similar language for enforcing information flow policies, has also been applied to the web.…”
Section: Related Workmentioning
confidence: 99%
“…The PUMP architecture neither bounds the number of metadata bits nor the number of policies simultaneously supported; its microarchitectural optimizations (opgroups, tag compression, tag translation, and miss handler acceleration-see §4) achieve performance comparable to dedicated, hardware metadata propagation solutions ( §5). We believe the software-defined metadata policy model and its acceleration will be applicable to a large range of policies beyond those illustrated here, including sound information-flow control [7,8,32,56,62], fine-grained access control [67,71], integrity, synchronization [6,61], race detection [58,73], debugging, application-specific policies [70], and controlled generation and execution of dynamic code.…”
Section: Discussionmentioning
confidence: 99%
“…(3)In order to collect user information and analyze user behavior in some electronics markets, they will implement third party plug-ins to their own market in popular software in which may reveal user privacy information. (4)There is a lack of standardized management in the domestic Android electronics market and no system or mechanism to deal with software leakage [32].…”
Section: (3)location Informationmentioning
confidence: 99%