By Topic

Analysis and implementation method of program to detect inappropriate information leak

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Yokomori, R. ; Graduate Sch. of Eng. Sci., Osaka Univ., Japan ; Ohata, F. ; Takata, Y. ; Seki, H.
more authors

For a program which handles secret information, it is very important to prevent inappropriate information leaks from a program with secret data. D.E. Denning (1976) proposed a mechanism to certify the security of program by statically analyzing information flow, and S. Kuninobu et al. (2000) proposed a more practical analysis framework including recursive procedure handling, although no implementation has been yet made. We propose a method of security analysis implementation, and show a security analysis tool implemented for a procedural language. We extend Kuninobu's algorithm by devising various techniques for analysis of practical programs that have recursive calls and global variables. This method is validated by applying our tools to a simple credit card program, and we confirm that the validation of program security is very useful

Published in:

Quality Software, 2001. Proceedings.Second Asia-Pacific Conference on

Date of Conference: