TXL: a rapid prototyping system for programming language dialects
Computer Languages
Refactoring to Patterns
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
IEEE Software
Security oriented program transformations (or how to add security on demand)
Companion to the 23rd ACM SIGPLAN conference on Object-oriented programming systems languages and applications
Security-oriented program transformations
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
The 5th international workshop on software engineering for secure systems (SESS'09)
ICSE '09 COMPANION Proceedings of the 2009 31st International Conference on Software Engineering: Companion Volume
| Hi-index | 0.00 |
A security-oriented program transformation maps programs to security-augmented programs, i.e. it introduces a protection mechanism to make programs more secure. Our previous work defined security-oriented program transformations [6], introduced a catalog of transformations [8], and showed how program transformations could be applied to systematically eradicate various types of data injection attacks [9]. This paper shows how security-oriented program transformations could be used to improve the security of a system's perimeter by introducing authentication, authorization and input validation components. The program transformation examples in this paper are JAVA specific, but the transformations could be implemented to use other authentication and authorization frameworks.