Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Efficient construction of program dependence graphs
ISSTA '93 Proceedings of the 1993 ACM SIGSOFT international symposium on Software testing and analysis
Database System Concepts
Modern Information Retrieval
Improving Integrity Constraint Enforcement by Extended Rules and Dependency Graphs
DEXA '01 Proceedings of the 12th International Conference on Database and Expert Systems Applications
A Retrospective on Industrial Database Reverse Engineering Projects-Part 1
WCRE '01 Proceedings of the Eighth Working Conference on Reverse Engineering (WCRE'01)
Verifying Web Applications Using Bounded Model Checking
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Static approximation of dynamically generated Web pages
WWW '05 Proceedings of the 14th international conference on World Wide Web
DynaMine: finding common error patterns by mining software revision histories
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Proceedings of the 10th European software engineering conference held jointly with 13th ACM SIGSOFT international symposium on Foundations of software engineering
Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Precise alias analysis for static detection of web application vulnerabilities
Proceedings of the 2006 workshop on Programming languages and analysis for security
Wrapper-based evolution of legacy information systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Static detection of security vulnerabilities in scripting languages
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Detecting large number of infeasible paths through recognizing their patterns
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
IEEE Transactions on Software Engineering
Testing input validation in Web applications through automated model recovery
Journal of Systems and Software
Automatic inference of stationary fields: a generalization of java's final fields
Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Conditional functional dependencies for capturing data inconsistencies
ACM Transactions on Database Systems (TODS)
Static detection of cross-site scripting vulnerabilities
Proceedings of the 30th international conference on Software engineering
Impact analysis of database schema changes
Proceedings of the 30th international conference on Software engineering
Dependencies revisited for improving data quality
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Covering code behavior on input validation in functional testing
Information and Software Technology
A Static Analysis Framework for Database Applications
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Discovering matching dependencies
Proceedings of the 18th ACM conference on Information and knowledge management
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Automated Insertion of Exception Handling for Key and Referential Constraints
Journal of Database Management
Hi-index | 0.00 |
Integrity constraints (including key, referential and domain constraints) are unique features of database applications. Integrity constraints are crucial for ensuring accuracy and consistency of data in a database. It is important to perform integrity constraint enforcement (ICE) at the application level to reduce the risk of database corruption. We have conducted an empirical analysis of open-source PHP database applications and found that ICE does not receive enough attention in real-world programming practice. We propose an approach for automatic detection of ICE violations at the application level based on identification of code patterns. We define four patterns that characterize the structures of code implementing integrity constraint enforcement. Violations of these patterns indicate the missing of integrity constraint enforcement. Our work contributes to quality improvement of database applications. Our work also demonstrates that it is feasible to effectively identify bugs or problematic code by mining code patterns in a specific domain/application area.