Interprocedural slicing using dependence graphs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Slicing object-oriented software
Proceedings of the 18th international conference on Software engineering
Flow insensitive C++ pointers and polymorphism analysis and its application to slicing
ICSE '97 Proceedings of the 19th international conference on Software engineering
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
Slicing object-oriented java programs
ACM SIGPLAN Notices
The Java Language Specification
The Java Language Specification
Program Understanding and Maintenance with the CANTO Environment
ICSM '97 Proceedings of the International Conference on Software Maintenance
Displaying dependence graphs: a hierarchical approach
WCRE '01 Proceedings of the Eighth Working Conference on Reverse Engineering (WCRE'01)
Slicing Objects Using System Dependence Graphs
ICSM '98 Proceedings of the International Conference on Software Maintenance
Evaluating Context-Sensitive Slicing and Chopping
ICSM '02 Proceedings of the International Conference on Software Maintenance (ICSM'02)
IWPC '01 Proceedings of the 9th International Workshop on Program Comprehension
Hi-index | 0.00 |
With the development of web-application, especially E-commerce, many software designers need to incorporate either low-level security functionalities into their programs. This involves the implementation of security features using Java Cryptography Architecture (JCA), Java Cryptography Extension (JCE) and Java Secure Socket Extension (JSSE) API provided by Sun Corporation [1]. Through our discovery, we find that many functional security related features in software systems are usually implemented by a few methods. The use of these methods results to some necessary structural patterns in reduced control flow graph of the program. In this papers, we present our way to recover the security features by recognizing these methods invocations automatically and transform the reduced control flow graph to state transition diagram through functional abstractions. We believe that it would not only facilitate the comprehension of the security framework implemented in the program, but also make the further verification of the security features possible.