Visible to the public Abstract Runtime Structure Reasoning about SecurityConflict Detection Enabled

TitleAbstract Runtime Structure Reasoning about Security
Publication TypeConference Proceedings
Year of Publication2016
AuthorsMarwan Abi-Antoun, Ebrahim Khalaj, Radu Vanciu, Ahmad Moghimi
Conference NameHotSos '16 Proceedings of the Symposium and Bootcamp on the Science of Security
Date Published4/19/2016
PublisherACM New York, NY,
Conference LocationPittsburgh, PA
KeywordsApr'16, CMU, object graphs; ownership type inference; graph query

We propose an interactive approach where analysts reason about the security of a system using an abstraction of its runtime structure, as opposed to looking at the code. They interactively refine a hierarchical object graph, set security properties on abstract objects or edges, query the graph, and investigate the results by studying highlighted objects or edges or tracing to the code. Behind the scenes, an inference analysis and an extraction analysis maintain the soundness of the graph with respect to the code.

Citation Keynode-25992

Other available formats:

Abi-Antoun_Abstract_Runtime_DG.pdfPDF document715.29 KBDownloadPreview