This paper presents an information flow analysis of Hibernate Query Language (HQL). We define a concrete semantics of HQL and we lift the semantics on an abstract domain of propositional formulae. This way, we capture variables dependences at each program point. This allows us to identify illegitimate information flow by checking the satisfiability of propositional formulae with respect to a truth value assignment based on their security levels.
This paper presents an information flow analysis of Hibernate Query Language (HQL). We define a concrete semantics of HQL and we lift the semantics on an abstract domain of propositional formulae. This way, we capture variables dependences at each program point. This allows us to identify illegitimate information flow by checking the satisfi- ability of propositional formulae with respect to a truth value assignment based on their security levels.
Data leakage analysis of the hibernate query language on a propositional formulae domain
CORTESI, Agostino
2016-01-01
Abstract
This paper presents an information flow analysis of Hibernate Query Language (HQL). We define a concrete semantics of HQL and we lift the semantics on an abstract domain of propositional formulae. This way, we capture variables dependences at each program point. This allows us to identify illegitimate information flow by checking the satisfi- ability of propositional formulae with respect to a truth value assignment based on their security levels.
| File | Dimensione | Formato | |
|---|---|---|---|
|
9783662491744-c2.pdf
non disponibili
Tipologia:
Documento in Post-print
Licenza:
Accesso chiuso-personale
Dimensione
1.22 MB
Formato
Adobe PDF
|
1.22 MB | Adobe PDF | Visualizza/Apri |
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
