Static analysis is the analysis of software at compile time without executing it. Its goal is to explore all execution paths without needing specific inputs to drive the execution. Thanks to its wide coverage, this approach, and in particular taint analysis, has been widely applied to detect security vulnerabilities like SQL injections and XSS. The European General Data Protection Regulation requires all controllers of sensitive data to enforce an approach based on privacy by design and by default. In such context, verification and testing techniques can be applied to check if the system implementation follows the constraints identified at design time. Therefore, static program analysis might be applied to track how sensitive data is automatically managed by a software, and if such software could leak some of this data. In this paper, we formalize and discuss how taint analysis can be extended and augmented in order to detect potential unintended leakages of sensitive data. Starting from the specification of how sensitive data is retrieved and it could be leaked, and what types of leakages are allowed by the privacy policy established by the controller of sensitive data, we apply standard taint analysis to detect potential leakages, we reconstruct the flow to check if the flow is allowed or not, and we report full details about all the flows not allowed by the privacy policy. This approach has been implemented on the Julia static analysis, and we report some promising experimental results on the OWASP WebGoat benchmark.
Tailoring Taint Analysis to GDPR
Ferrara, Pietro;Luca Olivieri;
2018-01-01
Abstract
Static analysis is the analysis of software at compile time without executing it. Its goal is to explore all execution paths without needing specific inputs to drive the execution. Thanks to its wide coverage, this approach, and in particular taint analysis, has been widely applied to detect security vulnerabilities like SQL injections and XSS. The European General Data Protection Regulation requires all controllers of sensitive data to enforce an approach based on privacy by design and by default. In such context, verification and testing techniques can be applied to check if the system implementation follows the constraints identified at design time. Therefore, static program analysis might be applied to track how sensitive data is automatically managed by a software, and if such software could leak some of this data. In this paper, we formalize and discuss how taint analysis can be extended and augmented in order to detect potential unintended leakages of sensitive data. Starting from the specification of how sensitive data is retrieved and it could be leaked, and what types of leakages are allowed by the privacy policy established by the controller of sensitive data, we apply standard taint analysis to detect potential leakages, we reconstruct the flow to check if the flow is allowed or not, and we report full details about all the flows not allowed by the privacy policy. This approach has been implemented on the Julia static analysis, and we report some promising experimental results on the OWASP WebGoat benchmark.
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
