Static detection of logic flaws in service-oriented applications

Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often security problems can be found at this level, because circumventing or misusing the required operations can lead to unexpected behaviour or to attacks, called application logic attacks. We investigate this issue, by using the CaSPiS calculus to model services, and by providing a Control Flow Analysis able to detect and prevent some possible misuses.



Titolo: Static detection of logic flaws in service-oriented applications
Autori interni: 
BODEI, CHIARA
BRUNI, ROBERTO
mostra contributor esterni 
Anno del prodotto: 2009
Rivista: 
LECTURE NOTES IN COMPUTER SCIENCE  
Abstract: Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often security problems can be found at this level, because circumventing or misusing the required operations can lead to unexpected behaviour or to attacks, called application logic attacks. We investigate this issue, by using the CaSPiS calculus to model services, and by providing a Control Flow Analysis able to detect and prevent some possible misuses.
Handle: http://hdl.handle.net/11568/200493
ISBN: 9783642034589
Appare nelle tipologie:4.1 Contributo in Atti di convegno

File in questo prodotto:
FileDescrizioneTipologiaLicenza 
Static detection of logic flaws.pdf Versione finale editorialeNON PUBBLICO - Accesso privato/ristrettoUtenti riconosciuti   Richiedi una copia
Utilizza questo identificativo per citare o creare un link a questo documento:
http://hdl.handle.net/11568/200493
  • Citazioni
  • PubMed Central ND
  • Scopus
  • WOS

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
 
 
 
Powered by IRIS-about IRIS-Utilizzo dei cookie
Logo CINECA  Copyright © 2021