Maintaining Authorization Hook Placements Across Program Versions

Nirupama Talele; Divya Muthukumaran; Frank Capobianco; Trent Jaeger; Gang Tan

doi:10.1109/SecDev.2016.024

Maintaining Authorization Hook Placements Across Program Versions

Nirupama Talele, Divya Muthukumaran, Frank Capobianco, Trent Jaeger, Gang Tan

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

We examine the problem of maintaining security code across program versions. There are now several cases where programmers manually retrofit their programs with security code, such as authorization mechanisms. However, programs evolve, so a challenge for programmers is to determine whether their security code remains correct across multiple versions of the program. The insight of this work is that programmers can use the constraints on the authorization policies that can be enforced in one version of the program to limit their effort in validating authorization hook placements in later versions. We develop a tool we call HEIMDAL to implement this insight, finding that a modest number of authorization constraints require review across several versions of the X window server program.

Original language	English (US)
Title of host publication	Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	67-68
Number of pages	2
ISBN (Electronic)	9781509055883
DOIs	https://doi.org/10.1109/SecDev.2016.024
State	Published - Feb 1 2017
Event	2016 IEEE Cybersecurity Development, SecDev 2016 - Boston, United States Duration: Nov 3 2016 → Nov 4 2016

Publication series

Name	Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016

Other

Other	2016 IEEE Cybersecurity Development, SecDev 2016
Country/Territory	United States
City	Boston
Period	11/3/16 → 11/4/16

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Software
Safety, Risk, Reliability and Quality

Access to Document

10.1109/SecDev.2016.024

Cite this

Talele, N., Muthukumaran, D., Capobianco, F., Jaeger, T., & Tan, G. (2017). Maintaining Authorization Hook Placements Across Program Versions. In Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016 (pp. 67-68). Article 7839793 (Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SecDev.2016.024

@inproceedings{c68b5fbecd494ee0ae8df6532250b168,

title = "Maintaining Authorization Hook Placements Across Program Versions",

abstract = "We examine the problem of maintaining security code across program versions. There are now several cases where programmers manually retrofit their programs with security code, such as authorization mechanisms. However, programs evolve, so a challenge for programmers is to determine whether their security code remains correct across multiple versions of the program. The insight of this work is that programmers can use the constraints on the authorization policies that can be enforced in one version of the program to limit their effort in validating authorization hook placements in later versions. We develop a tool we call HEIMDAL to implement this insight, finding that a modest number of authorization constraints require review across several versions of the X window server program.",

author = "Nirupama Talele and Divya Muthukumaran and Frank Capobianco and Trent Jaeger and Gang Tan",

year = "2017",

month = feb,

day = "1",

doi = "10.1109/SecDev.2016.024",

language = "English (US)",

series = "Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "67--68",

booktitle = "Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016",

address = "United States",

note = "2016 IEEE Cybersecurity Development, SecDev 2016 ; Conference date: 03-11-2016 Through 04-11-2016",

}

Talele, N, Muthukumaran, D, Capobianco, F, Jaeger, T & Tan, G 2017, Maintaining Authorization Hook Placements Across Program Versions. in Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016., 7839793, Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016, Institute of Electrical and Electronics Engineers Inc., pp. 67-68, 2016 IEEE Cybersecurity Development, SecDev 2016, Boston, United States, 11/3/16. https://doi.org/10.1109/SecDev.2016.024

Maintaining Authorization Hook Placements Across Program Versions. / Talele, Nirupama; Muthukumaran, Divya; Capobianco, Frank et al.
Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 67-68 7839793 (Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Maintaining Authorization Hook Placements Across Program Versions

AU - Talele, Nirupama

AU - Muthukumaran, Divya

AU - Capobianco, Frank

AU - Jaeger, Trent

AU - Tan, Gang

PY - 2017/2/1

Y1 - 2017/2/1

N2 - We examine the problem of maintaining security code across program versions. There are now several cases where programmers manually retrofit their programs with security code, such as authorization mechanisms. However, programs evolve, so a challenge for programmers is to determine whether their security code remains correct across multiple versions of the program. The insight of this work is that programmers can use the constraints on the authorization policies that can be enforced in one version of the program to limit their effort in validating authorization hook placements in later versions. We develop a tool we call HEIMDAL to implement this insight, finding that a modest number of authorization constraints require review across several versions of the X window server program.

AB - We examine the problem of maintaining security code across program versions. There are now several cases where programmers manually retrofit their programs with security code, such as authorization mechanisms. However, programs evolve, so a challenge for programmers is to determine whether their security code remains correct across multiple versions of the program. The insight of this work is that programmers can use the constraints on the authorization policies that can be enforced in one version of the program to limit their effort in validating authorization hook placements in later versions. We develop a tool we call HEIMDAL to implement this insight, finding that a modest number of authorization constraints require review across several versions of the X window server program.

UR - http://www.scopus.com/inward/record.url?scp=85015232041&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015232041&partnerID=8YFLogxK

U2 - 10.1109/SecDev.2016.024

DO - 10.1109/SecDev.2016.024

M3 - Conference contribution

AN - SCOPUS:85015232041

T3 - Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016

SP - 67

EP - 68

BT - Proceedings - 2016 IEEE Cybersecurity Development, SecDev 2016

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2016 IEEE Cybersecurity Development, SecDev 2016

Y2 - 3 November 2016 through 4 November 2016

ER -

Maintaining Authorization Hook Placements Across Program Versions

Abstract

Publication series

Other

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this