Implementing a type system for secure information-flow. Potentialsecurity risks (PDF)
(Sprache: Englisch)
Master's Thesis from the year 2019 in the subject Computer Science - Software, grade: 77, City University London, course: Software Engineering, language: English, abstract: The objectives of this project are to design, implement and systematically...
sofort als Download lieferbar
eBook (pdf)
36.99 €
- Lastschrift, Kreditkarte, Paypal, Rechnung
- Kostenloser tolino webreader
Produktdetails
Produktinformationen zu „Implementing a type system for secure information-flow. Potentialsecurity risks (PDF)“
Master's Thesis from the year 2019 in the subject Computer Science - Software, grade: 77, City University London, course: Software Engineering, language: English, abstract: The objectives of this project are to design, implement and systematically demonstrate a chosen type system considering reliability, performance, and scalability. Furthermore, it aims to determine the limitations of the implementation and alternative architectural designs, to evaluate the extent to which the developed prototype scales up to real-life scenarios and to investigate the feasibility of a similar security type system for SAP systems.
Standard security practices, such as access controls, insufficiently assure secure end-to-end behaviour of an application. Any program flaw, no matter how small or big, poses a potential security risk. Static information flow analysis checks a program for confidential information leaks into public data containers at compile-time.
This design-and-build project's aim is the prototypical implementation of a security type system for a simple demonstrative language to prevent programs leaking confidential information effectively. The project is based on existing research concerning security type systems as a means of enforcing information flow policies in a program. The results are discussed not only in terms of validity but also considering the feasibility of a similar security type system for SAP enterprise resource management systems.
Society relies heavily on software-intensive systems in all facets of life. Information is automatically processed in automobiles, phones, fridges, and countless web servers. Much of that information is personal data and can distinguish an individual's identity, such as their name, biometric records, or email addresses. Intellectual property and confidential information are handled in mission-critical military, governmental, medical and business applications. Therefore, building trust in the handling of data by systems is a crucial aspect of software architecture design.
Standard security practices, such as access controls, insufficiently assure secure end-to-end behaviour of an application. Any program flaw, no matter how small or big, poses a potential security risk. Static information flow analysis checks a program for confidential information leaks into public data containers at compile-time.
This design-and-build project's aim is the prototypical implementation of a security type system for a simple demonstrative language to prevent programs leaking confidential information effectively. The project is based on existing research concerning security type systems as a means of enforcing information flow policies in a program. The results are discussed not only in terms of validity but also considering the feasibility of a similar security type system for SAP enterprise resource management systems.
Society relies heavily on software-intensive systems in all facets of life. Information is automatically processed in automobiles, phones, fridges, and countless web servers. Much of that information is personal data and can distinguish an individual's identity, such as their name, biometric records, or email addresses. Intellectual property and confidential information are handled in mission-critical military, governmental, medical and business applications. Therefore, building trust in the handling of data by systems is a crucial aspect of software architecture design.
Bibliographische Angaben
- Autor: Dominik Kropp
- 2020, 1. Auflage, 90 Seiten, Englisch
- Verlag: GRIN Verlag
- ISBN-10: 3346313565
- ISBN-13: 9783346313560
- Erscheinungsdatum: 14.12.2020
Abhängig von Bildschirmgröße und eingestellter Schriftgröße kann die Seitenzahl auf Ihrem Lesegerät variieren.
eBook Informationen
- Dateiformat: PDF
- Größe: 1.17 MB
- Ohne Kopierschutz
- Vorlesefunktion
Sprache:
Englisch
Kommentar zu "Implementing a type system for secure information-flow. Potentialsecurity risks"
Schreiben Sie einen Kommentar zu "Implementing a type system for secure information-flow. Potentialsecurity risks".
Kommentar verfassen