In-Depth Enforcement of Dynamic Integrity Taint Analysis
| Title | In-Depth Enforcement of Dynamic Integrity Taint Analysis |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Amir-Mohammadian, Sepehr, Skalka, Christian |
| Conference Name | Proceedings of the 2016 ACM Workshop on Programming Languages and Analysis for Security |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4574-3 |
| Keywords | Algorithms, auditing, composability, control theory, languages, Metrics, pubcrawl, security, Security Audits, Security Policies Analysis, taint analysis, theory, verification |
| Abstract | Dynamic taint analysis can be used as a defense against low-integrity data in applications with untrusted user interfaces. An important example is defense against XSS and injection attacks in programs with web interfaces. Data sanitization is commonly used in this context, and can be treated as a precondition for endorsement in a dynamic integrity taint analysis. However, sanitization is often incomplete in practice. We develop a model of dynamic integrity taint analysis for Java that addresses imperfect sanitization with an in-depth approach. To avoid false positives, results of sanitization are endorsed for access control (aka prospective security), but are tracked and logged for auditing and accountability (aka retrospective security). We show how this heterogeneous prospective/retrospective mechanism can be specified as a uniform policy, separate from code. We then use this policy to establish correctness conditions for a program rewriting algorithm that instruments code for the analysis. The rewriting itself is a model of existing, efficient Java taint analysis tools. |
| URL | http://doi.acm.org/10.1145/2993600.2993610 |
| DOI | 10.1145/2993600.2993610 |
| Citation Key | amir-mohammadian_-depth_2016 |