Open Access. Powered by Scholars. Published by Universities.®
Programming Languages and Compilers Commons™
Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 4 of 4
Full-Text Articles in Programming Languages and Compilers
Dynamic Information Flow Analysis In Ruby, Vigneshwari Chandrasekaran
Dynamic Information Flow Analysis In Ruby, Vigneshwari Chandrasekaran
Master's Projects
With the rapid increase in usage of the internet and online applications, there is a huge demand for applications to handle data privacy and integrity. Applications are already complex with business logic; adding the data safety logic would make them more complicated. The more complex the code becomes, the more possibilities it opens for security-critical bugs. To solve this conundrum, we can push this data safety handling feature to the language level rather than the application level. With a secure language, developers can write their application without having to worry about data security.
This project introduces dynamic information flow analysis …
Library For Writing Contracts For Java Programs Using Prolog, Yogesh Dixit
Library For Writing Contracts For Java Programs Using Prolog, Yogesh Dixit
Master's Projects
Today many large and complex software systems are being developed in Java. Although, software always has bugs, it is very important that these developed systems are more reliable despite these bugs.
One way that we can help achieve this is the Design by Contract (DbC) paradigm, which was first introduced by Bertrand Meyer, the creator of Eiffel. The concept of DbC was introduced for software developers so that they can produce more reliable software systems with a little extra cost. Using programming contracts allows developer to specify details such as input conditions and expected output conditions. Doing this makes it …
Implementing Dynamic Coarse & Fine Grained Taint Analysis For Rhino Javascript, Tejas Saoji
Implementing Dynamic Coarse & Fine Grained Taint Analysis For Rhino Javascript, Tejas Saoji
Master's Projects
Web application systems today are at great risk from attackers. They use methods like cross-site scripting, SQL injection, and format string attacks to exploit vulnerabilities in an application. Standard techniques like static analysis, code audits seem to be inadequate in successfully combating attacks like these. Both the techniques point out the vulnerabilities before an application is run. However, static analysis may result in a higher rate of false positives, and code audits are time-consuming and costly. Hence, there is a need for reliable detection mechanisms.
Dynamic taint analysis offers an alternate solution — it marks the incoming data from the …
Policy-Agnostic Programming On The Client-Side, Kushal Palesha
Policy-Agnostic Programming On The Client-Side, Kushal Palesha
Master's Projects
Browser security has become a major concern especially due to web pages becoming more complex. These web applications handle a lot of information, including sensitive data that may be vulnerable to attacks like data exfiltration, cross-site scripting (XSS), etc. Most modern browsers have security mechanisms in place to prevent such attacks but they still fall short in preventing more advanced attacks like evolved variants of data exfiltration. Moreover, there is no standard that is followed to implement security into the browser.
A lot of research has been done in the field of information flow security that could prove to be …