Title: Sensitive information leakage analysis of database code by abstract interpretation
Authors: Angshuman Jana
Addresses: Department of Computer Science and Engineering, Indian Institute of Information Technology, Guwahati, India
Abstract: An information system stores outside data in the backend database to process them efficiently and protects sensitive data from illegitimate flow or unauthorised users. However, most information systems are made in such a way that the sensitive information stored in a database may be leaked explicitly or implicitly during data processing along with the control structure of the program to the output channels. Therefore, sensitive data leakage is one of the crucial security threat. In this paper, the main objective is to detect the illegitimate flow of confidential information in an information system. We propose a framework to detect sensitive information leakage through the data-flow paths of an information system. In particular, to compute the precise set of data-flow paths, we use the non-relational abstract property of the interval domain and the relational abstract property of the polyhedra domain that enables the framework to produce efficient security analysis results.
Keywords: formal methods; database program; data dependency graph; data security; abstract interpretation.
International Journal of Security and Networks, 2023 Vol.18 No.2, pp.91 - 105
Received: 23 Aug 2022
Accepted: 16 Feb 2023
Published online: 20 Jun 2023 *