Title: Refining dependencies for information flow analysis of database applications

Authors: Md. Imran Alam; Raju Halder

Addresses: Department of Computer Science and Engineering, Indian Institute of Technology Patna, India ' Department of Computer Science and Engineering, Indian Institute of Technology Patna, India

Abstract: Preserving confidentiality of sensitive information in any computing system always remains a challenging issue. One such reason is improper coding of softwares which may lead to the disclosure of sensitive information to unauthorised users while propagating along the code during execution. Language-based information flow security analysis has emerged as a promising technique to prove that program's executions do not leak sensitive information to untrusted users. In this paper, we propose information flow analysis of database applications. The main contributions of the paper are: 1) refinement of dependence graphs for database applications by removing false dependencies; 2) information-flow analysis of database applications using refined dependence graph. Our approach covers a more generic scenario where attackers are able to view only a part of the attribute-values according to the policy, and leads to a more precise semantic-based analysis which reduces false positives with respect to the literature.

Keywords: information flow analysis; dependency graphs; database security; false dependencies; false positives; semantics; database attacks.

DOI: 10.1504/IJTMCC.2016.081846

International Journal of Trust Management in Computing and Communications, 2016 Vol.3 No.3, pp.193 - 223

Received: 09 Dec 2015
Accepted: 17 Mar 2016

Published online: 29 Jan 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article