In this paper we survey static analysis methods for identifying security vulnerabilities in software systems. We cover three areas that have been associated with sources of security vulnerabilities: access-control, in...
详细信息
In this paper we survey static analysis methods for identifying security vulnerabilities in software systems. We cover three areas that have been associated with sources of security vulnerabilities: access-control, information-flow, and application-programming-interface conformance. Because access control mechanisms fall into two major categories, stack-based access control and role-based access control, we discuss static analysis techniques for these two areas of access control separately. Similarly, security violations pertaining to information flow consist of integrity violations and confidentiality violations, and consequently, our discussion of static analysis techniques for information-flow vulnerabilities includes these two topics. For each type of security vulnerability we present our findings in two parts: in the first part we describe recent research results, and in the second part we illustrate implementation techniques by describing selected static analysis algorithms.
This paper presents the.design and implementation of intraGrid, an experimental grid based on the Globus Toolkit(TM) and deployed on the IBM intranet. The architecture and the main components of intraGrid are describe...
详细信息
This paper presents the.design and implementation of intraGrid, an experimental grid based on the Globus Toolkit(TM) and deployed on the IBM intranet. The architecture and the main components of intraGrid are described. Then, the major technical challenges and their solutions are reviewed, including software packaging and distribution, the interface for administrative tasks, and the.design and implementation of the three major services: information services, management services, and job submission services. The paper also describes the extensions and modifications to intraGrid that were required to create the ISD grid, a grid that is used for joint projects with customers and thus requires access by external users. The paper reviews the use of intraGrid by various teams of IBM researchers to date and outlines the plans for future applications. The work in progress to migrate the intraGrid to an OGSA-based (Open Grid Services Architecture-based) grid is also described.
暂无评论