Yang et al., 2015 - Google Patents
End-to-end policy-agnostic security for database-backed applicationsYang et al., 2015
View PDF- Document ID
- 17548888304103751118
- Author
- Yang J
- Hance T
- Austin T
- Solar-Lezama A
- Flanagan C
- Chong S
- Publication year
- Publication venue
- CoRR, abs/1507.03513
External Links
Snippet
Protecting sensitive data often requires implementing repeated security checks and filters throughout a program. This task is especially error-prone in web programs, where data flows between applications and databases. To reduce the opportunity for privacy leaks, we …
- 230000002708 enhancing 0 abstract description 7
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30067—File systems; File servers
- G06F17/30129—Details of further file system functionalities
- G06F17/30144—Details of monitoring file system events, e.g. by the use of hooks, filter drivers, logs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30289—Database design, administration or maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30587—Details of specialised database models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/50—Computer-aided design
- G06F17/5009—Computer-aided design using simulation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
- G06F8/71—Version control; Configuration management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/468—Specific access rights for resources, e.g. using capability register
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
- G06F8/36—Software reuse
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yang et al. | Precise, dynamic information flow for database-backed applications | |
| Reussner et al. | Modeling and simulating software architectures: The Palladio approach | |
| US8494832B2 (en) | Method and apparatus for software simulation | |
| US20220413998A1 (en) | Testing software and/or computing hardware design through test fragmentation into one or more discrete computing environments | |
| US9886369B2 (en) | Dynamic data fabrication for database applications | |
| US10083016B1 (en) | Procedurally specifying calculated database fields, and populating them | |
| Corcoran et al. | Cross-tier, label-based security enforcement for web applications | |
| US20050091346A1 (en) | Settings management infrastructure | |
| Pan et al. | Guided test generation for database applications via synthesized database interactions | |
| Colombo et al. | Enforcement of purpose based access control within relational database management systems | |
| Kessler et al. | SAP HANA goes private: from privacy research to privacy aware enterprise analytics | |
| Muppala | SQL Database Mastery: Relational Architectures, Optimization Techniques, and Cloud-Based Applications | |
| Nagar et al. | Automated parameterized verification of CRDTs | |
| Dodds et al. | Compositional verification of compiler optimisations on relaxed memory | |
| Zhang et al. | Blockaid: Data access policy enforcement for web applications | |
| Yang et al. | End-to-end policy-agnostic security for database-backed applications | |
| Busch et al. | Towards model-driven development of access control policies for web applications | |
| Lourenço et al. | Information flow analysis for valued-indexed data security compartments | |
| Olson et al. | A formal framework for reflective database access control policies | |
| Abdulla et al. | Optimal stateless model checking for causal consistency | |
| Gupta et al. | Growlithe: A Developer-Centric Compliance Tool for Serverless Applications | |
| Šestak et al. | Integrity constraints in graph databases-implementation challenges | |
| Parker | LMonad: Information flow control for Haskell web applications | |
| Al Wardani et al. | Formal reasoning using distributed assertions | |
| Bichhawat et al. | Contextual and granular policy enforcement in database-backed applications |