(1) Field of Invention
The present invention relates to a security system and, more particularly, to a system for detecting source code security flaws through program slicing.
(2) Description of Related Art
Secure information flow is an important foundation to most security and computer systems. The research of security policy of software and, in particular, of information flow policy has a long history (e.g., greater than twenty years). Despite the fact that a variety of security languages have been proposed, none of them are widely used. The main reason for the lack of a uniform or widely used security language is the difficulty in writing and understanding the security policy.
Examples of prior art include a data flow-based inference technique (see the List of Cited Literature References, Literature Reference No. 17) for inferring declassification policies and a technique for taint checking using hybrid thin slicing (see Literature Reference No. 16). The former reference focuses exclusively on declassification policies. As such, it still requires manual labeling of programs with security labels before applying the analysis. The later reference considers the application of a particular form of program slicing, but the focus is on taint checking for explicit flows only. The taint checking approach does not consider techniques for simplifying the dependency graph by slicing as a means for presenting the summarized dependency graph as a usable information flow policy. In fact, the policies supported in the taint checking approach are simplistic, not accounting for endorsement. Neither of the above works consider the issue of optimizing policy for precision and added value of interactive feedback from the user for the analysis.
In information flow security, prior art falls into three general categories: dynamic taint analysis (see Literature Reference Nos. 1, 5, 8, 10, and 18), secure information flow compilers (see Literature Reference Nos. 4, 9, 12, and 15), and information flow security libraries for general-purpose programming languages (see Literature Reference Nos. 2, 6, and 13). While the aforementioned prior art does provide some level of security, none of those approaches incorporate any kind of code history analysis. As a result, such approaches require software developers to manually write the security policy, which significantly increases the code development cost.
Thus, a continuing need exists for a system that computes useful data about program information flow while reducing the need for an explicitly written security policy and the amount of manual annotations required.