Copyright Information
The documents distributed by this server have been provided by the contributing authors as a means to ensure timely
dissemination of scholarly and technical work on a noncommercial basis. Copyright and all rights therein are maintained
by the authors or by other copyright holders, notwithstanding that they have offered their works here electronically. It
is understood that all persons copying this information will adhere to the terms and constraints invoked by each author's
copyright. These works may not be reposted without the explicit permission of the copyright holder.
show all publications
Static Detection of Logic Flaws in Service-Oriented Applications @INPROCEEDINGS{BodeiBB09,
title = {{Static Detection of Logic Flaws in Service-Oriented Applications}},
author = {{Chiara} {Bodei} and {Linda} {Brodo} and {Roberto} {Bruni}},
booktitle = {Foundations and Applications of Security Analysis, Joint Workshop on Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Se},
editor = {Pierpaolo Degano and Luca Vigan\`o},
pages = {70-87},
abstract = {Application or business logic, used in the development of services,
has to do with the operations that define the application
functionalities and not with the platform ones.
Often security problems can be found at this level, because the
circumvention or misuse of the required operations can lead to
unexpected behaviour or to attacks, called application logic
attacks.
We investigate this issue, by using the CaSPiS calculus to model
services, and by providing a Control Flow Analysis able to detect
and prevent some possible misuses.
},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
volume = {5511},
year = {2009},
url = {http://rap.dsi.unifi.it/sensoria/BodeiBB09.pdf},
address = {Dipartimento di Informatica Universita di Pisa Largo B. Pont},
main = {Y},
partner = {UNIPI},
school = {University of Pisa},
status = {public},
task = {T3.1},
}
|