liu.seSearch for publications in DiVA
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Detecting access to sensitive data in software extensions through static analysis
Linköping University, Department of Computer and Information Science, Software and Systems.
Linköping University, Department of Computer and Information Science, Software and Systems.
2019 (English)Independent thesis Basic level (degree of Bachelor), 10,5 credits / 16 HE creditsStudent thesisAlternative title
Att upptäcka åtkomst till känslig information i mjukvarutillägg genom statisk analys (Swedish)
Abstract [en]

Static analysis is a technique to automatically audit code without having to execute or manually read through it. It is highly effective and can scan large amounts of code or text very quickly. This thesis uses static analysis to find potential threats within a software's extension modules. These extensions are developed by third parties and should not be allowed to access information belonging to other extensions. However, due to the structure of the software there is no easy way to restrict this and still keep the software's functionality intact. The use of a static analysis tool could detect such threats by analyzing the code of an extension before it is published online, and therefore keep all current functionality intact. As the software is based on a lesser known language and there is a specific threat by way of information disclosure, a new static analysis tool has to be developed. To achieve this, a combination of language specific functionality and features available in C++ are combined to create an extendable tool which has the capability to detect cross-extension data access.

Place, publisher, year, edition, pages
2019. , p. 33
Keywords [en]
static analysis, extensions, plugin, sensitive data
Keywords [sv]
statisk analys, tillägg, känslig data
National Category
Software Engineering
Identifiers
URN: urn:nbn:se:liu:diva-162281ISRN: LIU-IDA/LITH-EX-G--19/054—SEOAI: oai:DiVA.org:liu-162281DiVA, id: diva2:1373298
Subject / course
Computer Engineering
Supervisors
Examiners
Available from: 2019-11-26 Created: 2019-11-26 Last updated: 2019-11-26Bibliographically approved

Open Access in DiVA

fulltext(417 kB)2 downloads
File information
File name FULLTEXT01.pdfFile size 417 kBChecksum SHA-512
50cd259bf9c4f340c63d9fd7385a8b975b0f15735b9a4632b7e1d620af8ce75728ceb83e11e1ec0249f5d711aff5c9a67b3840573bc05d00147ed0b4e9d36d84
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Hedlin, JohanKahlström, Joakim
By organisation
Software and Systems
Software Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 2 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 45 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf