SECURE REFACTORING - Improving the Security Level of Existing Code
Katsuhisa Maruyama
2007
Abstract
Software security is ever-increasingly becoming a serious issue; nevertheless, a large number of software programs are still defenseless against malicious attacks. This paper proposes a new class of refactoring, which is called secure refactoring. This refactoring is not intended to improve the maintainability of existing code. Instead, it helps programmers to increase the protection level of sensitive information stored in the code without changing its observable behavior. In this paper, four secure refactorings of Java source code and their respective mechanics based on static analysis are presented. All transformations of the proposed refactorings can be designed to be automated on our refactoring browser which supports the application of traditional refactorings.
DownloadPaper Citation
in Harvard Style
Maruyama K. (2007). SECURE REFACTORING - Improving the Security Level of Existing Code . In Proceedings of the Second International Conference on Software and Data Technologies - Volume 2: ICSOFT, ISBN 978-989-8111-06-7, pages 222-229. DOI: 10.5220/0001339102220229
in Bibtex Style
@conference{icsoft07,
author={Katsuhisa Maruyama},
title={SECURE REFACTORING - Improving the Security Level of Existing Code},
booktitle={Proceedings of the Second International Conference on Software and Data Technologies - Volume 2: ICSOFT,},
year={2007},
pages={222-229},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001339102220229},
isbn={978-989-8111-06-7},
}
in EndNote Style
TY - CONF
JO - Proceedings of the Second International Conference on Software and Data Technologies - Volume 2: ICSOFT,
TI - SECURE REFACTORING - Improving the Security Level of Existing Code
SN - 978-989-8111-06-7
AU - Maruyama K.
PY - 2007
SP - 222
EP - 229
DO - 10.5220/0001339102220229