摘要 |
Methods, software tools and systems for analyzing software applications, e.g., Web applications, are described. A software application to be analyzed is transformed into an abstract representation which preserves its information flow properties. The abstract interpretation is evaluated to identify vulnerabilities using, for example, type qualifiers to associate security levels with variables and/or functions in the application being analyzed and typestate checking. Runtime guards are inserted into the application to secure identified vulnerabilities.
|