Implementing a security-specific slicer for servlet using program slicer
Security auditing tool is basically a system to check the adequacy of the defence implemented in the system coding. The main focus of this project is to develop a security auditing tool for the system which is written in Java Servlet. Input to the Servlet program is passed by the user using web for...
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project (FYP) |
| Language: | English |
| Published: |
2011
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/42890 |
| _version_ | 1826117358965489664 |
|---|---|
| author | Ei, Ei Ko |
| author2 | Tan Hee Beng Kuan |
| author_facet | Tan Hee Beng Kuan Ei, Ei Ko |
| author_sort | Ei, Ei Ko |
| collection | NTU |
| description | Security auditing tool is basically a system to check the adequacy of the defence implemented in the system coding. The main focus of this project is to develop a security auditing tool for the system which is written in Java Servlet. Input to the Servlet program is passed by the user using web forms. Thus in this project, statements affected by user’s input were extracted to examine the security defence implemented in the system. Program slicing was used as program analysis method in this project. Program slicer: Indus was used as the slicing mechanism to extract the statements as well as part of the security tool. Through the exploration of program slicing and the features of Indus, many techniques of program slicing were studied. Indus was configured and adjusted to be used as the slicer for Servlet program which is the main focus of this project. Furthermore, a prototype tool was implemented to link the Indus to the main security program. Upon completion of this project, program slicing method was studied and integrated into the security auditing tool. Program slicer: Indus was able to configure successfully and a prototype tool was implemented. Through this project, a new approach, program slicing was explored and learnt. Problem solving techniques were improved with configuration of Indus, and also gained hand-on experiences in writing Java programs. Finally, recommendations were made to improve the security auditing tool for future study. |
| first_indexed | 2024-10-01T04:26:18Z |
| format | Final Year Project (FYP) |
| id | ntu-10356/42890 |
| institution | Nanyang Technological University |
| language | English |
| last_indexed | 2024-10-01T04:26:18Z |
| publishDate | 2011 |
| record_format | dspace |
| spelling | ntu-10356/428902023-07-07T16:11:03Z Implementing a security-specific slicer for servlet using program slicer Ei, Ei Ko Tan Hee Beng Kuan School of Electrical and Electronic Engineering DRNTU::Engineering::Electrical and electronic engineering::Computer hardware, software and systems Security auditing tool is basically a system to check the adequacy of the defence implemented in the system coding. The main focus of this project is to develop a security auditing tool for the system which is written in Java Servlet. Input to the Servlet program is passed by the user using web forms. Thus in this project, statements affected by user’s input were extracted to examine the security defence implemented in the system. Program slicing was used as program analysis method in this project. Program slicer: Indus was used as the slicing mechanism to extract the statements as well as part of the security tool. Through the exploration of program slicing and the features of Indus, many techniques of program slicing were studied. Indus was configured and adjusted to be used as the slicer for Servlet program which is the main focus of this project. Furthermore, a prototype tool was implemented to link the Indus to the main security program. Upon completion of this project, program slicing method was studied and integrated into the security auditing tool. Program slicer: Indus was able to configure successfully and a prototype tool was implemented. Through this project, a new approach, program slicing was explored and learnt. Problem solving techniques were improved with configuration of Indus, and also gained hand-on experiences in writing Java programs. Finally, recommendations were made to improve the security auditing tool for future study. Bachelor of Engineering 2011-02-17T01:23:28Z 2011-02-17T01:23:28Z 2010 2010 Final Year Project (FYP) http://hdl.handle.net/10356/42890 en Nanyang Technological University 90 p. application/pdf |
| spellingShingle | DRNTU::Engineering::Electrical and electronic engineering::Computer hardware, software and systems Ei, Ei Ko Implementing a security-specific slicer for servlet using program slicer |
| title | Implementing a security-specific slicer for servlet using program slicer |
| title_full | Implementing a security-specific slicer for servlet using program slicer |
| title_fullStr | Implementing a security-specific slicer for servlet using program slicer |
| title_full_unstemmed | Implementing a security-specific slicer for servlet using program slicer |
| title_short | Implementing a security-specific slicer for servlet using program slicer |
| title_sort | implementing a security specific slicer for servlet using program slicer |
| topic | DRNTU::Engineering::Electrical and electronic engineering::Computer hardware, software and systems |
| url | http://hdl.handle.net/10356/42890 |
| work_keys_str_mv | AT eieiko implementingasecurityspecificslicerforservletusingprogramslicer |