Paper 1
Data Leakage Analysis of the Hibernate Query Language on a Propositional Formulae DomainAuthors: Raju Halder, Angshuman Jana, and Agostino Cortesi |
AbstractThis paper presents an information flow analysis of Hibernate Query Language (HQL). We define a concrete semantics of HQL and we lift the semantics on an abstract domain of propositional formulae. This way, we capture variables dependences at each program point. This allows us to identify illegitimate information flow by checking the satisfiability of propositional formulae with respect to a truth value assignment based on their security levels. |