Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often security problems can be found at this level, because circumventing or misusing the required operations can lead to unexpected behaviour or to attacks, called application logic attacks. We investigate this issue, by using the CaSPiS calculus to model services, and by providing a Control Flow Analysis able to detect and prevent some possible misuses.

Static Detection of Logic Flaws in Service-Oriented Applications / Bodei, C; Brodo, Linda; Bruni, R.. - LNCS 5511:(2009), pp. 70-87. (Intervento presentato al convegno Foundations and Applications of Security Analysis, Workshop on Automated Reasoning tenutosi a York, UK nel March, 28-29).

Static Detection of Logic Flaws in Service-Oriented Applications

BRODO, Linda;
2009-01-01

Abstract

Application or business logic, used in the development of services, has to do with the operations that define the application functionalities and not with the platform ones. Often security problems can be found at this level, because circumventing or misusing the required operations can lead to unexpected behaviour or to attacks, called application logic attacks. We investigate this issue, by using the CaSPiS calculus to model services, and by providing a Control Flow Analysis able to detect and prevent some possible misuses.
2009
978-3-642-03458-9
Static Detection of Logic Flaws in Service-Oriented Applications / Bodei, C; Brodo, Linda; Bruni, R.. - LNCS 5511:(2009), pp. 70-87. (Intervento presentato al convegno Foundations and Applications of Security Analysis, Workshop on Automated Reasoning tenutosi a York, UK nel March, 28-29).
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11388/67898
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 8
  • ???jsp.display-item.citation.isi??? 6
social impact