Identifying Inter-Component Control Flow in Web Applications
نویسنده
چکیده
As web applications become more complex, automated techniques for their testing and verification have become essential. Many of these techniques, such as ones for identifying security vulnerabilities, require information about a web application’s control flow. Currently, this information is manually specified or automatically generated using techniques that cannot give strong guarantees of completeness. This paper presents a new static analysis based approach for identifying control flow in web applications that is both automated and provides stronger guarantees of completeness. The empirical evaluation of the approach shows that it is able to identify more complete control flow information than other approaches with comparable analysis run time.
منابع مشابه
Object-Based Data Flow Testing of Web Applications
Recently, the extraordinary growth in the World Wide Web has been sweeping through business and industry. Many companies have developed or integrated their mission-critical applications using Web technologies. As Web applications become complex, testing Web applications becomes crucial. This paper extends traditional data flow testing techniques to Web applications. Several data flow issues for...
متن کاملEfficient Design of Static Analysis Tool for Detecting Web Vulnerabilities
The number and the importance of web applications have increased rapidly over the last years. At the same time, the quantity and impact of security vulnerabilities in such applications have grown as well. Since manual code reviews are time-consuming, error prone and costly, the need for automated solutions has become evident. Many web applications written in ASP suffer from injection vulnerabil...
متن کاملStatic inter-BPEL program slicing for web services
Analysis and maintenance of BPEL programs play a vital role in assuring the quality of Web service software. In the paper, the concept of inter-service control flow graph (ISCFG) is proposed to represent the interaction behaviours between service units. Meanwhile, the traditional data flow analysis is extended to handle combinatorial structure of variables in BPEL program. Then, a method for co...
متن کاملThird-order Decentralized Safe Consensus Protocol for Inter-connected Heterogeneous Vehicular Platoons
In this paper, the stability analysis and control design of heterogeneous traffic flow is considered. It is assumed that the traffic flow consists of infinite number of cooperative non-identical vehicular platoons. Two different networks are investigated in stability analysis of heterogeneous traffic flow: 1) inter-platoon network which deals with the communication topology of lead vehicles and...
متن کاملHigh-level design for user and component interfaces
Component-based software architecture is very important for current software engineering practice because (a) it is the basis for re-use of software at the component level, and (b), in distributed systems, the physical distribution of an application over separate computers represents a decomposition of the application. Typical e-commerce applications consist of various components sometimes belo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015