Securing SQLJ Source Codes from Business Logic Disclosure by Data Hiding Obfuscation
نویسندگان
چکیده
Information security is protecting information from unauthorized access, use, disclosure, disruption, modification, perusal and destruction. CAIN model suggest maintaining the Confidentiality, Authenticity, Integrity and Non-repudiation (CAIN) of information. Oracle 8i, 9i and 11g Databases support SQLJ framework allowing embedding of SQL statements in Java Programs and providing programmer friendly means to access the Oracle database. As cloud computing technology is becoming popular, SQLJ is considered as a flexible and user friendly language for developing distributed applications in grid architectures. SQLJ source codes are translated to java byte codes and decompilation is generation of source codes from intermediate byte codes. The intermediate SQLJ application byte codes are open to decompilation, allowing a malicious reader to forcefully decompile it for understanding confidential business logic or data from the codes. To the best of our knowledge, strong and cost effective techniques exist for Oracle Database security, but still data security techniques are lacking for client side applications, giving possibility for revelation of confidential business data. Data obfuscation is hiding the data in codes and we suggest enhancing the data security in SQLJ source codes by data hiding, to mitigate disclosure of confidential business data, especially integers in distributed applications. Keywords; Information Security, Data Obfuscation, SQLJ
منابع مشابه
JConstHide: A Framework for Java Source Code Constant Hiding
Software obfuscation or obscuring a software is an approach to defeat the practice of reverse engineering a software for using its functionality illegally in the development of another software. Java applications are more amenable to reverse engineering and re-engineering attacks through methods such as decompilation because Java class files store the program in a semi complied form called 'byt...
متن کاملArray Based Java Source Code Obfuscation Using Classes with Restructured Arrays
Array restructuring operations obscure arrays. Our work aims on java source code obfuscation containing arrays. Our main proposal is Classes with restructured array members and obscured member methods for setting, getting array elements and to get the length of arrays. The class method definition codes are obscured through index transformation and constant hiding. The instantiated objects of th...
متن کاملA New Villain: Investigating Steganography in Source Engine Based Video Games
In an ever expanding field such as computer and digital forensics, new threats to data privacy and legality are presented daily. As such, new methods for hiding and securing data need to be created. Using steganography to hide data within video game files presents a solution to this problem. In response to this new method of data obfuscation, investigators need methods to recover specific data ...
متن کاملSoftware Protection via Hiding Function Using Software Obfuscation
Application Service Provider (ASP) is a business that makes computer-based services (small and medium sized businesses) available to clients over a network. The usual ASP sells a large application to large enterprises, but also, provides a pay-as-you-go model for smaller clients. One of the main problems with ASP is the insufficient security to resist attacks and guarantee pay-as-you-go. Functi...
متن کاملCOAT: Code ObfuscAtion Tool to evaluate the performance of code plagiarism detection tools
There exist many plagiarism detection tools to uncover plagiarized codes by analyzing the similarity of source codes. To measure how reliable those plagiarism detection tools are, we developed a tool named Code ObfuscAtion Tool (COAT) that takes a program source code as input and produces another source code that is exactly equivalent to the input source code in their functional behaviors but w...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1205.4813 شماره
صفحات -
تاریخ انتشار 2003