Overview

The phenomenal growth of shared resources such as the Internet reshapes our notion of privacy and organizational boundaries. Public domain and commercial-off-the-shelf (COTS) components are such shared resources. Use of COTS components is often advantageous and reduces application development time. However, other organizations by definition develop COTS components, and those using these components have no control over the coding practices of the developing organizations. Hence, there is a need for analysis tools to scrutinize COTS components to ensure they contain no harmful vulnerabilities and leak no sensitive information.

We develop analysis techniques especially suited for COTS components. Our techniques are designed to be multi-lingual (capable of handling multiple source languages), handle a wide range of security and privacy policies, and balance accuracy and scalability. We combine techniques from static analysis (such as program slicing, shape analysis, and alias analysis), model checking (such as rely-guarantee reasoning), specifications for security policy expression (such as security automata), and formalisms for expressing information flow (such as secure flow typing and decentralized labels). These analysis techniques provide a comprehensive analysis of COTS components, reducing the deployment risk.