Abstract
Refactoring allows changing a program without changing its behaviour from an observer’s point of view. To what extent does this invariant of behaviour also preserve security? We show that a program remains secure under refactoring. As a foundation, we use the Decentralized Label Model (DLM) for specifying secure information flows of programs and transition system models for their observable behaviour. On this basis, we provide a bisimulation based formal definition of refactoring and show its correspondence to the formal notion of information flow security (noninterference). This permits us to show security of refactoring patterns that have already been practically explored.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
For simplicity we concentrate on confidentiality in this paper.
- 2.
We should consider differently named bijective sets of variables for P and Q since renaming is also a refactoring but for the sake of simplicity we omit it here.
References
Boudol, G., Castellani, I.: Noninterference for concurrent programs. In: Orejas, F., Spirakis, P.G., Leeuwen, J. (eds.) ICALP 2001. LNCS, vol. 2076, pp. 382–395. Springer, Heidelberg (2001). doi:10.1007/3-540-48224-5_32
Denning, D.E., Denning, P.J.: Certification of programs for secure information flow. Commun. ACM 20(7), 504–513 (1977)
Fenton, J.S.: Information protection systems. Ph.D. thesis, Univ. Cambridge (1973)
Fowler, M.: Refactoring: Improving the Design of Existing Code. Addison Wesley, Boston (2004)
Helke, S., Kammüller, F., Probst, C.W.: Secure refactoring with java information flow. In: Garcia-Alfaro, J., Navarro-Arribas, G., Aldini, A., Martinelli, F., Suri, N. (eds.) DPM/QASA -2015. LNCS, vol. 9481, pp. 264–272. Springer, Heidelberg (2016). doi:10.1007/978-3-319-29883-2_19
Mantel, H.: On the Composition of Secure Systems. Security and Privacy, Oakland (2002)
Mantel, H., Sands, D., Sudbrock, H.: Assumptions and guarantees for compositional noninterference. In: IEEE CSF (2011)
Mclean, J.: A general theory of composition for trace sets closed under selective interleaving functions. In: Security and Privacy (1994)
Mens, T., Tourvé, T.: A survey of software refactoring. IEEE Trans. Softw. Eng. 30(2), 126–139 (2004)
Myers, A.C., Liskov, B.: A decentralized model for information flow control. In: ACM Symposium on Operating Systems Principles, SOSP 1997 (1997)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Kammüller, F. (2016). Refactoring Preserves Security. In: Livraga, G., Torra, V., Aldini, A., Martinelli, F., Suri, N. (eds) Data Privacy Management and Security Assurance. DPM QASA 2016 2016. Lecture Notes in Computer Science(), vol 9963. Springer, Cham. https://doi.org/10.1007/978-3-319-47072-6_17
Download citation
DOI: https://doi.org/10.1007/978-3-319-47072-6_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-47071-9
Online ISBN: 978-3-319-47072-6
eBook Packages: Computer ScienceComputer Science (R0)