Refactoring Security Critical Program Code to Restrict Data Flow
When developing computer program code it’s important to be able to see and manage the flow of “sensitive” data values such as passwords and encryption keys. This project is developing enhancements to a computer programming environment to visually display the potential flow of data values and to allow the programmer to easily make changes to the code that will restrict the flow of such values. To demonstrate the principles a prototype is being developed in the Java programming language’s Eclipse environment extended with a novel data flow analysis module.
Coming up next: