Interactive programming support for secure software development.

摘要

Software vulnerabilities originating from insecure code are one of the leading causes of security problems people face today. Unfortunately, many software developers have not been adequately trained in writing secure programs that are resistant from attacks violating program confidentiality, integrity, and availability, a style of programming which I refer to as secure programming. Worse, even well-trained developers can still make programming errors, including security ones. This may be either because of their lack of understanding of secure programming practices, and/or their lapses of attention on security.;Much work on software security has focused on detecting software vulnerabilities through automated analysis techniques. While they are effective, they are neither sufficient nor optimal. For instance, current tool support for secure programming, both from tool vendors as well as within the research community, focuses on catching security errors after the program is written. Tools such as static and dynamic analyzers work in a similar way as early compilers: developers must first run the tool, obtain and analyze results, diagnose programs, and finally fix the code if necessary. Thus, these tools tend to be used to find vulnerabilities at the end of the development lifecycle. Their popularity, however, does not guarantee utilization; other business priorities may take precedence. Moreover, using such tools often requires some security expertise, thus can be costly. What is worse, these approaches exclude programmers from the security loop, and therefore, do not discourage them from continuing to write insecure code.;In this dissertation, I investigate an approach to increasing developer awareness and promoting good practices of secure programming by interactively reminding programmers of secure programming practices in situ, helping them to either close the secure programming knowledge gap or overcome attention/memory lapses. More specifically, I designed two techniques to help programmers prevent common secure coding errors: interactive code refactoring and interactive code annotation. My thesis is that by providing effective reminder support in a programming environment, e.g. modern IDE, one can effectively reduce common security vulnerabilities in software systems.;I have implemented interactive code refactoring as a proof-of-concept plugin for Eclipse and Java. Extensive evaluation results show that this approach can detect and address common web application vulnerabilities, it can also serve as an effective aid for programmers in writing secure code. My approach can also effectively complement existing software security best practices and significantly increase developer productivity. I have also implemented interactive code annotation, and conduct user studies to investigate its effectiveness and impact on developers' programming behaviors and awareness towards writing secure code.