Improving Application Security with Data Flow Assertions
RESIN is a new language runtime that helps prevent security vulnerabilities,
by allowing programmers to specify application-level data
flow assertions. RESIN provides policy objects, which programmers
use to specify assertion code and metadata; data tracking, which
allows programmers to associate assertions with application data,
and to keep track of assertions as the data flow through the application;
and filter objects, which programmers use to define data
flow boundaries at which assertions are checked. s runtime
checks data flow assertions by propagating policy objects along with
data, as that data moves through the application, and then invoking
filter objects when data crosses a data flow boundary, such as when
writing data to the network or a file.
Using RESIN, Web application programmers can prevent a range
of problems, from SQL injection and cross-site scripting, to inadvertent
password disclosure and missing access control checks. Adding
a RESIN assertion to an application requires few changes to the
existing application code, and an assertion can reuse existing code
and data structures. For instance, 23 lines of code detect and prevent
three previously-unknown missing access control vulnerabilities in
phpBB, a popular Web forum application. Other assertions comprising
tens of lines of code prevent a range of vulnerabilities in Python
and PHP applications. A prototype of RESIN incurs a 33% CPU
overhead running the HotCRP conference management application.
- Snapshot from December 16, 2010
of the PHP source code.
- You can obtain the Python version of Resin using git:
git clone git://g.csail.mit.edu/python-resin
taint-sample/ for example code.