Author:
Katsuhisa Maruyama
Affiliation:
Ritsumeikan University, Japan
Keyword(s):
Refactoring, software restructuring, software security, program analysis, software design.
Related
Ontology
Subjects/Areas/Topics:
Applications
;
Enterprise Software Technologies
;
Maintenance
;
Operational Research
;
Pattern Recognition
;
Reliable Software Technologies
;
Software Engineering
Abstract:
Software security is ever-increasingly becoming a serious issue; nevertheless, a large number of software programs are still defenseless against malicious attacks. This paper proposes a new class of refactoring, which is called secure refactoring. This refactoring is not intended to improve the maintainability of existing code. Instead, it helps programmers to increase the protection level of sensitive information stored in the code without changing its observable behavior. In this paper, four secure refactorings of Java source code and their respective mechanics based on static analysis are presented. All transformations of the proposed refactorings can be designed to be automated on our refactoring browser which supports the application of traditional refactorings.