|
|
|
|
|
|
by sirwolfgang
3715 days ago
|
|
|
The main one in the article: http://www.cs.berkeley.edu/~jnear/space/ "SPACE is a specification-free tool for finding missing security checks in Ruby on Rails web applications using a catalog of access control patterns in which each pattern models a common access control use case. SPACE checks that for every kind of data exposure allowed by an application's code, some security pattern in our catalog also allows the exposure. The user provides a mapping from application types to the types of our catalog, and then SPACE identifies security bugs automatically." The paper referenced: https://dspace.mit.edu/bitstream/handle/1721.1/99841/9274107... |
|
|