University of Minnesota
Software Engineering Center

You are here

Ninh-Thuan Truong

Recent Publications

Analyzing RBAC Security Policy of Implementation Using AST

Security policy is a critical property in software applications which require high levels of safety and security. It has to be clearly specified in requirement documents and its implementation must be conformed to the specification. In this paper, we propose an approach to check if the implementation is in accordance with its security policy specification. We use the Abstract Syntax Tree (AST), another manner of expressing the program, to analyze the source code and specify user permission policy in software systems by Role-Based Access Control (RBAC).

A Fast Algorithm to Compute Heap Memory Bounds of Java Card Applets

In this paper, we present an approach to find upper bounds of heap space for Java Card applets. Our method first transforms an input bytecode stream into a control flow graph (CFG), and then collapses cycles of the CFG to produce a directed acyclic graph (DAG). Based on the DAG, we propose a linear-time algorithm to solve the problem of finding the single-source largest path in it. We also have implemented a prototype tool, tested it on several sample applications, and then compared the bounds found by our tool with the actual heap bounds of the programs.

Computing heap space cost of Java Card applets

We introduce an approach to find upper bounds of heap space for Java Card applets. Our approach analyzes and transforms bytecodes of Java Card applets into equivalent programs in a language that already has a type system for finding the sharp upper bounds of resource use. We then point out a linear-time algorithm to compute the maximum heap units that may be allocated during the lifetime of Java Card applets. We also have implemented a prototype tool and tested it on several examples and the results are good.