François Gauthier

Learn More
Software clone detection techniques identify fragments of code that share some level of syntactic similarity. In this study, we investigate security-sensitive clone clusters: clusters of syntactically similar fragments of code that are protected by some privileges. From a security perspective, security-sensitive clone clusters can help reason about the(More)
Access control models implement mechanisms to restrict access to sensitive data from unprivileged users. Access controls typically check privileges that capture the semantics of the operations they protect. Semantic smells and errors in access control models stem from privileges that are partially or totally unrelated to the action they protect. This paper(More)
Automatic Query generators have been shown to be effective tools for software testing. For the most part, they have been used in system testing for the database as a whole or to generate specific queries to test specific features with not much randomness. In this work we explore the problems encountered when using a genetic algorithm to generate SQL for(More)
—This paper presents an approach to support the maintenance and evolution of Role-Based Access Control (RBAC) models with reverse-engineered SecureUML models. Starting from the Policy Decision Points (PDP) and Policy Enforcement Points (PEP) of an application, our approach statically reverse-engineers the implemented SecureUML model of an application. The(More)