2 research outputs found

    Investigation of Python Variable Privacy

    Get PDF
    This study looks at the relative security of Python regarding private variables and functions used in most other programming languages. Python has only grown in popularity due to its simple syntax and developing capabilities. However, little research has been published about how secure Python code and programs compiled from Python code actually are. This research seeks to expose vulnerabilities in Python code and determine what must be done for these vulnerabilities to be exploited by hackers to abuse potentially sensitive information contained within the program. The proposed methodology includes examining the private variable concept in other programming languages and conducting experiments to determine whether Python has any vulnerabilities specific to a lack of private variables and functions. Based on the findings of these experiments, further research will be needed to explore the range of vulnerabilities in Python code and how to protect against exploiting these vulnerabilities

    Privacy-Preserving Programming Using Sython

    No full text
    Abstract — Programmers often have access to confidential data that are not strictly needed for program development. Broad priveleges from accounts given to programmers allow them to view files, database table entries or even variables in team members ’ code that are not critical to their own code. The risk inherent in such unchecked access to possibly private and sensitive data is exacerbated in cases where software development is part of a larger functioning system with data already in place, and is especially severe in cases where development is contracted out to third parties. This paper focuses on the problem of providing developers with a programming language that incorporates privacy-preserving features. We present Sython, a preliminary prototype based on the Python programming language that incorporates such features, examining both implementation and the appearance of the system as viewed by a programmer. The main purpose of this paper is to explore the use of language syntax and underlying support for secure variables so that data owners can contract out programming tasks without worrying about information leakage
    corecore