TY - GEN
T1 - CogniCrypt
T2 - 32nd IEEE/ACM International Conference on Automated Software Engineering, ASE 2017
AU - Kruger, Stefan
AU - Nadi, Sarah
AU - Reif, Michael
AU - Ali, Karim
AU - Mezini, Mira
AU - Bodden, Eric
AU - Gopfert, Florian
AU - Gunther, Felix
AU - Weinert, Christian
AU - Demmler, Daniel
AU - Kamath, Ram
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/11/20
Y1 - 2017/11/20
N2 - Previous research suggests that developers often struggle using low-level cryptographic APIs and, as a result, produce insecure code. When asked, developers desire, among other things, more tool support to help them use such APIs. In this paper, we present CogniCrypt, a tool that supports developers with the use of cryptographic APIs. CogniCrypt assists the developer in two ways. First, for a number of common cryptographic tasks, CogniCrypt generates code that implements the respective task in a secure manner. Currently, CogniCrypt supports tasks such as data encryption, communication over secure channels, and long-term archiving. Second, CogniCrypt continuously runs static analyses in the background to ensure a secure integration of the generated code into the developer's workspace. This video demo showcases the main features of CogniCrypt: youtube.com/watch?v=JUq5mRHfAWY.
AB - Previous research suggests that developers often struggle using low-level cryptographic APIs and, as a result, produce insecure code. When asked, developers desire, among other things, more tool support to help them use such APIs. In this paper, we present CogniCrypt, a tool that supports developers with the use of cryptographic APIs. CogniCrypt assists the developer in two ways. First, for a number of common cryptographic tasks, CogniCrypt generates code that implements the respective task in a secure manner. Currently, CogniCrypt supports tasks such as data encryption, communication over secure channels, and long-term archiving. Second, CogniCrypt continuously runs static analyses in the background to ensure a secure integration of the generated code into the developer's workspace. This video demo showcases the main features of CogniCrypt: youtube.com/watch?v=JUq5mRHfAWY.
KW - Code Analysis
KW - Code Generation
KW - Cryptography
KW - Variability Modeling
UR - http://www.scopus.com/inward/record.url?scp=85041436961&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85041436961&partnerID=8YFLogxK
U2 - 10.1109/ASE.2017.8115707
DO - 10.1109/ASE.2017.8115707
M3 - Conference contribution
AN - SCOPUS:85041436961
T3 - ASE 2017 - Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering
SP - 931
EP - 936
BT - ASE 2017 - Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering
A2 - Nguyen, Tien N.
A2 - Rosu, Grigore
A2 - Di Penta, Massimiliano
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 30 October 2017 through 3 November 2017
ER -