« Making a *Gasp* Tech Dividend Growth Fund | Main | Who Manages App Gateways? Who Indeed? Yo La Tengo - Call in Security DevOps »



Why not some mechanism where all data is tagged (or tainted) and you must explicitely allow use of data with some tags. For example, seperating trusted vs untrusted data (and not only for the data/control panes mixing problem ). Typically in J2EE world with EJBs you quickly loose track of where data originates from and whether it can be trusted or not, and (for example) you end up using a userID provided by the client code instead of the one coming from your authn/session layer.

You could even get rid of data flow analysis tools by having the compiler enforce validation/sanitization rules for you, and you could make the rules much more relevant or specific than what these tools can do. After all, why analyze the whole flow since most of the time you want to validate input data or sanitize output data at the border. Ultimately, you could probably even have validators/sanitizors automatically applied to such data.

The comments to this entry are closed.