Abstract:
The aim of this thesis is to extend the Abstract Interpretation framework to the broader context of Information Systems. In particular, we address issues related to security properties. We formalize a complete denotational semantics, both at concrete and abstract level, of data-intensive applications embedding data manipulation language operations such as SELECT, UPDATE, INSERT and DELETE. This theoretical work serves as a formal foundation of several interesting practical applications, including persistent watermarking, fine grained access control, SQL injection prevention, and cooperative query answering. We also address the issue of program slicing refinement, leading to an abstract program slicing algorithm that covers SQL data manipulation languages as well. A prototype of a tool implementing our abstract program slicing is also presented.