...
The general case of automated detection appears to be infeasible, as determining which specific data may be passed through the socket is not statically computable. An approach that introduces a custom API for passing sensitive data via secure sockets may be feasible. User tagging of sensitive data would be a necessary requirement for such an approach.
Related
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
CWE ID 311, "Failure to Encrypt Sensitive Data" |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="2d413f5bb9361e32-af41ee5f-49d54698-9c30abbe-5dcf599257f6dee46c6d75f8"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="15e067034bbfe534-174a1f35-41874148-87298771-cdbcc83d1dfc4bc77a4beaf4"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | 11.3.3 "Securing RMI Communications" | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b3f43a4ae2bf5e28-d175c8dc-43df4326-9e198401-2796d55962ed3c3cb4de09ef"><ac:plain-text-body><![CDATA[ | [[Ware 2008 | AA. Bibliography#Ware 08]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
...