会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Method and system for run-time dynamic and interactive identification software authorization requirements and privileged code locations, and for validation of other software program analysis results
    • 用于运行时动态和交互式识别软件授权要求和特权代码位置的方法和系统,以及其他软件程序分析结果的验证
    • US09449190B2
    • 2016-09-20
    • US12127298
    • 2008-05-27
    • Paolina CentonzeJose GomesMarco Pistoia
    • Paolina CentonzeJose GomesMarco Pistoia
    • G06F21/00G06F21/62
    • G06F21/6227G06F2221/2141G06F2221/2149
    • A system, method and computer program product for identifying security authorizations and privileged-code requirements; for validating analyses performed using static analyses; for automatically evaluating existing security policies; for detecting problems in code; in a run-time execution environment in which a software program is executing. The method comprises: implementing reflection objects for identifying program points in the executing program where authorization failures have occurred in response to the program's attempted access of resources requiring authorization; displaying instances of identified program points via a user interface, the identified instances being user selectable; for a selected program point, determining authorization and privileged-code requirements for the access restricted resources in real-time; and, enabling a user to select, via the user interface, whether a required authorization should be granted, wherein local system, fine-grained access of resources requiring authorizations is provided.
    • 用于识别安全授权和特权代码要求的系统,方法和计算机程序产品; 用于验证使用静态分析进行的分析; 用于自动评估现有安全策略; 用于检测代码中的问题; 在执行软件程序的运行时执行环境中。 该方法包括:响应于程序尝试访问需要授权的资源,实施用于识别执行程序中的程序点的反射对象,其中发生授权失败; 经由用户界面显示所识别的节目点的实例,所识别的实例是用户可选择的; 对于选定的程序点,实时地确定访问受限资源的授权和特权代码要求; 并且使得用户能够经由用户界面来选择是否应当授予所需的授权,其中本地系统提供需要授权的资源的细粒度访问。
    • 3. 发明申请
    • METHOD AND SYSTEM FOR RUN-TIME DYNAMIC AND INTERACTIVE IDENTIFICATION OF SOFTWARE AUTHORIZATION REQUIREMENTS AND PRIVILEGED CODE LOCATIONS, AND FOR VALIDATION OF OTHER SOFTWARE PROGRAM ANALYSIS RESULTS
    • 软件授权要求和特殊代码位置的运行时间动态和交互式标识的方法和系统,以及其他软件程序分析结果的验证
    • US20090007223A1
    • 2009-01-01
    • US12127298
    • 2008-05-27
    • Paolina CentonzeJose GomesMarco Pistoia
    • Paolina CentonzeJose GomesMarco Pistoia
    • G06F21/00
    • G06F21/6227G06F2221/2141G06F2221/2149
    • A system, method and computer program product for identifying security authorizations and privileged-code requirements; for validating analyses performed using static analyses; for automatically evaluating existing security policies; for detecting problems in code; in a run-time execution environment in which a software program is executing. The method comprises: implementing reflection objects for identifying program points in the executing program where authorization failures have occurred in response to the program's attempted access of resources requiring authorization; displaying instances of identified program points via a user interface, the identified instances being user selectable; for a selected program point, determining authorization and privileged-code requirements for the access restricted resources in real-time; and, enabling a user to select, via the user interface, whether a required authorization should be granted, wherein local system, fine-grained access of resources requiring authorizations is provided.
    • 用于识别安全授权和特权代码要求的系统,方法和计算机程序产品; 用于验证使用静态分析进行的分析; 用于自动评估现有安全策略; 用于检测代码中的问题; 在执行软件程序的运行时执行环境中。 该方法包括:响应于程序尝试访问需要授权的资源,实施用于识别执行程序中的程序点的反射对象,其中发生授权失败; 经由用户界面显示所识别的节目点的实例,所识别的实例是用户可选择的; 对于选定的程序点,实时地确定访问受限资源的授权和特权代码要求; 并且使得用户能够经由用户界面来选择是否应当授予所需的授权,其中本地系统提供需要授权的资源的细粒度访问。
    • 5. 发明申请
    • SYSTEM AND METHOD FOR THE AUTOMATIC VERIFICATION OF PRIVILEGE-ASSERTING AND SUBJECT-EXECUTED CODE
    • 用于自主验证特权和主体代码的系统和方法
    • US20080201688A1
    • 2008-08-21
    • US11677259
    • 2007-02-21
    • Paolina CentonzeMarco Pistoia
    • Paolina CentonzeMarco Pistoia
    • G06F9/44
    • G06F21/57G06F8/75
    • The present relates to a method for verifying privileged and subject-executed code within a program, the method further comprising the steps of constructing a static model of a program, identifying checkPermission nodes that are comprised within the invocation graph, and performing a fixed-point iteration, wherein each determined permission set is propagated backwards across the nodes of the static model until a privilege-asserting code node is reached. The method further comprises the steps of associating each node of the invocation graph with a set of Permission allocation sites, analyzing each identified privilege-asserting code node and subject-executing code node to determine the Permission allocation site set that is associated with each privilege-asserting code node and subject-executing code node, and determining the cardinality of a Permission allocation-site set that is associated with each privilege-asserting code node and subject-executing code node.
    • 本发明涉及一种用于验证程序内的特权和主体执行代码的方法,所述方法还包括以下步骤:构建程序的静态模型,识别包含在调用图中的checkPermission节点,并执行定点 迭代,其中每个确定的权限集合经过静态模型的节点向后传播,直到达到特权确定代码节点。 该方法还包括以下步骤:将调用图的每个节点与一组权限分配站点相关联,分析每个已识别的特权代理节点和主体执行代码节点,以确定与每个权限分配站点相关联的权限分配站点集, 断言代码节点和主体执行代码节点,以及确定与每个特权代理节点和主体执行代码节点相关联的权限分配站点集合的基数。
    • 10. 发明申请
    • Static Analysis For Verification Of Software Program Access To Secure Resources For Computer Systems
    • 静态分析用于验证软件程序访问以确保计算机系统的资源
    • US20120331547A1
    • 2012-12-27
    • US13602549
    • 2012-09-04
    • Ryan BergPaolina CentonzeMarco PistoiaOmer Tripp
    • Ryan BergPaolina CentonzeMarco PistoiaOmer Tripp
    • G06F21/00
    • G06F21/577
    • Computer program products and apparatus are disclosed. Using a static analysis, a software program is analyzed to determine whether the software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. In response to an access by the software program to the secure resource without verification that the secure resource can be accessed by the software program, a result is output indicative of the analyzing. An apparatus is disclosed that includes a user interface providing a security report to a user, the security report indicating a result of an analysis of whether or not a software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program.
    • 公开了计算机程序产品和设备。 使用静态分析,分析软件程序以确定软件程序是否访问计算机系统的安全资源,而不验证软件程序可以访问安全资源。 响应于软件程序对安全资源的访问,而不验证安全资源可以被软件程序访问,则输出指示分析的结果。 公开了一种装置,其包括向用户提供安全报告的用户界面,该安全报告指示软件程序是否访问用于计算机系统的安全资源的分析结果,而无需验证该安全资源可被访问 由软件程序。