发明申请
- 专利标题: DETECTION OF SECOND ORDER VULNERABILITIES IN WEB SERVICES
- 专利标题(中): 在WEB服务中检测第二个订单的漏洞
-
申请号: US13430002申请日: 2012-03-26
-
公开(公告)号: US20130167239A1公开(公告)日: 2013-06-27
- 发明人: YAIR AMIT , EVGENY BESKROVNY , OMER TRIPP
- 申请人: YAIR AMIT , EVGENY BESKROVNY , OMER TRIPP
- 申请人地址: US NY ARMONK
- 专利权人: INTERNATIONAL BUSINESS MACHINES CORPORATION
- 当前专利权人: INTERNATIONAL BUSINESS MACHINES CORPORATION
- 当前专利权人地址: US NY ARMONK
- 主分类号: G06F21/00
- IPC分类号: G06F21/00
摘要:
A method of detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.
公开/授权文献
- US10579802B2 Detection of second order vulnerabilities in web services 公开/授权日:2020-03-03
信息查询
