-
1.发明申请公开(公告)号:US20080172714A1
公开(公告)日:2008-07-17
申请号:US11623371
申请日:2007-01-16
申请人: Kouichi Ono , Yuhichi Nakumura , Fumiko Satoh , Takaaki Tateishi
发明人: Kouichi Ono , Yuhichi Nakumura , Fumiko Satoh , Takaaki Tateishi
IPC分类号: H04L9/00
摘要: A method for model, based verification of security policies for web service composition. The method includes corresponding to a verification generated by an information Row analysis. The method further includes obtaining an abstracted security qualifier. The method proceeds by presenting the abstracted security qualifier to an application model. The abstracted, security qualifier being presented to the application model as a security requirement. Subsequently, the method proceeds by farther including removing the data security requirement on data utilized in the service from the compliance rule. The method proceeds by processing flow in the application model, such processing being based upon the data security requirement. The method further includes verifying the consistency in response to the processing flow.
摘要翻译: 一种用于Web服务组合的安全策略的模型验证方法。 该方法包括对应于由信息行分析生成的验证。 该方法还包括获得抽象的安全限定符。 该方法通过将抽象的安全限定符呈现给应用程序模型来进行。 被提交给应用程序模型的抽象的安全限定符作为安全要求。 随后,该方法进一步包括从合规规则中去除服务中使用的数据的数据安全性要求。 该方法通过处理应用模型中的流程而进行,这种处理基于数据安全性要求。 该方法还包括验证响应于处理流程的一致性。
-
2.发明授权Method for model based verification of security policies for web service composition 失效Web服务组合安全策略模型验证方法公开(公告)号:US08650608B2
公开(公告)日:2014-02-11
申请号:US11623371
申请日:2007-01-16
申请人: Kouichi Ono , Yuhichi Nakumura , Fumiko Satoh , Takaaki Tateishi
发明人: Kouichi Ono , Yuhichi Nakumura , Fumiko Satoh , Takaaki Tateishi
IPC分类号: G06F17/00 , G06F7/04 , G06F15/16 , G06F17/30 , G06F9/00 , G06F12/00 , G06F12/14 , G06F13/00 , H04L29/06 , G11C7/00
摘要: A method for model based verification of security policies for web service composition. The method includes corresponding to a verification generated by an information flow analysis. The method further includes obtaining an abstracted security qualifier. The method proceeds by presenting the abstracted security qualifier to an application model. The abstracted security qualifier being presented to the application model as a security requirement. Subsequently, the method proceeds by farther including removing the data security requirement on data utilized in the service from the compliance rule. The method proceeds by processing flow in the application model, such processing being based upon the data security requirement. The method further includes verifying the consistency in response to the processing flow.
摘要翻译: 一种用于Web服务组合的安全策略的基于模型验证的方法。 该方法包括对应于由信息流分析生成的验证。 该方法还包括获得抽象的安全限定符。 该方法通过将抽象的安全限定符呈现给应用程序模型来进行。 抽象的安全限定符作为安全性要求呈现给应用程序模型。 随后,该方法进一步包括从合规规则中去除服务中使用的数据的数据安全性要求。 该方法通过处理应用模型中的流程而进行,这种处理基于数据安全性要求。 该方法还包括验证响应于处理流程的一致性。
-
公开(公告)号:US08095918B2
公开(公告)日:2012-01-10
申请号:US11565265
申请日:2006-11-30
申请人: Fumiko Satoh , Yuichi Nokomuru , Kouichi Ono
发明人: Fumiko Satoh , Yuichi Nokomuru , Kouichi Ono
IPC分类号: G06F9/45
CPC分类号: G06F21/54 , H04L63/168 , H04L63/20
摘要: A software development apparatus for developing application software based on an object model that requires security in a web service application is provided. The software development apparatus includes a display unit that displays, in a class diagram of the application software, security annotation for adding security requirements for a service, input means for inputting the security annotation, transforming means for transforming the class diagram into a configuration model based on a markup language, and configuration-file creating means for creating a configuration file based on a markup language by serializing the configuration model based on a markup language. The security annotation includes the security requirements and a token class of a security token that is a certificate for declaring identity of a client to a server.
摘要翻译: 提供了一种用于基于需要Web服务应用中的安全性的对象模型来开发应用软件的软件开发设备。 该软件开发装置包括显示单元,该显示单元在应用软件的类图中显示用于添加服务的安全性要求的安全注释,用于输入安全注释的输入装置,用于将类图转换为配置模型的变换装置 以及配置文件创建装置,用于基于标记语言通过基于标记语言串行化配置模型来创建基于标记语言的配置文件。 安全性注释包括安全性要求和安全令牌的令牌类,该令牌类是用于向服务器声明客户端的身份的证书。
-
4.发明申请INFORMATION PROCESSING APPARATUS FOR AUTHENTICATION SETTING OF MODEL THAT REQUIRES CONFIDENTIALITY 审中-公开信息处理设备的认证设置需要保密的型号公开(公告)号:US20080288999A1
公开(公告)日:2008-11-20
申请号:US11689991
申请日:2007-03-22
申请人: Fumiko Satoh , Yuichi Nakamura , Kouichi Ono
发明人: Fumiko Satoh , Yuichi Nakamura , Kouichi Ono
IPC分类号: G06F17/00
CPC分类号: H04L63/0815 , G06F21/33
摘要: The present disclosure provides an information processing apparatus and the like, which allow a service developer, who develops a service requiring confidentiality in a service-oriented architecture, to easily create authentication settings for the service model. The present disclosure provides an information processing apparatus for developing a service requiring confidentiality in a service-oriented architecture. The information processing apparatus includes: an input unit for inputting an annotation for a service; a storage unit for storing an Authentication Infrastructure Model of a machine node on which the service is executed; and an Authentication Policy generation unit for generating an Authentication Policy by using the annotation and the Authentication Infrastructure Model.
摘要翻译: 本公开提供了一种信息处理设备等,其允许在面向服务架构中开发需要机密性的服务的服务开发者容易地创建用于服务模型的认证设置。 本公开提供了一种用于在面向服务的架构中开发需要机密性的服务的信息处理设备。 信息处理装置包括:输入单元,用于输入服务的注释; 存储单元,用于存储执行所述服务的机器节点的认证基础设施模型; 以及用于通过使用注释和认证基础设施模型来生成认证策略的认证策略生成单元。
-
公开(公告)号:US08386998B2
公开(公告)日:2013-02-26
申请号:US12061723
申请日:2008-04-03
申请人: Fumiko Satoh , Yuichi Nakamura , Kouichi Ono
发明人: Fumiko Satoh , Yuichi Nakamura , Kouichi Ono
IPC分类号: G06F9/45
CPC分类号: G06F21/54 , H04L63/168 , H04L63/20
摘要: A software development apparatus for developing application software based on an object model that requires security in a web service application is provided. The software development apparatus includes a display unit that displays, in a class diagram of the application software, security annotation for adding security requirements for a service, input means for inputting the security annotation, transforming means for transforming the class diagram into a configuration model based on a markup language, and configuration-file creating means for creating a configuration file based on a markup language by serializing the configuration model based on a markup language. The security annotation includes the security requirements and a token class of a security token that is a certificate for declaring identity of a client to a server.
摘要翻译: 提供了一种用于基于需要Web服务应用中的安全性的对象模型来开发应用软件的软件开发设备。 该软件开发装置包括显示单元,该显示单元在应用软件的类图中显示用于添加服务的安全性要求的安全注释,用于输入安全注释的输入装置,用于将类图转换为配置模型的变换装置 以及配置文件创建装置,用于基于标记语言通过基于标记语言串行化配置模型来创建基于标记语言的配置文件。 安全性注释包括安全性要求和安全令牌的令牌类,该令牌类是用于向服务器声明客户端的身份的证书。
-
公开(公告)号:US20080189676A1
公开(公告)日:2008-08-07
申请号:US12061723
申请日:2008-04-03
申请人: Fumiko Satoh , Yuichi Nakamura , Kouichi Ono
发明人: Fumiko Satoh , Yuichi Nakamura , Kouichi Ono
IPC分类号: G06F9/44
CPC分类号: G06F21/54 , H04L63/168 , H04L63/20
摘要: A software development apparatus for developing application software based on an object model that requires security in a web service application is provided. The software development apparatus includes a display unit that displays, in a class diagram of the application software, security annotation for adding security requirements for a service, input means for inputting the security annotation, transforming means for transforming the class diagram into a configuration model based on a markup language, and configuration-file creating means for creating a configuration file based on a markup language by serializing the configuration model based on a markup language. The security annotation includes the security requirements and a token class of a security token that is a certificate for declaring identity of a client to a server.
摘要翻译: 提供了一种用于基于需要Web服务应用中的安全性的对象模型来开发应用软件的软件开发设备。 该软件开发装置包括显示单元,该显示单元在应用软件的类图中显示用于添加服务的安全性要求的安全注释,用于输入安全注释的输入装置,用于将类图转换为配置模型的变换装置 以及配置文件创建装置,用于基于标记语言通过基于标记语言串行化配置模型来创建基于标记语言的配置文件。 安全性注释包括安全性要求和安全令牌的令牌类,该令牌类是用于向服务器声明客户端的身份的证书。
-
公开(公告)号:US20070150935A1
公开(公告)日:2007-06-28
申请号:US11565265
申请日:2006-11-30
申请人: Fumiko Satoh , Yuichi Nokomuru , Kouichi Ono
发明人: Fumiko Satoh , Yuichi Nokomuru , Kouichi Ono
IPC分类号: H04L9/00
CPC分类号: G06F21/54 , H04L63/168 , H04L63/20
摘要: A software development apparatus for developing application software based on an object model that requires security in a web service application is provided. The software development apparatus includes a display unit that displays, in a class diagram of the application software, security annotation for adding security requirements for a service, input means for inputting the security annotation, transforming means for transforming the class diagram into a configuration model based on a markup language, and configuration-file creating means for creating a configuration file based on a markup language by serializing the configuration model based on a markup language. The security annotation includes the security requirements and a token class of a security token that is a certificate for declaring identity of a client to a server.
摘要翻译: 提供了一种用于基于需要Web服务应用中的安全性的对象模型来开发应用软件的软件开发设备。 该软件开发装置包括显示单元,该显示单元在应用软件的类图中显示用于添加服务的安全性要求的安全注释,用于输入安全注释的输入装置,用于将类图转换为配置模型的变换装置 以及配置文件创建装置,用于基于标记语言通过基于标记语言串行化配置模型来创建基于标记语言的配置文件。 安全性注释包括安全性要求和安全令牌的令牌类,该令牌类是用于向服务器声明客户端的身份的证书。
-
8.发明授权Systems, methods and computer program products for string analysis with security labels for vulnerability detection 失效使用安全标签进行字符串分析的系统,方法和计算机程序产品进行漏洞检测公开(公告)号:US07530107B1
公开(公告)日:2009-05-05
申请号:US11960153
申请日:2007-12-19
申请人: Kouichi Ono , Mika Saito , Naoshi Tabuchi , Takaaki Tateishi
发明人: Kouichi Ono , Mika Saito , Naoshi Tabuchi , Takaaki Tateishi
IPC分类号: G06F21/00
CPC分类号: G06F21/577
摘要: Systems, methods and computer program products for string analysis with security labels for vulnerability detection. Exemplary embodiments include a method in a computer system configured to analyze security-labeled strings and to detect vulnerability, the method including receiving a program with security labels, translating the program into a static single assignment form, constructing a control flow graph having basic blocks as nodes, extracting instructions relating to string functions and object variables, calculating pre-conditions of variables for the basic blocks, extracting constraints among the variables subject to a rule set for translating pre-conditions, solving the constraints and obtaining a set of strings that he object variables form as a context-free grammar to obtain a set of security-labeled strings, checking if the set of security-labeled strings satisfies a rule of the rule set for translating pre-conditions and identifying locations in the program where a vulnerability is detected.
摘要翻译: 使用安全标签进行字符串分析的系统,方法和计算机程序产品进行漏洞检测。 示例性实施例包括被配置为分析安全标记的字符串并且检测脆弱性的计算机系统中的方法,所述方法包括接收具有安全标签的程序,将程序转换成静态单个分配形式,构建具有基本块的控制流程图 节点,提取与字符串函数和对象变量相关的指令,计算基本块的变量的前提条件,提取受限于规则集的变量之间的约束,以便翻译前提条件,解决约束并获得一组字符串 对象变量形成为无上下文的语法,以获取一组安全标记的字符串,检查安全标记字符串的集合是否满足规则集的规则,用于翻译前提条件并识别漏洞所在的程序中的位置 检测到。
-
公开(公告)号:US20100146382A1
公开(公告)日:2010-06-10
申请号:US12705613
申请日:2010-02-14
申请人: Mari Abe , Hideki Tai , Takashi Nerome , Kouichi Ono
发明人: Mari Abe , Hideki Tai , Takashi Nerome , Kouichi Ono
IPC分类号: G06F17/21
CPC分类号: G06F17/2247 , G06F17/2211
摘要: Differencing and merging tree-structured documents, such as eXtensible Markup Language (XML) documents, is disclosed. A differencing-and-merging system for tree-structured documents of one embodiment of the invention includes a difference processing unit and a merging processing unit. The differencing processing unit performs a difference operation on at least two tree-structured documents, in accordance with difference configuration information regarding the documents. The merging processing unit performs a merging operation on the tree-structured documents from correspondence information generated by the difference processing unit, based on the difference operation configuration information regarding the documents. The correspondence information indicates differences among nodes of the documents. The difference operation configuration information specifies one or more nodes among the documents that are to be considered equivalent when the difference operation is performed, and one or more nodes among the documents that are to be ignored when the difference operation is performed.
摘要翻译: 公开了可扩展标记语言(XML)文档的差异化和合并树结构化文档。 本发明的一个实施例的树结构化文档的差分合并系统包括差分处理单元和合并处理单元。 差分处理单元根据关于文档的差异配置信息对至少两个树形结构的文档执行差分操作。 合并处理单元基于由差分处理单元生成的对应信息,基于关于文档的差分操作配置信息,对树形文档进行合并操作。 对应信息表示文档的节点之间的差异。 差分操作配置信息指定当执行差分操作时要被认为是等效的文档中的一个或多个节点,以及当执行差异操作时要被忽略的文档中的一个或多个节点。
-
公开(公告)号:US20090307654A1
公开(公告)日:2009-12-10
申请号:US12478815
申请日:2009-06-05
申请人: Hiroshi Ishikawa , Hiroaki Nakamura , Kouichi Ono
发明人: Hiroshi Ishikawa , Hiroaki Nakamura , Kouichi Ono
CPC分类号: G06F11/3604 , G06F8/20 , G06F11/3612
摘要: A system, method and computer program for generating a sequence diagram that specifies processing among modules included in source code. First, a source code is acquired and then analyzed to generate a log acquisition code for acquiring an execution log. Then, a program including the generated log acquisition code is executed to acquire execution log information on the execution of the program. On the basis of the acquired execution log information, automaton information on states and transitions among the states is extracted, and then the extracted automaton information is converted into sequence diagram component information on components constituting a sequence diagram. Thereafter, a sequence diagram is generated based on the converted sequence diagram component information.
摘要翻译: 一种用于生成指定源代码中包含的模块之间的处理的序列图的系统,方法和计算机程序。 首先,获取源代码,然后分析以产生用于获取执行日志的日志获取代码。 然后,执行包括产生的日志获取代码的程序,以获取关于程序的执行的执行日志信息。 基于获取的执行日志信息,提取状态之间的状态和转换的自动机信息,然后将提取的自动机信息转换成关于构成序列图的组件的序列图分量信息。 此后,基于转换的序列图组件信息生成序列图。
-
-
-
-
-
-
-
-
-
搜索结果
37 条记录 (耗时 0.02 秒)
