-
1.发明申请System, apparatus, and method for identifying authorization requirements in component-based systems 审中-公开用于识别基于组件的系统中的授权要求的系统,装置和方法公开(公告)号:US20050262487A1
公开(公告)日:2005-11-24
申请号:US10842805
申请日:2004-05-11
申请人: Marco Pistoia , Lawrence Koved , Paolina Centonze
发明人: Marco Pistoia , Lawrence Koved , Paolina Centonze
CPC分类号: G06F9/468 , G06F21/121 , G06F21/6218
摘要: Improved detecting the authorization requirements and defining the security policies for an application comprising one or more components is disclosed. A call and resource-access graph is used to model all the possible paths of execution within the application. Then, paths of execution detected during the analysis are combined with the access control information found in the security policy of the application. Finally, for each authorization point in the application, a minimal security policy is reported that the executing principal should be granted in order to pass the authorization successfully.
摘要翻译: 公开了对包括一个或多个组件的应用的检测授权要求和定义安全策略的改进。 调用和资源访问图用于对应用程序内的所有可能的执行路径进行建模。 然后,在分析期间检测到的执行路径与在应用的安全策略中找到的访问控制信息相结合。 最后,对于应用程序中的每个授权点,报告最小安全策略,以便授权执行主体以成功传递授权。
-
2.发明授权Method and system for run-time dynamic and interactive identification software authorization requirements and privileged code locations, and for validation of other software program analysis results 有权用于运行时动态和交互式识别软件授权要求和特权代码位置的方法和系统,以及其他软件程序分析结果的验证公开(公告)号:US09449190B2
公开(公告)日:2016-09-20
申请号:US12127298
申请日:2008-05-27
申请人: Paolina Centonze , Jose Gomes , Marco Pistoia
发明人: Paolina Centonze , Jose Gomes , Marco Pistoia
CPC分类号: G06F21/6227 , G06F2221/2141 , G06F2221/2149
摘要: A system, method and computer program product for identifying security authorizations and privileged-code requirements; for validating analyses performed using static analyses; for automatically evaluating existing security policies; for detecting problems in code; in a run-time execution environment in which a software program is executing. The method comprises: implementing reflection objects for identifying program points in the executing program where authorization failures have occurred in response to the program's attempted access of resources requiring authorization; displaying instances of identified program points via a user interface, the identified instances being user selectable; for a selected program point, determining authorization and privileged-code requirements for the access restricted resources in real-time; and, enabling a user to select, via the user interface, whether a required authorization should be granted, wherein local system, fine-grained access of resources requiring authorizations is provided.
摘要翻译: 用于识别安全授权和特权代码要求的系统,方法和计算机程序产品; 用于验证使用静态分析进行的分析; 用于自动评估现有安全策略; 用于检测代码中的问题; 在执行软件程序的运行时执行环境中。 该方法包括:响应于程序尝试访问需要授权的资源,实施用于识别执行程序中的程序点的反射对象,其中发生授权失败; 经由用户界面显示所识别的节目点的实例,所识别的实例是用户可选择的; 对于选定的程序点,实时地确定访问受限资源的授权和特权代码要求; 并且使得用户能够经由用户界面来选择是否应当授予所需的授权,其中本地系统提供需要授权的资源的细粒度访问。
-
3.发明申请System, Method and Apparatus for Simultaneous Definition and Enforcement of Access-control and Integrity Policies 审中-公开用于同时定义和执行访问控制和完整性政策的系统,方法和装置公开(公告)号:US20150089637A1
公开(公告)日:2015-03-26
申请号:US14033502
申请日:2013-09-22
申请人: Paolina Centonze , Yinnon Avraham Haviv , Roee Hay , Marco Pistoia , Adi Sharabani , Omer Tripp
发明人: Paolina Centonze , Yinnon Avraham Haviv , Roee Hay , Marco Pistoia , Adi Sharabani , Omer Tripp
IPC分类号: G06F21/57
CPC分类号: G06F21/57 , G06F21/51 , G06F21/604 , H04L63/102 , H04L63/20
摘要: Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions.
摘要翻译: 访问控制和信息流完整性策略在计算系统中通过检测在计算系统上运行的应用的软件代码中的安全敏感的汇和从计算系统可访问的数据库检索访问控制策略来实施。 访问控制策略将计算系统内的一组访问权限映射到多个主体中的每一个。 对于每个检测到的安全敏感接收器,检测到影响该安全敏感信宿的所有主体,并通过对该安全敏感信宿的所有影响主体的访问权限集合的交集来分配每个安全敏感信宿的总访问权限 水槽。 如果此权限集不足,则会报告完整性违规。 此外,权限标签分配给在安全敏感的接收器中使用的变量的每个值。 每个权限标签都是一组权限。
-
4.发明授权System, method and apparatus for simultaneous definition and enforcement of access-control and integrity policies 失效用于同时定义和执行访问控制和完整性策略的系统,方法和装置公开(公告)号:US08572727B2
公开(公告)日:2013-10-29
申请号:US12624172
申请日:2009-11-23
申请人: Paolina Centonze , Yinnon Avraham Haviv , Roee Hay , Marco Pistoia , Adi Sharabani , Omer Tripp
发明人: Paolina Centonze , Yinnon Avraham Haviv , Roee Hay , Marco Pistoia , Adi Sharabani , Omer Tripp
IPC分类号: G06F21/00
CPC分类号: G06F21/57 , G06F21/51 , G06F21/604 , H04L63/102 , H04L63/20
摘要: Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions.
摘要翻译: 访问控制和信息流完整性策略在计算系统中通过检测在计算系统上运行的应用的软件代码中的安全敏感的汇和从计算系统可访问的数据库检索访问控制策略来实施。 访问控制策略将计算系统内的一组访问权限映射到多个主体中的每一个。 对于每个检测到的安全敏感接收器,检测到影响该安全敏感信宿的所有主体,并通过对该安全敏感信宿的所有影响主体的访问权限集合的交集来分配每个安全敏感信宿的总访问权限 水槽。 如果此权限集不足,则会报告完整性违规。 此外,权限标签分配给在安全敏感的接收器中使用的变量的每个值。 每个权限标签都是一组权限。
-
5.发明授权公开(公告)号:US08230477B2
公开(公告)日:2012-07-24
申请号:US11677298
申请日:2007-02-21
申请人: Paolina Centonze , Marco Pistoia
发明人: Paolina Centonze , Marco Pistoia
IPC分类号: G06F21/00
CPC分类号: H04L63/102 , G06F21/604
摘要: The present invention relates to methodologies for combining policy analysis and static analysis of code and thereafter determining whether the permissions granted by the policy to the code and to the subjects executing it are appropriate. In particular, this involves the verification that too many permissions have not been granted (wherein this would be a violation of the Principle of Least Privilege), and that the permissions being granted are sufficient to execute the code without run-time authorization failures, thus resulting in the failure of the program to execute.
摘要翻译: 本发明涉及用于组合策略分析和代码的静态分析的方法,此后确定由策略授予代码的权限和执行代码的对象是否合适。 特别地,这涉及验证是否没有授予太多的权限(其中这将违反最优权限的原则),并且被许可的权限足以执行代码而没有运行时授权失败,因此 导致程序执行失败。
-
6.发明申请SYSTEM AND METHOD FOR THE AUTOMATIC EVALUATION OF EXISTING SECURITY POLICIES AND AUTOMATIC CREATION OF NEW SECURITY POLICIES 有权自动评估现有安全政策的制度与方法及新安全政策的自动创新公开(公告)号:US20080201760A1
公开(公告)日:2008-08-21
申请号:US11677298
申请日:2007-02-21
申请人: Paolina Centonze , Marco Pistoia
发明人: Paolina Centonze , Marco Pistoia
IPC分类号: H04L9/00
CPC分类号: H04L63/102 , G06F21/604
摘要: The present invention relates to methodologies for combining policy analysis and static analysis of code and thereafter determining whether the permissions granted by the policy to the code and to the subjects executing it are appropriate. In particular, this involves the verification that too many permissions have not been granted (wherein this would be a violation of the Principle of Least Privilege), and that the permissions being granted are sufficient to execute the code without run-time authorization failures, thus resulting in the failure of the program to execute.
摘要翻译: 本发明涉及用于组合策略分析和代码的静态分析的方法,此后确定由策略授予代码的权限和执行代码的对象是否合适。 特别地,这涉及验证是否没有授予太多的权限(其中这将违反最优权限的原则),并且被许可的权限足以执行代码而没有运行时授权失败,因此 导致程序执行失败。
-
7.发明申请公开(公告)号:US20080201688A1
公开(公告)日:2008-08-21
申请号:US11677259
申请日:2007-02-21
申请人: Paolina Centonze , Marco Pistoia
发明人: Paolina Centonze , Marco Pistoia
IPC分类号: G06F9/44
摘要: The present relates to a method for verifying privileged and subject-executed code within a program, the method further comprising the steps of constructing a static model of a program, identifying checkPermission nodes that are comprised within the invocation graph, and performing a fixed-point iteration, wherein each determined permission set is propagated backwards across the nodes of the static model until a privilege-asserting code node is reached. The method further comprises the steps of associating each node of the invocation graph with a set of Permission allocation sites, analyzing each identified privilege-asserting code node and subject-executing code node to determine the Permission allocation site set that is associated with each privilege-asserting code node and subject-executing code node, and determining the cardinality of a Permission allocation-site set that is associated with each privilege-asserting code node and subject-executing code node.
摘要翻译: 本发明涉及一种用于验证程序内的特权和主体执行代码的方法,所述方法还包括以下步骤:构建程序的静态模型,识别包含在调用图中的checkPermission节点,并执行定点 迭代,其中每个确定的权限集合经过静态模型的节点向后传播,直到达到特权确定代码节点。 该方法还包括以下步骤:将调用图的每个节点与一组权限分配站点相关联,分析每个已识别的特权代理节点和主体执行代码节点,以确定与每个权限分配站点相关联的权限分配站点集, 断言代码节点和主体执行代码节点,以及确定与每个特权代理节点和主体执行代码节点相关联的权限分配站点集合的基数。
-
公开(公告)号:US08473899B2
公开(公告)日:2013-06-25
申请号:US12638581
申请日:2009-12-15
CPC分类号: G06F8/4434
摘要: Access is obtained to an input object-oriented computer program. In the input object-oriented computer program, semantically equivalent objects are identified, which exist in different memory locations. If at least one of: a number of occurrences for the semantically equivalent objects exceeds a first threshold value, the threshold value being at least two; and a number of equality tests on the semantically equivalent objects exceeds a second threshold value, then a further step includes identifying an application program interface to reduce the semantically equivalent objects to a single object in a single memory location.
摘要翻译: 获取到输入面向对象的计算机程序。 在输入面向对象的计算机程序中,识别了语义上等效的对象,存在于不同的存储器位置。 如果以下中的至少一个:用于语义等效对象的多个事件超过第一阈值,则该阈值为至少两个; 并且对于语义上等价的对象的多个等式测试超过第二阈值,则进一步的步骤包括识别应用程序接口以将语义上等价的对象减少到单个存储器位置中的单个对象。
-
9.发明申请Static Analysis For Verification Of Software Program Access To Secure Resources For Computer Systems 有权静态分析用于验证软件程序访问以确保计算机系统的资源公开(公告)号:US20120331547A1
公开(公告)日:2012-12-27
申请号:US13602549
申请日:2012-09-04
申请人: Ryan Berg , Paolina Centonze , Marco Pistoia , Omer Tripp
发明人: Ryan Berg , Paolina Centonze , Marco Pistoia , Omer Tripp
IPC分类号: G06F21/00
CPC分类号: G06F21/577
摘要: Computer program products and apparatus are disclosed. Using a static analysis, a software program is analyzed to determine whether the software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program. In response to an access by the software program to the secure resource without verification that the secure resource can be accessed by the software program, a result is output indicative of the analyzing. An apparatus is disclosed that includes a user interface providing a security report to a user, the security report indicating a result of an analysis of whether or not a software program accesses a secure resource for a computer system without verification that the secure resource can be accessed by the software program.
摘要翻译: 公开了计算机程序产品和设备。 使用静态分析,分析软件程序以确定软件程序是否访问计算机系统的安全资源,而不验证软件程序可以访问安全资源。 响应于软件程序对安全资源的访问,而不验证安全资源可以被软件程序访问,则输出指示分析的结果。 公开了一种装置,其包括向用户提供安全报告的用户界面,该安全报告指示软件程序是否访问用于计算机系统的安全资源的分析结果,而无需验证该安全资源可被访问 由软件程序。
-
公开(公告)号:US20110145785A1
公开(公告)日:2011-06-16
申请号:US12638581
申请日:2009-12-15
IPC分类号: G06F9/44
CPC分类号: G06F8/4434
摘要: Access is obtained to an input object-oriented computer program. In the input object-oriented computer program, semantically equivalent objects are identified, which exist in different memory locations. If at least one of: a number of occurrences for the semantically equivalent objects exceeds a first threshold value, the threshold value being at least two; and a number of equality tests on the semantically equivalent objects exceeds a second threshold value, then a further step includes identifying an application program interface to reduce the semantically equivalent objects to a single object in a single memory location.
摘要翻译: 获取到输入面向对象的计算机程序。 在输入面向对象的计算机程序中,识别了语义上等效的对象,存在于不同的存储器位置。 如果以下中的至少一个:用于语义等效对象的多个事件超过第一阈值,则该阈值为至少两个; 并且对于语义上等价的对象的多个等式测试超过第二阈值,则进一步的步骤包括识别应用程序接口以将语义上等价的对象减少到单个存储器位置中的单个对象。
-
-
-
-
-
-
-
-
-
搜索结果
27 条记录 (耗时 0.018 秒)
