公开(公告)号：US20150089637A1

公开(公告)日：2015-03-26

申请号：US14033502

申请日：2013-09-22

申请人： Paolina Centonze ,  Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Omer Tripp

发明人： Paolina Centonze ,  Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Omer Tripp

IPC分类号： G06F21/57

CPC分类号： G06F21/57 ,  G06F21/51 ,  G06F21/604 ,  H04L63/102 ,  H04L63/20

摘要： Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions.

摘要翻译： 访问控制和信息流完整性策略在计算系统中通过检测在计算系统上运行的应用的软件代码中的安全敏感的汇和从计算系统可访问的数据库检索访问控制策略来实施。 访问控制策略将计算系统内的一组访问权限映射到多个主体中的每一个。 对于每个检测到的安全敏感接收器，检测到影响该安全敏感信宿的所有主体，并通过对该安全敏感信宿的所有影响主体的访问权限集合的交集来分配每个安全敏感信宿的总访问权限 水槽。 如果此权限集不足，则会报告完整性违规。 此外，权限标签分配给在安全敏感的接收器中使用的变量的每个值。 每个权限标签都是一组权限。

公开(公告)号：US08572727B2

公开(公告)日：2013-10-29

申请号：US12624172

申请日：2009-11-23

申请人： Paolina Centonze ,  Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Omer Tripp

发明人： Paolina Centonze ,  Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Omer Tripp

IPC分类号： G06F21/00

CPC分类号： G06F21/57 ,  G06F21/51 ,  G06F21/604 ,  H04L63/102 ,  H04L63/20

摘要： Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions.

摘要翻译： 访问控制和信息流完整性策略在计算系统中通过检测在计算系统上运行的应用的软件代码中的安全敏感的汇和从计算系统可访问的数据库检索访问控制策略来实施。 访问控制策略将计算系统内的一组访问权限映射到多个主体中的每一个。 对于每个检测到的安全敏感接收器，检测到影响该安全敏感信宿的所有主体，并通过对该安全敏感信宿的所有影响主体的访问权限集合的交集来分配每个安全敏感信宿的总访问权限 水槽。 如果此权限集不足，则会报告完整性违规。 此外，权限标签分配给在安全敏感的接收器中使用的变量的每个值。 每个权限标签都是一组权限。

公开(公告)号：US20110126282A1

公开(公告)日：2011-05-26

申请号：US12624172

申请日：2009-11-23

申请人： Paolina Centonze ,  Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Omer Tripp

发明人： Paolina Centonze ,  Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Omer Tripp

IPC分类号： G06F21/00 ,  G06F17/30

CPC分类号： G06F21/57 ,  G06F21/51 ,  G06F21/604 ,  H04L63/102 ,  H04L63/20

摘要： Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions.

摘要翻译： 访问控制和信息流完整性策略在计算系统中通过检测在计算系统上运行的应用的软件代码中的安全敏感的汇和从计算系统可访问的数据库检索访问控制策略来实施。 访问控制策略将计算系统内的一组访问权限映射到多个主体中的每一个。 对于每个检测到的安全敏感接收器，检测到影响该安全敏感信宿的所有主体，并通过对该安全敏感信宿的所有影响主体的访问权限集合的交集来分配每个安全敏感信宿的总访问权限 水槽。 如果此权限集不足，则会报告完整性违规。 此外，权限标签分配给在安全敏感的接收器中使用的变量的每个值。 每个权限标签都是一组权限。

公开(公告)号：US08584246B2

公开(公告)日：2013-11-12

申请号：US12578013

申请日：2009-10-13

申请人： Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

发明人： Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F12/14

CPC分类号： G06F21/57 ,  G06F11/3692

摘要： A system for eliminating false reports of security vulnerabilities when testing computer software, including a taint analysis engine configured to identify a tainted variable v in a computer application, a data mapping identification engine configured to identify a variable x within the application that holds data derived from v, where x is in a different format than v, an AddData identification engine configured to identify an AddData operation within the application that is performed on x, a signature identification engine configured to identify a Sign operation within the application that is performed on the results of the AddData operation on x, a signature comparison identification engine configured to identify an operation within the application that compares the results of the Sign operation with another value.

摘要翻译： 一种用于在测试计算机软件时消除安全漏洞的虚假报告的系统，包括配置成识别计算机应用程序中的受污染变量v的污染分析引擎，配置为识别应用程序内的变量x，该变量x保存从 v，其中x与v不同的格式，被配置为识别在x上执行的应用程序内的AddData操作的AddData识别引擎，被配置为识别在结果上执行的应用程序内的签名操作的签名识别引擎 的签名比较识别引擎，所述签名比较识别引擎被配置为识别应用程序内将所述Sign操作的结果与另一值进行比较的操作。

公开(公告)号：US08635602B2

公开(公告)日：2014-01-21

申请号：US12843308

申请日：2010-07-26

申请人： Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

发明人： Yinnon Avraham Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F9/44

CPC分类号： G06F21/577 ,  H04L63/105

摘要： A method includes determining grammar for output of an information-flow downgrader in a software program. The software program directs the output of the information-flow downgrader to a sink. The method includes determining whether the grammar of the output conforms to one or more predetermined specifications of the sink. The method includes, in response to a determination the grammar of the output conforms to the one or more predetermined specifications of the sink, determining the information-flow downgrader is verified for the sink, wherein determining grammar, determining whether the grammar, and determining the information-flow downgrader are performed via static analysis of the software program. Apparatus and computer program products are also disclosed. An apparatus includes a user interface providing a result of whether or not output of an information-flow downgrader in the software program conforms to one or more predetermined specifications of a sink in the software program.

摘要翻译： 一种方法包括在软件程序中确定信息流降级器的输出的语法。 软件程序将信息流降级器的输出引导到宿。 该方法包括确定输出的语法是否符合汇的一个或多个预定规范。 该方法包括响应于确定，输出的语法符合信宿的一个或多个预定规范，确定信宿流降级器对于汇点进行验证，其中确定语法，确定语法，并确定 信息流降级器通过软件程序的静态分析来执行。 还公开了装置和计算机程序产品。 一种装置，包括提供软件程序中的信息流下载器的输出是否符合软件程序中的接收器的一个或多个预定规格的结果的用户界面。

公开(公告)号：US20120023486A1

公开(公告)日：2012-01-26

申请号：US12843308

申请日：2010-07-26

申请人： Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

发明人： Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F9/44

CPC分类号： G06F21/577 ,  H04L63/105

摘要： A method includes determining grammar for output of an information-flow downgrader in a software program. The software program directs the output of the information-flow downgrader to a sink. The method includes determining whether the grammar of the output conforms to one or more predetermined specifications of the sink. The method includes, in response to a determination the grammar of the output conforms to the one or more predetermined specifications of the sink, determining the information-flow downgrader is verified for the sink, wherein determining grammar, determining whether the grammar, and determining the information-flow downgrader are performed via static analysis of the software program. Apparatus and computer program products are also disclosed. An apparatus includes a user interface providing a result of whether or not output of an information-flow downgrader in the software program conforms to one or more predetermined specifications of a sink in the software program.

摘要翻译： 一种方法包括在软件程序中确定信息流降级器的输出的语法。 软件程序将信息流降级器的输出引导到宿。 该方法包括确定输出的语法是否符合汇的一个或多个预定规范。 该方法包括响应于确定，输出的语法符合信宿的一个或多个预定规范，确定信宿流降级器对于汇点进行验证，其中确定语法，确定语法，并确定 信息流降级器通过软件程序的静态分析来执行。 还公开了装置和计算机程序产品。 一种装置，包括提供软件程序中的信息流下载器的输出是否符合软件程序中的接收器的一个或多个预定规格的结果的用户界面。

公开(公告)号：US08528095B2

公开(公告)日：2013-09-03

申请号：US12825293

申请日：2010-06-28

申请人： Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Ory Segal ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

发明人： Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Ory Segal ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F11/00 ,  H04L9/32 ,  G06F15/173 ,  G06F9/44

CPC分类号： G06F11/3604 ,  G06F8/75 ,  G06F21/577

摘要： Embodiments of the invention generally relate to injection context based static analysis of computer software applications. Embodiments of the invention may include selecting a sink within a computer software application, tracing a character output stream leading to the sink within the computer software application, determining an injection context of the character output stream at the sink, where the injection context is predefined in association with a state of the character output stream at the sink, identifying any actions that have been predefined in association with the identified injection context, and providing a report of the actions.

摘要翻译： 本发明的实施例一般涉及计算机软件应用的基于注入上下文的静态分析。 本发明的实施例可以包括选择计算机软件应用程序内的汇点，跟踪通向计算机软件应用程序内的汇点的字符输出流，确定汇点处的字符输出流的注入上下文，其中注入上下文在 与汇点处的字符输出流的状态相关联，识别已经与所识别的注入上下文相关联地预定义的任何动作，以及提供动作的报告。

公开(公告)号：US09720798B2

公开(公告)日：2017-08-01

申请号：US13493067

申请日：2012-06-11

申请人： Stephen Fink ,  Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Ory Segal ,  Adi Sharabani ,  Manu Sridharan ,  Frank Tip ,  Omer Tripp ,  Omri Weisman

发明人： Stephen Fink ,  Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Ory Segal ,  Adi Sharabani ,  Manu Sridharan ,  Frank Tip ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F9/44 ,  G06F9/45 ,  G06F11/36 ,  G06F9/445 ,  G06F9/455 ,  G06F21/57

CPC分类号： G06F11/3604 ,  G06F9/44589 ,  G06F9/455 ,  G06F11/36 ,  G06F11/362 ,  G06F21/577 ,  G06F2221/033

摘要： Systems, methods are program products for simulating black box test results using information obtained from white box testing, including analyzing computer software (e.g., an application) to identify a potential vulnerability within the computer software application and a plurality of milestones associated with the potential vulnerability, where each of the milestones indicates a location within the computer software application, tracing a path from a first one of the milestones to an entry point into the computer software application, identifying an input to the entry point that would result in a control flow from the entry point and through each of the milestones, describing the potential vulnerability in a description indicating the entry point and the input, and presenting the description via a computer-controlled output medium.

公开(公告)号：US09747187B2

公开(公告)日：2017-08-29

申请号：US12913314

申请日：2010-10-27

申请人： Stephen Fink ,  Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Ory Segal ,  Adi Sharabani ,  Manu Sridharan ,  Frank Tip ,  Omer Tripp ,  Omri Weisman

发明人： Stephen Fink ,  Yinnon A. Haviv ,  Roee Hay ,  Marco Pistoia ,  Ory Segal ,  Adi Sharabani ,  Manu Sridharan ,  Frank Tip ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F11/36 ,  G06F9/445 ,  G06F9/455 ,  G06F21/57

CPC分类号： G06F11/3604 ,  G06F9/44589 ,  G06F9/455 ,  G06F11/36 ,  G06F11/362 ,  G06F21/577 ,  G06F2221/033

摘要： Systems, methods are program products for simulating black box test results using information obtained from white box testing, including analyzing computer software (e.g., an application) to identify a potential vulnerability within the computer software application and a plurality of milestones associated with the potential vulnerability, where each of the milestones indicates a location within the computer software application, tracing a path from a first one of the milestones to an entry point into the computer software application, identifying an input to the entry point that would result in a control flow from the entry point and through each of the milestones, describing the potential vulnerability in a description indicating the entry point and the input, and presenting the description via a computer-controlled output medium.

公开(公告)号：US09275246B2

公开(公告)日：2016-03-01

申请号：US12575647

申请日：2009-10-08

申请人： Yinnon Haviv ,  Roee Hay ,  Marco Pistoia ,  Guy Podjarny ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

发明人： Yinnon Haviv ,  Roee Hay ,  Marco Pistoia ,  Guy Podjarny ,  Adi Sharabani ,  Takaaki Tateishi ,  Omer Tripp ,  Omri Weisman

IPC分类号： G06F17/30 ,  G06F7/00 ,  G06F21/62 ,  G06F9/45 ,  G06F11/36

CPC分类号： H04L63/1416 ,  G06F8/49 ,  G06F11/3608 ,  G06F21/6218

摘要： A system and method for static detection and categorization of information-flow downgraders includes transforming a program stored in a memory device by statically analyzing program variables to yield a single assignment to each variable in an instruction set. The instruction set is translated to production rules with string operations. A context-free grammar is generated from the production rules to identify a finite set of strings. An information-flow downgrader function is identified by checking the finite set of strings against one or more function specifications.

摘要翻译： 用于信息流降级器的静态检测和分类的系统和方法包括通过静态分析程序变量来变换存储在存储器件中的程序，以产生对指令集中的每个变量的单个赋值。 指令集被转换为具有字符串操作的生产规则。 从生产规则生成上下文无关的语法，以识别有限的字符串集。 通过根据一个或多个功能规范检查有限的字符串来识别信息流降级功能。