-
公开(公告)号:US20180167410A1
公开(公告)日:2018-06-14
申请号:US15373883
申请日:2016-12-09
Applicant: SAP SE
Inventor: Martin Johns , Christoph Haefner
CPC classification number: H04L63/1441 , H04L63/08 , H04L63/1416 , H04L63/1466 , H04L65/608 , H04N5/225
Abstract: WebRTC is vulnerable to malicious JavaScript, injected by cross-site scripting attacks or compromised or malicious script providers. Through these attacks, attackers can access a WebRTC connection and leak or monitor the audio and video data transmitted. By preventing modification of key WebRTC functions and preventing outgoing streams from being used more than once, these attacks can be thwarted.
-
公开(公告)号:US10320832B2
公开(公告)日:2019-06-11
申请号:US15373883
申请日:2016-12-09
Applicant: SAP SE
Inventor: Martin Johns , Christoph Haefner
Abstract: WebRTC is vulnerable to malicious JavaScript, injected by cross-site scripting attacks or compromised or malicious script providers. Through these attacks, attackers can access a WebRTC connection and leak or monitor the audio and video data transmitted. By preventing modification of key WebRTC functions and preventing outgoing streams from being used more than once, these attacks can be thwarted.
-
公开(公告)号:US10242180B2
公开(公告)日:2019-03-26
申请号:US15403603
申请日:2017-01-11
Applicant: SAP SE
Inventor: Christoph Haefner , Martin Johns , Martin Haerterich
Abstract: Systems and methods are provided herein for establishing a protection framework for a component. Identified assets of a component requiring protection from a potential attack are received. A list of assets is generated based on the identified assets. A protection framework is configured to include at least one defensive pattern to protect the list of assets against the potential attack. The protection framework is executed to establish a hardened boundary between the component and an attack surface of the component.
-
Patent Agency Ranking
公开(公告)号:US10834102B2
公开(公告)日:2020-11-10
申请号:US15862830
申请日:2018-01-05
Applicant: SAP SE
Inventor: Martin Johns , Martin Haerterich , Christoph Haefner
Abstract: A client comprising a web browser is provided. The client is configured to: run an application in the web browser, the application comprising a sensor including sensor JavaScript code, wherein running the application comprises executing the sensor JavaScript code as the first JavaScript code in the web browser to activate the sensor; and wherein the sensor is configured to: gather data with respect to the application at runtime; and check predetermined application-specific rules against the gathered data for detecting client-side attacks at runtime.
-
公开(公告)号:US20180198807A1
公开(公告)日:2018-07-12
申请号:US15862830
申请日:2018-01-05
Applicant: SAP SE
Inventor: Martin Johns , Martin Haerterich , Christoph Haefner
CPC classification number: H04L63/1416 , G06F21/54 , G06F21/577 , G06N20/00 , H04L63/1425 , H04L63/1433
Abstract: A client comprising a web browser is provided. The client is configured to: run an application in the web browser, the application comprising a sensor including sensor JavaScript code, wherein running the application comprises executing the sensor JavaScript code as the first JavaScript code in the web browser to activate the sensor; and wherein the sensor is configured to: gather data with respect to the application at runtime; and check predetermined application-specific rules against the gathered data for detecting client-side attacks at runtime.
-
公开(公告)号:US10609067B2
公开(公告)日:2020-03-31
申请号:US16386083
申请日:2019-04-16
Applicant: SAP SE
Inventor: Martin Johns , Christoph Haefner
Abstract: WebRTC is vulnerable to malicious JavaScript, injected by cross-site scripting attacks or compromised or malicious script providers. Through these attacks, attackers can access a WebRTC connection and leak or monitor the audio and video data transmitted. By preventing modification of key WebRTC functions and preventing outgoing streams from being used more than once, these attacks can be thwarted.
-
公开(公告)号:US20190245886A1
公开(公告)日:2019-08-08
申请号:US16386083
申请日:2019-04-16
Applicant: SAP SE
Inventor: Martin Johns , Christoph Haefner
CPC classification number: H04L63/1441 , H04L63/08 , H04L63/1416 , H04L63/1466 , H04L65/608 , H04N5/225
Abstract: WebRTC is vulnerable to malicious JavaScript, injected by cross-site scripting attacks or compromised or malicious script providers. Through these attacks, attackers can access a WebRTC connection and leak or monitor the audio and video data transmitted. By preventing modification of key WebRTC functions and preventing outgoing streams from being used more than once, these attacks can be thwarted.
-
公开(公告)号:US20180196939A1
公开(公告)日:2018-07-12
申请号:US15403603
申请日:2017-01-11
Applicant: SAP SE
Inventor: Christoph Haefner , Martin Johns , Martin Haerterich
IPC: G06F21/53
CPC classification number: G06F21/53 , G06F2221/033
Abstract: Systems and methods are provided herein for establishing a protection framework for a component. Identified assets of a component requiring protection from a potential attack are received. A list of assets is generated based on the identified assets. A protection framework is configured to include at least one defensive pattern to protect the list of assets against the potential attack. The protection framework is executed to establish a hardened boundary between the component and an attack surface of the component.
-
-
-
-
-
-
-
Search Results
8
records
(took 0.014 seconds)
