-
公开(公告)号:US20170300701A1
公开(公告)日:2017-10-19
申请号:US15097304
申请日:2016-04-13
Applicant: SAP SE
Inventor: SERENA PONTA , Luca Compagna , Daniel Dos Santos , Silvio Ranise
CPC classification number: G06F21/6218 , G06F21/54 , G06Q10/06 , G06Q40/025
Abstract: At design time, a process designer may generate a workflow model of a process associated with in-memory database. The workflow model include tasks and authorization constraints. The authorization constraints are task based constraints, associated with the workflow model. The workflow model is translated into transition system format to generate a reachability graph including possible workflow execution paths. The reachability graph may be translated in a database query format to generate a monitor. At runtime, when a request is received from a process participant to execute a specific task in the workflow model, the monitor is able to enforce authorization constraints and authorization policies received at the runtime, and ensure secure and compliant execution of processes.
-
公开(公告)号:US20160314302A1
公开(公告)日:2016-10-27
申请号:US14692203
申请日:2015-04-21
Applicant: SAP SE
Inventor: Antonino Sabetta , Luca Compagna , Serena Ponta , Stanislav Dashevskyi , Daniel Dos Santos , Fabio Massacci
CPC classification number: G06F21/577 , G06F21/53 , G06F21/54 , G06F21/566 , G06F2221/033
Abstract: An input handler receives an exploit test request specifying at least one exploit to be tested against at least one application in at least one execution environment. A deployment engine deploys the at least one execution environment including instantiating a container providing a virtual machine image and configured based on the exploit test request, the instantiated container including the at least one application. A scheduler schedules execution of the at least one execution environment within at least one execution engine, including scheduling an injection of the at least one exploit as specified in the exploit test request. A report generator generates an exploit test report characterizing a result of the at least one exploit being injected into the at least one execution environment of the at least one execution engine.
Abstract translation: 输入处理程序接收在至少一个执行环境中针对至少一个应用程序指定要测试的至少一个漏洞利用的漏洞利用测试请求。 所述部署引擎部署所述至少一个执行环境,所述至少一个执行环境包括实例化提供虚拟机映像并且基于所述漏洞利用测试请求来配置的容器,所述实例化容器包括所述至少一个应用。 调度器调度至少一个执行引擎中的至少一个执行环境的执行,包括调度在漏洞利用测试请求中指定的至少一个利用的注入。 报告生成器生成攻击测试报告,其表征被注入至少一个执行引擎的至少一个执行环境中的至少一个利用的结果。
-
公开(公告)号:US09811668B2
公开(公告)日:2017-11-07
申请号:US14692203
申请日:2015-04-21
Applicant: SAP SE
Inventor: Antonino Sabetta , Luca Compagna , Serena Ponta , Stanislav Dashevskyi , Daniel Dos Santos , Fabio Massacci
CPC classification number: G06F21/577 , G06F21/53 , G06F21/54 , G06F21/566 , G06F2221/033
Abstract: An input handler receives an exploit test request specifying at least one exploit to be tested against at least one application in at least one execution environment. A deployment engine deploys the at least one execution environment including instantiating a container providing a virtual machine image and configured based on the exploit test request, the instantiated container including the at least one application. A scheduler schedules execution of the at least one execution environment within at least one execution engine, including scheduling an injection of the at least one exploit as specified in the exploit test request. A report generator generates an exploit test report characterizing a result of the at least one exploit being injected into the at least one execution environment of the at least one execution engine.
-
-
Search Results
3
records
(took 0.011 seconds)
