公开(公告)号：US20220255951A1

公开(公告)日：2022-08-11

申请号：US17172011

申请日：2021-02-09

Applicant: SAP SE

Inventor： Luca Compagna ,  Lorenzo Veronese ,  Stefano Calzavara

IPC: H04L29/06 ,  H04L29/08

Abstract: Data is received that characterizes a computing architecture including at least one web-based server and an associated cryptographic web protocol to be implemented on such computing architecture according to a desired formal specification. Thereafter, a plurality of inattentive variants complying with the web protocol are generated without associated security checks. Messages to and from each inattentive variant are then monitored while executing the associated security checks. At least one security monitor is generated based on the monitored messages that is configured to address security vulnerabilities in the computing architecture relative to the formal specification. At least one generated security monitor can be later deployed in the computing architecture. Related apparatus, systems, techniques and articles are also described.

公开(公告)号：US11575687B2

公开(公告)日：2023-02-07

申请号：US17172011

申请日：2021-02-09

Applicant: SAP SE

Inventor： Luca Compagna ,  Lorenzo Veronese ,  Stefano Calzavara

IPC: H04L9/40 ,  H04L67/53 ,  H04L67/56 ,  H04L67/02

Abstract: Data is received that characterizes a computing architecture including at least one web-based server and an associated cryptographic web protocol to be implemented on such computing architecture according to a desired formal specification. Thereafter, a plurality of inattentive variants complying with the web protocol are generated without associated security checks. Messages to and from each inattentive variant are then monitored while executing the associated security checks. At least one security monitor is generated based on the monitored messages that is configured to address security vulnerabilities in the computing architecture relative to the formal specification. At least one generated security monitor can be later deployed in the computing architecture. Related apparatus, systems, techniques and articles are also described.