公开(公告)号：US20080134338A1

公开(公告)日：2008-06-05

申请号：US11565426

申请日：2006-11-30

申请人： Shuo Chen ,  Jose Meseguer ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

发明人： Shuo Chen ,  Jose Meseguer ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

IPC分类号： G08B23/00

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

公开(公告)号：US08156559B2

公开(公告)日：2012-04-10

申请号：US11565426

申请日：2006-11-30

申请人： Shuo Chen ,  Jose Meseguer ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

发明人： Shuo Chen ,  Jose Meseguer ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

IPC分类号： H04L29/06

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

公开(公告)号：US08539585B2

公开(公告)日：2013-09-17

申请号：US11768134

申请日：2007-06-25

申请人： Shuo Chen ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

发明人： Shuo Chen ,  Ralf Sasse ,  Jiahe Helen Wang ,  Yi-Min Wang

IPC分类号： G06F21/00

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

摘要翻译： 为了实现端到端的安全性，如果图形用户界面（GUI）的完整性受到损害，则传统的机器对机器的安全措施是不够的。 GUI逻辑缺陷是由GUI实现中的逻辑缺陷引起的一类软件漏洞。 这里描述的发明是使用系统推理方法揭露这些缺陷的技术。 该技术的主要步骤包括：（1）将视觉不变量映射到程序不变; （2）对程序逻辑，用户动作和执行上下文进行正式建模，并系统地探索违反程序不变的可能性; （3）根据探索找到真正的欺骗攻击。

公开(公告)号：US20080133976A1

公开(公告)日：2008-06-05

申请号：US11768134

申请日：2007-06-25

申请人： Shuo Chen ,  Yi-Min Wang ,  Ralf Sasse ,  Jiahe Helen Wang

发明人： Shuo Chen ,  Yi-Min Wang ,  Ralf Sasse ,  Jiahe Helen Wang

IPC分类号： G06F11/36

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

摘要翻译： 为了实现端到端的安全性，如果图形用户界面（GUI）的完整性受到损害，则传统的机器对机器的安全措施是不够的。 GUI逻辑缺陷是由GUI实现中的逻辑缺陷引起的一类软件漏洞。 这里描述的发明是使用系统推理方法揭露这些缺陷的技术。 该技术的主要步骤包括：（1）将视觉不变量映射到程序不变; （2）对程序逻辑，用户动作和执行上下文进行正式建模，并系统地探索违反程序不变的可能性; （3）根据探索找到真正的欺骗攻击。

公开(公告)号：US20080127341A1

公开(公告)日：2008-05-29

申请号：US11772085

申请日：2007-06-29

申请人： Shuo Chen ,  Jiahe Helen Wang ,  Yi-Min Wang

发明人： Shuo Chen ,  Jiahe Helen Wang ,  Yi-Min Wang

IPC分类号： H04L9/32 ,  G06F3/00

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

摘要翻译： 为了实现端到端的安全性，如果图形用户界面（GUI）的完整性受到损害，则传统的机器对机器的安全措施是不够的。 GUI逻辑缺陷是由GUI实现中的逻辑缺陷引起的一类软件漏洞。 这里描述的发明是使用系统推理方法揭露这些缺陷的技术。 该技术的主要步骤包括：（1）将视觉不变量映射到程序不变; （2）对程序逻辑，用户动作和执行上下文进行正式建模，并系统地探索违反程序不变的可能性; （3）根据探索找到真正的欺骗攻击。

公开(公告)号：US08125669B2

公开(公告)日：2012-02-28

申请号：US11772085

申请日：2007-06-29

申请人： Shuo Chen ,  Yi-Min Wang ,  Jiahe Helen Wang

发明人： Shuo Chen ,  Yi-Min Wang ,  Jiahe Helen Wang

IPC分类号： G06F15/00 ,  G06F11/00

CPC分类号： G06F11/3608 ,  G06F21/577 ,  G06F21/83

摘要： To achieve end-to-end security, traditional machine-to-machine security measures are insufficient if the integrity of the graphical user interface (GUI) is compromised. GUI logic flaws are a category of software vulnerabilities that result from logic flaws in GUI implementation. The invention described here is a technology for uncovering these flaws using a systematic reasoning approach. Major steps in the technology include: (1) mapping a visual invariant to a program invariant; (2) formally modeling the program logic, the user actions and the execution context, and systematically exploring the possibilities of violations of the program invariant; (3) finding real spoofing attacks based on the exploration.

摘要翻译： 为了实现端到端的安全性，如果图形用户界面（GUI）的完整性受到损害，则传统的机器对机器的安全措施是不够的。 GUI逻辑缺陷是由GUI实现中的逻辑缺陷引起的一类软件漏洞。 这里描述的发明是使用系统推理方法揭露这些缺陷的技术。 该技术的主要步骤包括：（1）将视觉不变量映射到程序不变; （2）对程序逻辑，用户动作和执行上下文进行正式建模，并系统地探索违反程序不变的可能性; （3）根据探索找到真正的欺骗攻击。

公开(公告)号：US20080201337A1

公开(公告)日：2008-08-21

申请号：US12044760

申请日：2008-03-07

申请人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

发明人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

IPC分类号： G06F17/30

CPC分类号： H04L41/0853

摘要： A method and system for retrieving data from devices in a way that seeks to preserve privacy and ensure the integrity of the retrieved data is provided. A retrieval system is implemented on a network of devices that communicate with each other via a secure communications link. Each device is directly connected to one or more “friend” devices that it trusts. The retrieval system operates by forwarding a request for data from one friend device to another friend device. Each friend device may optionally add data to the request until all the requested data is added. The request with the retrieved data is returned to the device that initiated the request.

摘要翻译： 提供了以寻求保护隐私并确保检索的数据的完整性的方式从设备检索数据的方法和系统。 在通过安全通信链路彼此通信的设备网络上实现检索系统。 每个设备直接连接到它信任的一个或多个“朋友”设备。 检索系统通过将数据的请求从一个朋友设备转发到另一个朋友设备来操作。 每个朋友设备可以选择性地向请求中添加数据，直到添加所有请求的数据。 具有检索到的数据的请求将返回给发起请求的设备。

公开(公告)号：US07392295B2

公开(公告)日：2008-06-24

申请号：US10918086

申请日：2004-08-13

申请人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

发明人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

IPC分类号： G06F15/16

CPC分类号： H04L41/0853

摘要： A method and system for retrieving data from devices in a way that seeks to preserve privacy and ensure the integrity of the retrieved data is provided. A retrieval system is implemented on a network of devices that communicate with each other via a secure communications link. Each device is directly connected to one or more “friend” devices that it trusts. The retrieval system operates by forwarding a request for data from one friend device to another friend device. Each friend device may optionally add data to the request until all the requested data is added. The request with the retrieved data is returned to the device that initiated the request.

摘要翻译： 提供了以寻求保护隐私并确保检索的数据的完整性的方式从设备检索数据的方法和系统。 在通过安全通信链路彼此通信的设备网络上实现检索系统。 每个设备直接连接到它信任的一个或多个“朋友”设备。 检索系统通过将数据的请求从一个朋友设备转发到另一个朋友设备来操作。 每个朋友设备可以选择性地向请求中添加数据，直到添加所有请求的数据。 具有检索到的数据的请求将返回给发起请求的设备。

公开(公告)号：US07962571B2

公开(公告)日：2011-06-14

申请号：US12044760

申请日：2008-03-07

申请人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

发明人： Chun Yuan ,  Jiahe Helen Wang ,  Yi-Min Wang ,  Zheng Zhang

IPC分类号： G06F15/16

CPC分类号： H04L41/0853

摘要： A method and system for retrieving data from devices in a way that seeks to preserve privacy and ensure the integrity of the retrieved data is provided. A retrieval system is implemented on a network of devices that communicate with each other via a secure communications link. Each device is directly connected to one or more “friend” devices that it trusts. The retrieval system operates by forwarding a request for data from one friend device to another friend device. Each friend device may optionally add data to the request until all the requested data is added. The request with the retrieved data is returned to the device that initiated the request.

摘要翻译： 提供了以寻求保护隐私并确保检索的数据的完整性的方式从设备检索数据的方法和系统。 在通过安全通信链路彼此通信的设备网络上实现检索系统。 每个设备直接连接到它信任的一个或多个“朋友”设备。 检索系统通过将数据的请求从一个朋友设备转发到另一个朋友设备来操作。 每个朋友设备可以选择性地向请求中添加数据，直到添加所有请求的数据。 具有检索到的数据的请求将返回给发起请求的设备。

公开(公告)号：US08782797B2

公开(公告)日：2014-07-15

申请号：US12175264

申请日：2008-07-17

申请人： Jiahe Helen Wang ,  Xiaofeng Fan ,  Shuo Chen

发明人： Jiahe Helen Wang ,  Xiaofeng Fan ,  Shuo Chen

IPC分类号： G06F7/04

CPC分类号： G06F21/55 ,  H04L63/1416

摘要： Systems and methods to manage same-origin-policy (SOP) failures that occur in a computing environment are provided. In an illustrative implementation, an exemplary computing environment comprises a lockbox module, and an instruction set comprising at least one instruction directing the lockbox module to process data and/or computing application execution commands representative of and a request for a selected operation/feature according to a selected SOP management paradigm. In the illustrative implementation, the SOP management paradigm comprises one or more instructions to deploy a “lockbox” computing application element allowing for the management, monitoring, and control of computing application features/operations operable under a same origin policy.

摘要翻译： 提供了管理在计算环境中发生的相同来源策略（SOP）故障的系统和方法。 在说明性实现中，示例性计算环境包括锁箱模块，以及指令集，其包括指示锁箱模块处理数据和/或计算代表所选择的操作/特征的应用执行命令的至少一个指令，以及根据 一个选定的SOP管理模式。 在说明性实现中，SOP管理范例包括部署“锁箱”计算应用元件的一个或多个指令，允许管理，监视和控制可在相同原始策略下操作的计算应用特征/操作。