Invention Grant
US08214906B2 System, method and program product to determine security risk of an application
失效
系统,方法和程序产品来确定应用程序的安全风险
- Patent Title: System, method and program product to determine security risk of an application
- Patent Title (中): 系统,方法和程序产品来确定应用程序的安全风险
-
Application No.: US10690017Application Date: 2003-10-21
-
Publication No.: US08214906B2Publication Date: 2012-07-03
- Inventor: James P. Goddard
- Applicant: James P. Goddard
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agent Arthur J. Samodovitz
- Main IPC: G06F11/00
- IPC: G06F11/00
Abstract:
A system, method and program product for evaluating a security risk of an application. A determination is made whether unauthorized access or loss of data maintained or accessed by the application would cause substantial damage. A determination is made whether the application is shared by different customers. A determination is made whether a vulnerability in the application can be exploited by a person or program which has not been authenticated to the application or a system in which the application runs. A numerical value or weight is assigned to each of the foregoing determinations. Each of the numerical values or weights corresponds to a significance of the determination in evaluating said security risk. The numerical values or weights are combined to evaluate the security risk. Other factors can also be considered in evaluating the security risk.
Public/Granted literature
- US20050086530A1 System, method and program product to determine security risk of an application Public/Granted day:2005-04-21
Information query
