Invention Grant
US09021596B2 Correcting workflow security vulnerabilities via static analysis and virtual patching
有权
通过静态分析和虚拟修补来纠正工作流安全漏洞
- Patent Title: Correcting workflow security vulnerabilities via static analysis and virtual patching
- Patent Title (中): 通过静态分析和虚拟修补来纠正工作流安全漏洞
-
Application No.: US14015092Application Date: 2013-08-30
-
Publication No.: US09021596B2Publication Date: 2015-04-28
- Inventor: Evgeny Beskrovny , Omer Tripp
- Applicant: International Business Machines Corporation
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Cuenot, Forsythe & Kim, LLC
- Main IPC: G06F11/00
- IPC: G06F11/00 ; G06F21/57
Abstract:
A computer program can be statically analyzed to determine an order in which client side workflows are intended to be implemented by the computer program. A virtual patch can be generated. When executed by a processor, the virtual patch can track web service calls from a client to the computer program, and determine whether the order of the web service calls from the client to the computer program correlate to the order in which client side workflows are intended to be implemented by the computer program. If the order of the web service calls from the client to the computer program do not correlate to the order in which client side workflows are intended to be implemented by the computer program, an alert can be generated.
Public/Granted literature
- US20140096258A1 CORRECTING WORKFLOW SECURITY VULNERABILITIES VIA STATIC ANALYSIS AND VIRTUAL PATCHING Public/Granted day:2014-04-03
Information query
