Context-sensitive taint processing for application security

Invention Grant

US09053319B2 Context-sensitive taint processing for application security 有权

Title translation: 对应用程序安全性的上下文敏感污染处理

Please log in to see more content

Patent Title: Context-sensitive taint processing for application security
Patent Title (中): 对应用程序安全性的上下文敏感污染处理
Application No.: US13248981

Application Date: 2011-09-29
Publication No.: US09053319B2

Publication Date: 2015-06-09
Inventor: Brian V Chess , Sean Patrick Fay
Applicant: Brian V Chess , Sean Patrick Fay
Applicant Address: US TX Houston
Assignee: Hewlett-Packard Development Company, L.P.
Current Assignee: Hewlett-Packard Development Company, L.P.
Current Assignee Address: US TX Houston
Agency: Hewlett-Packard Patent Department
Main IPC: G06F21/00
IPC: G06F21/00 ; G06F21/53 ; G06F21/54 ; G06F21/55 ; H04L29/06

Context-sensitive taint processing for application security

Abstract:

In one implementation, a tag is associated with a tainted value of an application and an output context of the application that is associated with output from the application that includes the tainted value is determined. A taint processing is a applied to the tainted value in response to the output of the tainted value, the taint processing is compatible with the output context.

Abstract(Chinese):

在一个实现中，标签与应用程序的污染值相关联，并确定与应用程序的输出相关联的应用程序的输出上下文，其中包含污染值。污染处理是根据污染值的输出应用于污染值，污染处理与输出上下文相符。

Public/Granted literature

US20130086687A1 CONTEXT-SENSITIVE APPLICATION SECURITY Public/Granted day:2013-04-04

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F21/00	防止未授权行为的保护计算机、其部件、程序或数据的安全装置