-
公开(公告)号:WO2014197239A1
公开(公告)日:2014-12-11
申请号:PCT/US2014/039610
申请日:2014-05-27
Applicant: MICROSOFT CORPORATION
Inventor: LIVSHITS, Benjamin , JUNG, Jaeyeon
CPC classification number: G06F21/629 , G06F8/30 , G06F8/75 , G06F21/54 , G06F21/60
Abstract: The subject disclosure is directed towards automated, static analysis-based program code processing that detects unprotected resource accesses by applications, that is, those that do not provide proper opt-in consent dialogs (prompts). In one aspect, consent prompt code is automatically inserted into the program code to protect such unprotected access points. Also described are program representation graph construction and processing, a dominator node-based approach to determine placement points for inserting consent prompt code, and a backward search-based approach for inserting consent prompt code.
Abstract translation: 主题公开针对基于自动静态分析的程序代码处理,其检测应用程序的未受保护的资源访问,即那些不提供适当的选择加入同意对话框(提示)的程序代码处理。 在一个方面,同意提示代码被自动插入到程序代码中,以保护这些不受保护的访问点。 还描述了程序表示图构造和处理,基于支配者的基于节点的方法来确定用于插入同意提示代码的放置点,以及用于插入同意提示代码的基于搜索的反向方法。
-
Patent Agency Ranking
公开(公告)号:WO2011109252A3
公开(公告)日:2011-09-09
申请号:PCT/US2011/026360
申请日:2011-02-25
Applicant: MICROSOFT CORPORATION
Inventor: LIVSHITS, Benjamin , ZORN, Benjamin Goth , BURTSCHER, Martin , SINHA, Gaurav
Abstract: A method described herein includes at a computing device, receiving, over a network connection, a data packet from an external source, wherein the data packet comprises a compressed abstract syntax tree (AST)-based representation of source code written in a scripting language. The method further includes decompressing the compressed AST-based representation of the source code to generate a decompressed AST. The method also includes causing at least one processor on the computing device to execute at least one instruction represented in the decompressed AST subsequent to the compressed AST-based representation of the source code being decompressed.
-
公开(公告)号:WO2009111118A1
公开(公告)日:2009-09-11
申请号:PCT/US2009/032605
申请日:2009-01-30
Applicant: MICROSOFT CORPORATION
Inventor: MEIJER, Henricus Johannes Maria , DYER, John Wesley , VAN GOGH, Jeffrey , VAN VELZEN, Danny , KANTAMNENI, Harish , MANOLESCU, Dragos A. , BECKMAN, Brian , LIVSHITS, Benjamin
CPC classification number: G06F8/41 , G06F8/30 , G06F9/4484
Abstract: Asynchronous methods and calls are produced automatically as a function of a declarative indication of intent. A method annotated with an asynchronous attribute or method call including a special asynchronous function can be identified. Subsequently, an asynchronous version of an identified synchronous method or call is generated automatically. Assistance is also provided for specifying intent.
Abstract translation: 异步方法和调用是根据意图的声明性指示自动产生的。 可以识别包含特殊异步功能的异步属性或方法调用注释的方法。 随后,自动生成识别的同步方法或调用的异步版本。 还提供了帮助来指定意图。
-
公开(公告)号:WO2014165464A2
公开(公告)日:2014-10-09
申请号:PCT/US2014/032447
申请日:2014-04-01
Applicant: MICROSOFT CORPORATION
Inventor: LIVSHITS, Benjamin , FREDRIKSON, Matthew
CPC classification number: G06F21/57 , G06F21/125 , H04L9/3221 , H04L2209/50 , H04L2209/76
Abstract: A security engine may be selected from a plurality of security engines to apply one or more security mechanisms to a section of source code of an application. In some cases, the section of source code may be identified by one or more security mechanism identifiers included in the source code. The security engine may generate machine-readable code that corresponds to the section of source code for which the one or more security mechanisms are to be applied. The machine-readable code may be executed on a plurality of computing devices. In one implementation, applying the security mechanisms to the section of source code may include producing zero-knowledge proofs of knowledge for the section of source code.
Abstract translation: 可以从多个安全引擎中选择安全引擎以将一个或多个安全机制应用于应用的源代码的一部分。 在一些情况下,源代码的部分可以由源代码中包括的一个或多个安全机制标识符来识别。 安全引擎可以生成对应于要应用一个或多个安全机制的源代码部分的机器可读代码。 机器可读代码可以在多个计算设备上执行。 在一个实现中,将安全机制应用于源代码的部分可以包括为源代码部分产生知识的零知识证明。
-
公开(公告)号:WO2014062950A1
公开(公告)日:2014-04-24
申请号:PCT/US2013/065499
申请日:2013-10-17
Applicant: MICROSOFT CORPORATION
Inventor: FANNING, Michael, C. , FAUCON, Christopher, M. H. , HALL, Matthew, Thornhill , NAGAPPAN, Nachiappan , LIVSHITS, Benjamin , MADSEN, Magnus
IPC: G06F9/45
Abstract: Generation of a dependency graph for code that includes code portions such as resources or functions or both. For some or all of the nodes, the dependency is calculated by determining that the given node, a depending node, depends on an affecting node. The dependency is recorded so as to be associated with the node. Furthermore, the dependency calculation method is recorded so as to be associated with the dependency. The code may perhaps include portions within two different domains, in which the mechanism for calculating dependencies may differ. In some cases, the dependency graph may be constructed in stages, and perhaps additional properties may be associated with the node, and metadata of the properties may also be recorded
Abstract translation: 生成包含代码部分(如资源或函数)或二者的代码的依赖关系图。 对于一些或所有节点,通过确定给定节点(依赖节点)依赖于影响节点来计算依赖关系。 记录依赖关系以便与节点相关联。 此外,依赖性计算方法被记录为与依赖关联。 代码可能包括两个不同域中的部分,其中计算依赖关系的机制可能不同。 在某些情况下,可以分阶段地构建依赖图,并且可能还有其他属性可以与节点相关联,并且还可以记录属性的元数据
-
公开(公告)号:EP2257877A1
公开(公告)日:2010-12-08
申请号:EP09718550.8
申请日:2009-01-30
Applicant: Microsoft Corporation
Inventor: MEIJER, Henricus Johannes Maria , DYER, John Wesley , VAN GOGH, Jeffrey , VAN VELZEN, Danny , KANTAMNENI, Harish , MANOLESCU, Dragos A. , BECKMAN, Brian , LIVSHITS, Benjamin
CPC classification number: G06F8/41 , G06F8/30 , G06F9/4484
Abstract: Asynchronous methods and calls are produced automatically as a function of a declarative indication of intent. A method annotated with an asynchronous attribute or method call including a special asynchronous function can be identified. Subsequently, an asynchronous version of an identified synchronous method or call is generated automatically. Assistance is also provided for specifying intent.
-
-
-
-
-
Search Results
6
records
(took 0.038 seconds)
