专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08656496B2 Global variable security analysis 失效
标题翻译：全局变量安全性分析
公开(公告)号：US08656496B2
公开(公告)日：2014-02-18
申请号：US12951435
申请日：2010-11-22
申请人： Shay Artzi , Ryan Berg , John Peyton , Marco Pistoia , Manu Sridharan , Takaaki Tateishi , Omer Tripp , Robert Wiener
发明人： Shay Artzi , Ryan Berg , John Peyton , Marco Pistoia , Manu Sridharan , Takaaki Tateishi , Omer Tripp , Robert Wiener
IPC分类号： G06F11/07 , G06F9/455
CPC分类号： G06F21/577 , G06F21/00 , G06F2221/034
摘要： A method includes determining selected global variables in a program for which flow of the selected global variables through the program is to be tracked. The selected global variables are less than all the global variables in the program. The method includes using a static analysis performed on the program, tracking flow through the program for the selected global variables. In response to one or more of the selected global variables being used in security-sensitive operations in the flow, use is analyzed of each one of the selected global variables in a corresponding security-sensitive operation. In response to a determination the use may be a potential security violation, the potential security violation is reported. Apparatus and computer program products are also disclosed.
摘要翻译：一种方法包括确定在所述程序中选择的全局变量，通过所述程序，所选择的全局变量的流程将被跟踪。所选的全局变量小于程序中的所有全局变量。该方法包括使用对程序执行的静态分析，跟踪所选择的全局变量的程序流程。响应于在流中的安全敏感操作中使用的一个或多个所选择的全局变量，在相应的安全敏感操作中对所选择的全局变量中的每一个进行分析。为了回应确定，使用可能是潜在的安全违规，报告潜在的安全违规。还公开了装置和计算机程序产品。

2. 发明申请

US20110004108A1 SYSTEM AND METHOD FOR MONITORING CARDIAC OUTPUT 有权
标题翻译：监测心脏输出的系统和方法
公开(公告)号：US20110004108A1
公开(公告)日：2011-01-06
申请号：US12743224
申请日：2008-11-14
申请人： Philip John Peyton
发明人： Philip John Peyton
IPC分类号： A61B5/0205
CPC分类号： A61B5/083 , A61B5/029 , A61B5/087 , A61M16/0045 , A61M16/01 , A61M16/026 , A61M16/085 , A61M16/1065 , A61M16/107 , A61M16/202 , A61M16/22 , A61M2016/0036 , A61M2016/103 , A61M2230/432
摘要： A method for monitoring cardiac output (pulmonary blood flow) of a subject, the method including: measuring a first net pulmonary uptake or elimination of a breathed gas species by the subject and a first partial pressure of the gas species at a first time, and at a second time later than the first time, determining a first pulmonary blood flow of the patient at the first time, and determining a pulmonary blood flow of the subject at the second time on the basis of the first pulmonary blood flow, the first net pulmonary uptake or elimination, the second net pulmonary uptake or elimination, the first partial pressure, and the second partial pressure.
摘要翻译：一种用于监测受试者的心输出量（肺血流量）的方法，所述方法包括：测量受试者的第一次净肺吸收或消除呼吸气体种类和第一次气体种类的第一分压，以及在第一次比第一次第二时间确定第一次患者的第一肺血流，并且基于第一肺血流在第二时间确定受试者的肺血流量，第一网肺吸收或消除，第二次净肺吸收或消除，第一分压和第二分压。

3. 发明授权

US07418734B2 Method and system for detecting privilege escalation vulnerabilities in source code 失效
标题翻译：检测源代码中特权升级漏洞的方法和系统
公开(公告)号：US07418734B2
公开(公告)日：2008-08-26
申请号：US10824684
申请日：2004-04-15
申请人： Ryan James Berg , Larry Rose , John Peyton , John J. Danahy , Robert Gottlieb , Chris Rehbein
发明人： Ryan James Berg , Larry Rose , John Peyton , John J. Danahy , Robert Gottlieb , Chris Rehbein
IPC分类号： G08B23/00
CPC分类号： G06F11/3604 , G06F11/3624 , G06F21/57
摘要： A method and system of detecting vulnerabilities in source code. Source code is parsed into an intermediate representation. Models are derived for the code and the models are then analyzed in conjunction with pre-specified rules about the routines to determine if the routine call posses one or more of pre-selected vulnerabilities.
摘要翻译：一种检测源代码漏洞的方法和系统。源代码被解析为中间表示。为代码派生模型，然后结合预先规定的关于例程的规则来分析模型，以确定例程调用是否具有一个或多个预先选择的漏洞。

4. 发明授权

US6145032A System for recirculation of communication transactions in data processing in the event of communication stall 失效
标题翻译：在通信失速的情况下数据处理中通信事务的再循环系统
公开(公告)号：US6145032A
公开(公告)日：2000-11-07
申请号：US157894
申请日：1998-09-21
申请人： John Peyton Bannister , Gary Dale Carpenter , David Brian Glasco
发明人： John Peyton Bannister , Gary Dale Carpenter , David Brian Glasco
IPC分类号： H04L12/56 , G06F3/00
CPC分类号： H04L49/901 , H04L49/90 , H04L49/9031
摘要： A data recirculation apparatus for a data processing system includes at least one output buffer from which data are output onto an interconnect, a plurality of input storage areas from which data are selected for storage within the output buffer, and selection logic that selects data from the plurality of input storage areas for storage within the output buffer. In addition, the data recirculation apparatus includes buffer control logic that, in response to a determination that a particular datum has stalled in the output buffer, causes the particular datum to be removed from the output buffer and stored in one of the plurality of input storage areas. In one embodiment, the recirculated data has a dedicated input storage area.
摘要翻译：用于数据处理系统的数据再循环装置包括至少一个输出缓冲器，数据从该输出缓冲器输出到互连上，多个输入存储区域，数据被选择用于存储在输出缓冲器内;以及选择逻辑，其从多个输入存储区域用于存储在输出缓冲器内。此外，数据再循环装置包括缓冲器控制逻辑，其响应于确定特定数据在输出缓冲器中停滞而导致特定数据从输出缓冲器中移除并存储在多个输入存储器地区在一个实施例中，再循环数据具有专用输入存储区域。

5. 发明授权

US08429633B2 Managing memory to support large-scale interprocedural static analysis for security problems 失效
标题翻译：管理内存以支持安全问题的大规模过程静态分析
公开(公告)号：US08429633B2
公开(公告)日：2013-04-23
申请号：US12275838
申请日：2008-11-21
申请人： Richard Title , Benjamin Greenwald , John Peyton
发明人： Richard Title , Benjamin Greenwald , John Peyton
IPC分类号： G06F9/44 , G06F9/45
CPC分类号： G06F21/51
摘要： Embodiments of the invention describe systems and methods for application level management of virtual address space. A static analysis application can model and analyze a large and complex source code listing to determine whether it has vulnerabilities without exhausting the virtual memory resources provided to it by the operating system. In one embodiment of the invention, the method includes analyzing the source code listing to create a call graph model to represent the expected sequences of routine calls as a result of the inherent control flow of the source code listing. The method also includes monitoring the amount of virtual memory resources consumed by the dynamic state, and swapping out to a storage medium a portion of the dynamic state. The method includes reusing the virtual memory resources corresponding to the swapped out portion of the dynamic state to continue analyzing the source code listing.
摘要翻译：本发明的实施例描述了虚拟地址空间的应用级管理的系统和方法。静态分析应用程序可以对大型和复杂的源代码列表进行建模和分析，以确定它是否存在漏洞，而不会耗尽操作系统提供给它的虚拟内存资源。在本发明的一个实施例中，该方法包括分析源代码列表以创建调用图模型，以便作为源代码列表的固有控制流程的结果来表示常规调用的预期序列。该方法还包括监视由动态状态消耗的虚拟内存资源的数量，并将动态状态的一部分交换到存储介质。该方法包括重新使用与动态状态的交换部分相对应的虚拟存储器资源来继续分析源代码列表。

6. 发明申请

US20120131670A1 Global Variable Security Analysis 失效
标题翻译：全局变量安全分析
公开(公告)号：US20120131670A1
公开(公告)日：2012-05-24
申请号：US12951435
申请日：2010-11-22
申请人： Shay Artzi , Ryan Berg , John Peyton , Marco Pistoia , Manu Sridharan , Takaaki Tateishi , Omer Tripp , Robert Wiener
发明人： Shay Artzi , Ryan Berg , John Peyton , Marco Pistoia , Manu Sridharan , Takaaki Tateishi , Omer Tripp , Robert Wiener
IPC分类号： G06F21/00
CPC分类号： G06F21/577 , G06F21/00 , G06F2221/034
摘要： A method includes determining selected global variables in a program for which flow of the selected global variables through the program is to be tracked. The selected global variables are less than all the global variables in the program. The method includes using a static analysis performed on the program, tracking flow through the program for the selected global variables. In response to one or more of the selected global variables being used in security-sensitive operations in the flow, use is analyzed of each one of the selected global variables in a corresponding security-sensitive operation. In response to a determination the use may be a potential security violation, the potential security violation is reported. Apparatus and computer program products are also disclosed.
摘要翻译：一种方法包括确定在所述程序中选择的全局变量，通过所述程序，所选择的全局变量的流程将被跟踪。所选的全局变量小于程序中的所有全局变量。该方法包括使用对程序执行的静态分析，跟踪所选择的全局变量的程序流程。响应于在流中的安全敏感操作中使用的一个或多个所选择的全局变量，在相应的安全敏感操作中对所选择的全局变量中的每一个进行分析。为了回应确定，使用可能是潜在的安全违规，报告潜在的安全违规。还公开了装置和计算机程序产品。

7. 发明授权

US08156483B2 Method and system for detecting vulnerabilities in source code 失效
标题翻译：检测源代码漏洞的方法和系统
公开(公告)号：US08156483B2
公开(公告)日：2012-04-10
申请号：US12163398
申请日：2008-06-27
申请人： Ryan J. Berg , Larry Rose , John Peyton , John J. Danahy , Robert Gottlieb , Chris Rehbein
发明人： Ryan J. Berg , Larry Rose , John Peyton , John J. Danahy , Robert Gottlieb , Chris Rehbein
IPC分类号： G06F9/45
CPC分类号： G06F21/577 , G06F8/43 , G06F11/3604
摘要： A method and system of detecting vulnerabilities in source code. Source code is parsed into an intermediate representation. Models (e.g., in the form of lattices) are derived for the variables in the code and for the variables and/or expressions used in conjunction with routine calls. The models are then analyzed in conjunction with pre-specified rules about the routines to determine if the routine call posses one or more of pre-selected vulnerabilities.
摘要翻译：一种检测源代码漏洞的方法和系统。源代码被解析为中间表示。为代码中的变量以及与常规调用结合使用的变量和/或表达式导出模型（例如，以格子形式）。然后将这些模型与关于例程的预先规定的规则一起进行分析，以确定例程调用是否具有一个或多个预先选择的漏洞。

8. 发明申请

US20100131721A1 MANAGING MEMORY TO SUPPORT LARGE-SCALE INTERPROCEDURAL STATIC ANALYSIS FOR SECURITY PROBLEMS 失效
标题翻译：管理记忆支持安全问题的大规模分析静态分析
公开(公告)号：US20100131721A1
公开(公告)日：2010-05-27
申请号：US12275838
申请日：2008-11-21
申请人： Richard Title , Benjamin Greenwald , John Peyton
发明人： Richard Title , Benjamin Greenwald , John Peyton
IPC分类号： G06F21/00 , G06F12/00
CPC分类号： G06F21/51
摘要： Embodiments of the invention describe systems and methods for application level management of virtual address space. A static analysis application can model and analyze a large and complex source code listing to determine whether it has vulnerabilities without exhausting the virtual memory resources provided to it by the operating system. In one embodiment of the invention, the method includes analyzing the source code listing to create a call graph model to represent the expected sequences of routine calls as a result of the inherent control flow of the source code listing. The method also includes monitoring the amount of virtual memory resources consumed by the dynamic state, and swapping out to a storage medium a portion of the dynamic state. The method includes reusing the virtual memory resources corresponding to the swapped out portion of the dynamic state to continue analyzing the source code listing.
摘要翻译：本发明的实施例描述了虚拟地址空间的应用级管理的系统和方法。静态分析应用程序可以对大型和复杂的源代码列表进行建模和分析，以确定它是否存在漏洞，而不会耗尽操作系统提供给它的虚拟内存资源。在本发明的一个实施例中，该方法包括分析源代码列表以创建调用图模型，以便作为源代码列表的固有控制流程的结果来表示常规调用的预期序列。该方法还包括监视由动态状态消耗的虚拟内存资源的数量，并将动态状态的一部分交换到存储介质。该方法包括重新使用与动态状态的交换部分相对应的虚拟存储器资源来继续分析源代码列表。

9. 发明授权

US07617489B2 Method and system for detecting interprocedural vulnerability by analysis of source code 失效
标题翻译：通过源代码分析检测程序间漏洞的方法和系统
公开(公告)号：US07617489B2
公开(公告)日：2009-11-10
申请号：US11522039
申请日：2006-09-15
申请人： John Peyton , Robert Gottlieb
发明人： John Peyton , Robert Gottlieb
IPC分类号： G06F9/44
CPC分类号： G06F21/577
摘要： Methods and systems of detecting vulnerabilities in source code using inter-procedural analysis of source code. Vulnerabilities in a pre-existing source code listing are detected. The variables in the source code listing are modeled in the context of at least one of the inherent control flow and inherent data flow. The variable models are used to create models of arguments to routine calls in the source code listing. The source code listing is modeled with a call graph to represent routine call interactions expressed in the source code listing. The arguments to routine calls are modeled to account for inter-procedural effects and dependencies on the arguments as expressed in the source code listing.
摘要翻译：使用源代码的程序间分析来检测源代码中的漏洞的方法和系统。检测到预先存在的源代码列表中的漏洞。源代码列表中的变量在至少一个固有控制流和固有数据流的上下文中进行建模。变量模型用于在源代码列表中为常规调用创建参数模型。源代码列表使用调用图进行建模，以表示在源代码列表中表示的常规调用交互。常规调用的参数被建模以考虑到程序间的影响，并且依赖于源代码列表中表达的参数。

10. 发明申请

US20080072214A1 Method and system for detecting interprocedural vulnerability by analysis of source code 失效
标题翻译：通过源代码分析检测程序间漏洞的方法和系统
公开(公告)号：US20080072214A1
公开(公告)日：2008-03-20
申请号：US11522039
申请日：2006-09-15
申请人： John Peyton , Robert Gottlieb
发明人： John Peyton , Robert Gottlieb
IPC分类号： G06F9/455
CPC分类号： G06F21/577
摘要： Methods and systems of detecting vulnerabilities in source code using inter-procedural analysis of source code. Vulnerabilities in a pre-existing source code listing are detected. The variables in the source code listing are modeled in the context of at least one of the inherent control flow and inherent data flow. The variable models are used to create models of arguments to routine calls in the source code listing. The source code listing is modeled with a call graph to represent routine call interactions expressed in the source code listing. The arguments to routine calls are modeled to account for inter-procedural effects and dependencies on the arguments as expressed in the source code listing.
摘要翻译：使用源代码的程序间分析来检测源代码中的漏洞的方法和系统。检测到预先存在的源代码列表中的漏洞。源代码列表中的变量在至少一个固有控制流和固有数据流的上下文中进行建模。变量模型用于在源代码列表中为常规调用创建参数模型。源代码列表使用调用图进行建模，以表示在源代码列表中表示的常规调用交互。常规调用的参数被建模以考虑到程序间的影响，并且依赖于源代码列表中表达的参数。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式