会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
下载
著录项
PDF全文
热词
    • 3. 发明授权
      US08365281B2 Determining whether method of computer program is a validator 失效
    • Determining whether method of computer program is a validator
    • 确定计算机程序的方法是否为验证程序
    • US08365281B2
    • 2013-01-29
    • US12950432
    • 2010-11-19
    • Takaaki TateishiMarco PistoiaOmer TrippRyan BergRobert Wiener
    • Takaaki TateishiMarco PistoiaOmer TrippRyan BergRobert Wiener
    • G06F11/00G06F11/30H04L29/06H04L9/32
    • G06F21/50G06F21/563
    • An illegal pattern and a computer program having a method are received. The method has one or more return statements, and a number of basic blocks. The method is normalized so that each return statement of the target method relating to the illegal pattern returns a constant Boolean value. A first path condition and a second path condition for one or more corresponding paths is determined such that one or more corresponding basic blocks return a constant Boolean value of true for the first path condition and a constant Boolean value of false for the second path condition. An unsatisfiability of each path condition is determined using a monadic second-order logic (M2L) technique. Where the unsatisfiability of either path condition is false, the method is reported as not being a validator. Where the unsatisfiability of either path condition is true, the method is reported as being a validator.
    • 接收到具有方法的非法模式和计算机程序。 该方法具有一个或多个返回语句和一些基本块。 该方法被归一化,使得与非法模式相关的目标方法的每个返回语句返回一个常量布尔值。 确定用于一个或多个对应路径的第一路径条件和第二路径条件,使得一个或多个对应的基本块返回针对第一路径条件的常数布尔值为true,对于第二路径条件返回常量布尔值为假。 使用一元二阶逻辑(M2L)技术确定每个路径条件的不满足性。 如果任一路径条件的不满足性为假,则将该方法报告为不是验证器。 如果任一路径条件的不满足性为真,则将该方法报告为验证器。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Espacenet 法律信息 同族专利 专利引用
    • 4. 发明申请
      US20120131669A1 Determining whether method of computer program is a validator 失效
    • Determining whether method of computer program is a validator
    • 确定计算机程序的方法是否为验证程序
    • US20120131669A1
    • 2012-05-24
    • US12950432
    • 2010-11-19
    • Takaaki TateishiMarco PistoiaOmer TrippRyan BergRobert Wiener
    • Takaaki TateishiMarco PistoiaOmer TrippRyan BergRobert Wiener
    • G06F21/00
    • G06F21/50G06F21/563
    • An illegal pattern and a computer program having a method are received. The method has one or more return statements, and a number of basic blocks. The method is normalized so that each return statement of the target method relating to the illegal pattern returns a constant Boolean value. A first path condition and a second path condition for one or more corresponding paths is determined such that one or more corresponding basic blocks return a constant Boolean value of true for the first path condition and a constant Boolean value of false for the second path condition. An unsatisfiability of each path condition is determined using a monadic second-order logic (M2L) technique. Where the unsatisfiability of either path condition is false, the method is reported as not being a validator. Where the unsatisfiability of either path condition is true, the method is reported as being a validator.
    • 接收到具有方法的非法模式和计算机程序。 该方法具有一个或多个返回语句和一些基本块。 该方法被归一化,使得与非法模式相关的目标方法的每个返回语句返回一个常量布尔值。 确定用于一个或多个对应路径的第一路径条件和第二路径条件,使得一个或多个对应的基本块返回针对第一路径条件的常数布尔值为true,对于第二路径条件返回常量布尔值为假。 使用一元二阶逻辑(M2L)技术确定每个路径条件的不满足性。 如果任一路径条件的不满足性为假,则将该方法报告为不是验证器。 如果任一路径条件的不满足性为真,则将该方法报告为验证器。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Global Dossier Espacenet 法律信息 同族专利 专利引用
    • 5. 发明申请
      US20120297372A1 Static Analysis Of Validator Routines 失效
    • Static Analysis Of Validator Routines
    • 验证程序的静态分析
    • US20120297372A1
    • 2012-11-22
    • US13109170
    • 2011-05-17
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F9/44
    • G06F11/3612G06F8/436G06F11/3604
    • A method includes accessing a validator routine having an input string and one or more return points, each return point returning a return value having two possible values; finding the return points in the validator routine; for each of the return points, performing a backwards traversal from a return point through a code section and determining constraints on the input string based at least on one or both of the two possible return values for the return point; using the determined constraints for the input string, determining whether all of the return values returned from the one or more return points meet validation constraints; and outputting one or more indications of whether all of the returned values returned from the return points meet the validation constraints for the one or both of the two possible return values. Apparatus and computer program products are also disclosed.
    • 一种方法包括访问具有输入字符串和一个或多个返回点的验证器程序,每个返回点返回具有两个可能值的返回值; 找到验证程序的返回点; 对于每个返回点,通过代码部分从返回点执行向后遍历,并且基于返回点的两个可能返回值中的至少一个或两个来确定对输入字符串的约束; 使用确定的输入字符串的约束,确定从一个或多个返回点返回的所有返回值是否满足验证约束; 并且输出一个或多个指示是否从返回点返回的所有返回值是否满足两个可能返回值中的一个或两个的验证约束。 还公开了装置和计算机程序产品。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Global Dossier Espacenet 法律信息 同族专利 专利引用
    • 6. 发明授权
      US08726246B2 Static analysis of validator routines 失效
    • Static analysis of validator routines
    • 验证程序的静态分析
    • US08726246B2
    • 2014-05-13
    • US13109170
    • 2011-05-17
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F9/44
    • G06F11/3612G06F8/436G06F11/3604
    • A method includes accessing a validator routine having an input string and one or more return points, each return point returning a return value having two possible values; finding the return points in the validator routine; for each of the return points, performing a backwards traversal from a return point through a code section and determining constraints on the input string based at least on one or both of the two possible return values for the return point; using the determined constraints for the input string, determining whether all of the return values returned from the one or more return points meet validation constraints; and outputting one or more indications of whether all of the returned values returned from the return points meet the validation constraints for the one or both of the two possible return values. Apparatus and computer program products are also disclosed.
    • 一种方法包括访问具有输入字符串和一个或多个返回点的验证器程序,每个返回点返回具有两个可能值的返回值; 找到验证程序的返回点; 对于每个返回点,通过代码部分从返回点执行向后遍历,并且基于返回点的两个可能返回值中的至少一个或两个来确定对输入字符串的约束; 使用确定的输入字符串的约束,确定从一个或多个返回点返回的所有返回值是否满足验证约束; 并且输出一个或多个指示是否从返回点返回的所有返回值是否满足两个可能返回值中的一个或两个的验证约束。 还公开了装置和计算机程序产品。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Espacenet 法律信息 同族专利 专利引用
    • 7. 发明授权
      US08572747B2 Policy-driven detection and verification of methods such as sanitizers and validators 失效
    • Policy-driven detection and verification of methods such as sanitizers and validators
    • 政策驱动的检测和验证方法,如消毒剂和验证器
    • US08572747B2
    • 2013-10-29
    • US12950049
    • 2010-11-19
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F9/455
    • G06F8/75G06F21/577
    • A method includes performing a static analysis on a program having sources and sinks to track string flow from the sources to the sinks. The static analysis includes, for string variables in the program that begin at sources, computing grammar of all possible string values for each of the string variables and, for methods in the program operating on any of the string variables, computing grammar of string variables returned by the methods. The static analysis also includes, in response to one of the string variables reaching a sink that performs a security-sensitive operation, comparing current grammar of the one string variable with a policy corresponding to the security-sensitive operation, and performing a reporting operation based on the comparing. Apparatus and computer program products are also disclosed.
    • 一种方法包括对具有源和汇的程序执行静态分析以跟踪从源到汇的字符串流。 静态分析包括对于从源头开始的程序中的字符串变量,计算每个字符串变量的所有可能的字符串值的语法,对于在任何字符串变量上运行的程序中的方法,返回的字符串变量的计算语法 通过方法。 静态分析还响应于到达执行安全敏感操作的汇点之一的字符串变量之一,将一个字符串变量的当前语法与对应于安全敏感操作的策略进行比较,并且基于 在比较上。 还公开了装置和计算机程序产品。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Espacenet 法律信息 同族专利 专利引用
    • 8. 发明申请
      US20120131668A1 Policy-Driven Detection And Verification Of Methods Such As Sanitizers And Validators 失效
    • Policy-Driven Detection And Verification Of Methods Such As Sanitizers And Validators
    • 政策驱动的检测和验证方法如消毒剂和验证器
    • US20120131668A1
    • 2012-05-24
    • US12950049
    • 2010-11-19
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • Ryan BergMarco PistoiaTakaaki TateishiOmer Tripp
    • G06F21/00G06F9/44
    • G06F8/75G06F21/577
    • A method includes performing a static analysis on a program having sources and sinks to track string flow from the sources to the sinks. The static analysis includes, for string variables in the program that begin at sources, computing grammar of all possible string values for each of the string variables and, for methods in the program operating on any of the string variables, computing grammar of string variables returned by the methods. The static analysis also includes, in response to one of the string variables reaching a sink that performs a security-sensitive operation, comparing current grammar of the one string variable with a policy corresponding to the security-sensitive operation, and performing a reporting operation based on the comparing. Apparatus and computer program products are also disclosed.
    • 一种方法包括对具有源和汇的程序执行静态分析以跟踪从源到汇的字符串流。 静态分析包括对于从源头开始的程序中的字符串变量,计算每个字符串变量的所有可能的字符串值的语法,对于在任何字符串变量上运行的程序中的方法,返回的字符串变量的计算语法 通过方法。 静态分析还响应于到达执行安全敏感操作的汇点之一的字符串变量之一,将一个字符串变量的当前语法与对应于安全敏感操作的策略进行比较,并且基于 在比较上。 还公开了装置和计算机程序产品。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Global Dossier Espacenet 法律信息 同族专利 专利引用
    • 9. 发明申请
      US20130091079A1 USING A HEURISTICALLY-GENERATED POLICY TO DYNAMICALLY SELECT STRING ANALYSIS ALGORITHMS FOR CLIENT QUERIES 有权
    • USING A HEURISTICALLY-GENERATED POLICY TO DYNAMICALLY SELECT STRING ANALYSIS ALGORITHMS FOR CLIENT QUERIES
    • 使用全景生成策略动态选择客户端查询的分析算法
    • US20130091079A1
    • 2013-04-11
    • US13412121
    • 2012-03-05
    • Marco PistoiaTakaaki TateishiOmer Tripp
    • Marco PistoiaTakaaki TateishiOmer Tripp
    • G06F15/18
    • G06N5/00
    • A method for dynamically selecting string analysis algorithms can begin with the training of the dynamic string analysis handler of a string analysis module to effectively handle a subset of string queries having contextual metadata received from a client application in an instructional environment. The effectiveness of the training module can be based upon feedback from the client application. Upon completion of the training, a string analysis algorithm selection policy can be synthesized. The string analysis algorithm selection policy can correlate a context of a string query in the subset to the usage of a string analysis algorithm. When in the operational environment, the dynamic string analysis handler can dynamically handle string queries having contextual metadata received from the client application in accordance with the string analysis algorithm selection policy. The string analysis algorithm to be used for a string query can be dynamically and independently determined.
    • 用于动态选择字符串分析算法的方法可以开始于字符串分析模块的动态字符串分析处理程序的训练,以有效地处理在教学环境中从客户端应用程序接收的具有上下文元数据的字符串查询的子集。 培训模块的有效性可以基于客户端应用程序的反馈。 完成培训后,可以合成字符串分析算法选择策略。 字符串分析算法选择策略可以将子集中的字符串查询的上下文与字符串分析算法的使用相关联。 在操作环境中,动态字符串分析处理程序可以根据字符串分析算法选择策略来动态地处理具有从客户端应用程序接收的上下文元数据的字符串查询。 用于字符串查询的字符串分析算法可以动态和独立地确定。
    • 基本信息 添加关注 加入工作空间 PDF全文 PDF下载 全文下载 相似专利 双屏查看 权利要求书 说明书全文 Global Dossier Espacenet 法律信息 同族专利 专利引用
每页展示10个专利
每页展示10个专利
每页展示20个专利
每页展示50个专利
每页展示100个专利

IPRDB

最新中国发明专利 最新美国发明专利 技术领域 专利库 专利分类库 国际专利分类库

热门服务

会员版试用 API 数据接口 找代理 知嘟嘟专利交易 排行榜 大学排行榜 专利百科

关于我们

平台介绍 战略合作 网站地图

友情链接

知嘟嘟专利交易 国家知识产权局 中国商标网

联系方式


©2019-2023 上海吉码数字技术有限公司 版权所有,并保留所有权利 沪ICP备20016256号-6 沪公网安备31011702005475号