| 发明名称 |
QUANTITATIVE ANALYSIS OF INFORMATION LEAKAGE VULNERABILITIES |
| 摘要 |
A method includes recording, during execution of a program and by a computing system, concrete values exhibited at source and sink statements in the program. The source statements read confidential information and the sink statements release the confidential information to an outside environment. The method includes determining, by the computing system, using at least the recorded concrete values and source-sink pairs whether information leakage meeting one or more quantitative criteria occurs by the program. Apparatus and program products are also disclosed. |
| 申请公布号 |
US2015161393(A1) |
申请公布日期 |
2015.06.11 |
| 申请号 |
US201314102613 |
申请日期 |
2013.12.11 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
Pistoia Marco;Tripp Omer |
| 分类号 |
G06F21/57 |
主分类号 |
G06F21/57 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method, comprising:
during execution of a program, recording by a computing system concrete values exhibited at source and sink statements in the program, wherein source statements read confidential information and sink statements release the confidential information to an outside environment; and determining, by the computing system, using at least the recorded concrete values and source-sink pairs whether information leakage meeting one or more quantitative criteria occurs by the program. |
| 地址 |
Armonk NY US |
