| 发明名称 | Context-sensitive taint processing for application security | ||
| 摘要 | In one implementation, a tag is associated with a tainted value of an application and an output context of the application that is associated with output from the application that includes the tainted value is determined. A taint processing is a applied to the tainted value in response to the output of the tainted value, the taint processing is compatible with the output context. | ||
| 申请公布号 | US9053319(B2) | 申请公布日期 | 2015.06.09 |
| 申请号 | US201113248981 | 申请日期 | 2011.09.29 |
| 申请人 | Hewlett-Packard Development Company, L.P. | 发明人 | Chess Brian V;Fay Sean Patrick |
| 分类号 | G06F21/00;G06F21/53;G06F21/54;G06F21/55;H04L29/06 | 主分类号 | G06F21/00 |
| 代理机构 | Hewlett-Packard Patent Department | 代理人 | Hewlett-Packard Patent Department |
| 主权项 | 1. A non-transitory processor-readable medium storing code representing instructions that when executed at a processor cause the processor to: associate a tag with a tainted value of an application, the tag to identify the tainted value as tainted; determine an output context of the application associated with output from the application during runtime, the output including the tainted value, wherein the output context is one of a plurality of output contexts; determine a context identifier associated with the output context; select, using the context identifier, a taint processing from a plurality of taint processings; apply the selected taint processing to the tainted value in response to the output of the tainted value, wherein the selected taint processing is compatible with the output context; and output the tainted value with the selected taint processing. | ||
| 地址 | Houston TX US | ||