| 发明名称 |
Determine Anomalies in Web Application Code Based on Authorization Checks |
| 摘要 |
Example embodiments disclosed herein relate to determining an anomaly of a missing authorization or inconsistent authorization in web application code. The web application code is analyzed to identify methods that have authorization checks associated and labeling the identified methods as related to authorization checks. Unidentified methods are associated as non-authorization check methods. The methods are compared to determine the anomaly. |
| 申请公布号 |
US2015096034(A1) |
申请公布日期 |
2015.04.02 |
| 申请号 |
US201314041365 |
申请日期 |
2013.09.30 |
| 申请人 |
HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P. |
发明人 |
O'Neil Yekaterina Tsipenyuk;Muthukumaran Divya;Forsythe Joy Marie |
| 分类号 |
G06F21/57 |
主分类号 |
G06F21/57 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A non-transitory machine-readable storage medium storing instructions that, if executed by at least one processor of a device, cause the device to:
analyze web application code to identify methods in the web application code that have authorization checks associated and labeling these identified methods as authorization check methods (ACMETHODs), wherein unidentified methods are associated as non-authorization check methods (NACMETHODs); determine specifications for the ACMETHODs and the NACMETHODs; and compare the NACMETHODs to the ACMETHODs to determine at least one anomaly representative of at least one of missing authorization and inconsistent authorization in the web application code based on the specifications. |
| 地址 |
Houston TX US |
