发明名称 |
Certifying server side web applications against security vulnerabilities |
摘要 |
Methods for server security verification include acquiring a public key associated with a received report that includes an indication regarding the presence of a vulnerability for each vulnerability, the report having been generated at a server; decrypting the received report using the public key; determining a level of server-side security based on the decrypted report using a processor; and reconfiguring a browser at the client responsive to the determined level of server-side security. |
申请公布号 |
US8949995(B2) |
申请公布日期 |
2015.02.03 |
申请号 |
US201213622161 |
申请日期 |
2012.09.18 |
申请人 |
International Business Machines Corporation |
发明人 |
Guarnieri Salvatore A.;Pistoia Marco;Tripp Omer |
分类号 |
G06F21/00;H04L29/06;G06F21/57 |
主分类号 |
G06F21/00 |
代理机构 |
Tutunjian & Bitetto, P.C. |
代理人 |
Tutunjian & Bitetto, P.C. ;Dougherty Anne V. |
主权项 |
1. A method for server security verification, comprising:
acquiring a public key associated with a received report that includes an indication regarding the presence of a vulnerability, said report having been generated by a security scan by a server; decrypting the received report using the public key; determining a level of server-side security based on the decrypted report using a processor; scanning the server for vulnerabilities using a scanning module located at the client based on the decrypted report; and reconfiguring a browser at the client responsive to the determined level of server-side security. |
地址 |
Armonk NY US |