| 发明名称 |
Identifying security vulnerability in computer software |
| 摘要 |
Identifying a security vulnerability in a computer software application by identifying at least one source in a computer software application, identifying at least one sink in the computer software application, identifying at least one input to any of the sinks, determining whether the input derives its value directly or indirectly from any of the sources, determining a set of possible values for the input, and identifying a security vulnerability where the set of possible values for the input does not match a predefined specification of legal values associated with the sink input.
|
| 申请公布号 |
US8468605(B2) |
申请公布日期 |
2013.06.18 |
| 申请号 |
US20090627351 |
申请日期 |
2009.11.30 |
| 申请人 |
HAVIV YINNON A.;HAY ROEE;PISTOIA MARCO;SHARABANI ADI;TATEISHI TAKAAKI;TRIPP OMER;WEISMAN OMRI;INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
HAVIV YINNON A.;HAY ROEE;PISTOIA MARCO;SHARABANI ADI;TATEISHI TAKAAKI;TRIPP OMER;WEISMAN OMRI |
| 分类号 |
G06F12/14;G06F9/44;G06F11/00;G06F11/30;G06F12/16;G08B23/00 |
主分类号 |
G06F12/14 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
