Processing

Please wait...

Settings

Settings

Goto Application

1. WO2013046070 - AUTOMATED DETECTION OF FLAWS AND INCOMPATIBILITY PROBLEMS IN INFORMATION FLOW DOWNGRADERS

Publication Number WO/2013/046070
Publication Date 04.04.2013
International Application No. PCT/IB2012/053856
International Filing Date 27.07.2012
IPC
G06F 9/45 2006.1
GPHYSICS
06COMPUTING; CALCULATING OR COUNTING
FELECTRIC DIGITAL DATA PROCESSING
9Arrangements for program control, e.g. control units
06using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
44Arrangements for executing specific programs
45Compilation or interpretation of high level programme languages
CPC
G06F 21/00
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
G06F 21/50
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
G06F 21/577
GPHYSICS
06COMPUTING; CALCULATING; COUNTING
FELECTRIC DIGITAL DATA PROCESSING
21Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
577Assessing vulnerabilities and evaluating computer system security
Applicants
  • INTERNATIONAL BUSINESS MACHINES CORPORATION [US]/[US] (AllExceptUS)
  • IBM UNITED KINGDOM LIMITED [GB]/[GB] (MG)
  • IBM (CHINA) INVESTMENT COMPANY LIMITED [CN]/[CN] (MG)
  • TRIPP, Omer [IL]/[IL] (UsOnly)
  • TEILHET, Stephen, Darwin [US]/[US] (UsOnly)
  • TATEISHI, Takaaki [JP]/[JP] (UsOnly)
  • PISTOIA, Marco [IT]/[US] (UsOnly)
Inventors
  • TRIPP, Omer
  • TEILHET, Stephen, Darwin
  • TATEISHI, Takaaki
  • PISTOIA, Marco
Agents
  • SHAW, Anita
Priority Data
13/248,72429.09.2011US
Publication Language English (en)
Filing Language English (EN)
Designated States
Title
(EN) AUTOMATED DETECTION OF FLAWS AND INCOMPATIBILITY PROBLEMS IN INFORMATION FLOW DOWNGRADERS
(FR) DÉTECTION AUTOMATISÉE DE DÉFAUTS ET DE PROBLÈMES D'INCOMPATIBILITÉ DANS DES SYSTÈMES DE DÉCLASSIFICATION DE FLUX D'INFORMATIONS
Abstract
(EN) Mechanisms for evaluating downgrader code in application code with regard to a target deployment environment. Downgrader code in the application code is identified. Based on an input string, an output string that the downgrader code outputs in response to receiving the input string is identified. One or more sets of illegal string patterns are retrieved. Each of the one or more sets of illegal string patterns is associated with a corresponding deployment environment. The illegal string patterns are string patterns that a downgrader identifies in the information flow for security purposes. A determination is made as to whether the downgrader code is compatible with the target deployment environment based on the one or more sets of illegal string patterns and the output string. An output indicative of the results of the determining is generated.
(FR) L'invention concerne des mécanismes pour évaluer un code de système de déclassification dans un code d'application, en tenant compte d'un environnement de déploiement cible. Selon l'invention, le code de système de déclassification du code d'application est identifié. En fonction d'une chaîne d'entrée, une chaîne de sortie produite par le code de système de déclassification en réponse à la réception de la chaîne d'entrée, est identifié. Un ou plusieurs ensembles de modèles de chaîne illégale sont extraits. Chaque ensemble de modèles de chaîne illégale est associé à un environnement de déploiement cible. Les modèles de chaîne illégale sont des modèles de chaîne identifiés par le système de déclassification dans le flux d'informations à des fins de sécurité. On détermine si le code du système de déclassification est compatible avec l'environnement de déploiement cible en fonction du ou des ensembles de modèles de chaîne illégale et de la chaîne de sortie. Une sortie indiquant les résultats de la détermination est générée.
Related patent documents
DE1120120035275This application is not viewable in PATENTSCOPE because the national phase entry has not been published yet or the national entry is issued from a country that does not share data with WIPO or there is a formatting issue or an unavailability of the application.
DE112012003527This application is not viewable in PATENTSCOPE because the national phase entry has not been published yet or the national entry is issued from a country that does not share data with WIPO or there is a formatting issue or an unavailability of the application.
Latest bibliographic data on file with the International Bureau