Patent application number | Description | Published |
20090019430 | METHODS AND ARRANGEMENTS FOR UNIFIED PROGRAM ANALYSIS - A unified program analysis framework that facilitates the analysis of complex multi-language software systems, analysis reuse, and analysis comparison, by employing techniques such as program translation and automatic results mapping, is presented. The feasibility and effectiveness of such a framework are demonstrated using a sample application of the framework. The comparison yields new insights into the effectiveness of the techniques employed in both analysis tools. These encouraging results yield the observation that such a unified program analysis framework will prove to be valuable both as a testbed for examining different language analysis techniques, and as a unified toolset for broad program analysis. | 01-15-2009 |
20090094667 | Method and Apparatus for Automatic Determination of Authorization Requirements While Editing or Generating Code - Systems and methods are presented for automatically determining the security requirements of program code during the creation or modification of that program code and for presenting the necessary security permissions to a developer of the program code at the time of the creation or modification of the program code. A cache is established containing program code segments including library calls and application program interfaces that require security permissions at runtime. The cache also includes the security permissions associated with the stored program code segments. Program code editing is monitored in real time during the editing, and instances of edits that add, modify or delete the stored program code segments from the program code being edited are identified. The security permissions associated with the program code segments that are modified by the edits are retrieved from the cache. The retrieved security permissions are immediately presented to the developer in an interactive format that provides the developer with the ability to accept or decline the necessary changes to the security permissions. | 04-09-2009 |
20110099482 | INTERACTIVE MANAGEMENT OF WEB APPLICATION FIREWALL RULES - A computer implemented method, information processing system, and computer program product manage web application firewall rule configuration. A web application is analyzed. A set of data elements within the web application is identified. Each data element in the set of data elements stores information that is sent from a web client to a web server. Each data element in the set of data elements is analyzed. A data type is associated with each data element in the set of data element. The data type describes a type of data stored by the data element. A web application firewall rule recommendation is automatically generated for each data element based at least on the data type associated therewith. | 04-28-2011 |
20120330996 | MULTI-GRANULARITY HIERARCHICAL AGGREGATE SELECTION BASED ON UPDATE, STORAGE AND RESPONSE CONSTRAINTS - Techniques are disclosed for multi-granularity hierarchical aggregate selection based on update, storage and response constraints. For example, for a temporal hierarchy of aggregation statistics associated with a plurality of database records, wherein the temporal hierarchy comprises two or more aggregation statistics levels and each level has a different temporal granularity associated therewith, a method comprises iteratively modifying the temporal hierarchy to at least one of: (a) minimize a storage usage cost while satisfying a temporal hierarchy update constraint and a query response time constraint; (b) reduce a temporal hierarchy update time and a query response time while satisfying a storage usage constraint; and (c) minimize a query response time for frequently applied queries that do not shift in time while satisfying the storage usage constraint, wherein the resulting temporal hierarchy that achieves at least one of (a), (b) and (c) is identified as an optimal temporal hierarchy. | 12-27-2012 |
20130152059 | METHODS AND ARRANGEMENTS FOR UNIFIED PROGRAM ANALYSIS - A unified program analysis framework that facilitates the analysis of complex multi-language software systems, analysis reuse, and analysis comparison, by employing techniques such as program translation and automatic results mapping, is presented. The feasibility and effectiveness of such a framework are demonstrated using a sample application of the framework. The comparison yields new insights into the effectiveness of the techniques employed in both analysis tools. These encouraging results yield the observation that such a unified program analysis framework will prove to be valuable both as a testbed for examining different language analysis techniques, and as a unified toolset for broad program analysis. | 06-13-2013 |
20130232542 | SYSTEM AND METHOD TO PROVIDE SERVER CONTROL FOR ACCESS TO MOBILE CLIENT DATA - Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item. | 09-05-2013 |
20130232543 | SYSTEM AND METHOD TO PROVIDE SERVER CONTROL FOR ACCESS TO MOBILE CLIENT DATA - Systems and methods for protecting a data item include, upon initiation of transfer of the data item from a server to a client device, determining a sensitivity score and a current protection level of the data item. A policy is applied to determine an appropriate protection for the data item based upon the sensitivity score and the current protection level. A protected data item is provided to the client device by applying the appropriate protection to the data item. | 09-05-2013 |
20140189809 | METHOD AND APPARATUS FOR SERVER-SIDE AUTHENTICATION AND AUTHORIZATION FOR MOBILE CLIENTS WITHOUT CLIENT-SIDE APPLICATION MODIFICATION - A method (and structure) for enforcing authentication and authorization includes making a resource access request, by a client application being executed by a processor on a digital device, to invoke authentication and authorization services to evaluate the resource access request by the client application. A security application on the digital device is activated and executed, the security application being separate from the client application, the security application including instructions for processing a challenge-response protocol for the resource access request. The client application communicates outside the digital device using a primary communication channel and the security application uses a secondary communication channel that is out-of-band from the primary communication channel. | 07-03-2014 |