Analyzing web service frontends to extract security-relevant behavior information
US11509730B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Dec 11, 2020 |
| Grant date | Nov 22, 2022 |
| Priority date | — |
| Expiry date | Feb 17, 2041 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L67/10
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Techniques are described for generating a specification of security-relevant behavior associated with web services of a cloud provider network. Source code or software development artifacts associated with an implementation of a web service is obtained, where the source code of software development artifacts include an implementation of a request handler for an action of the service. The request handler includes a request authorization component, e.g., which may involve interaction with an identity and access management service of the cloud provider network to authenticate and authorize requests and may further rely upon one or more authorization contexts included in the requests received by the request handler. An interprocedural data flow analyzer is used to analyze a model representation of the bytecode to identify and generate specifications of authorization patterns associated with the request handler.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.