Patent · US Active

System and method for securing web application code and verifying correctness of software

US7779399B2 · kind B2 · utility

21Cited by

19References

19Claims

0Family size

Assignee

Armorize Technologies, Inc. · US

Inventors

Yao-Wen Huang · Hsinchu, TW
Fang Yu · Beijing, CN
Chung-Hung Tsai · Hsinchu, TW
Christian Hang · Wesel, DE
Der-Tsai Lee · Taipei, TW
Sy-Yen Kuo · Taipei, TW

Key dates

Filing date	May 16, 2006
Grant date	Aug 17, 2010
Priority date	—
Expiry date	Jan 11, 2029

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/54
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Methods, software tools and systems for analyzing software applications, e.g., Web applications, are described. A software application to be analyzed is transformed into an abstract representation which preserves its information flow properties. The abstract interpretation is evaluated to identify vulnerabilities using, for example, type qualifiers to associate security levels with variables and/or functions in the application being analyzed and typestate checking. Runtime guards are inserted into the application to secure identified vulnerabilities.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.