Detecting security vulnerabilities relating to cryptographically-sensitive information carriers when testing computer software
US8397300B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Sep 22, 2009 |
| Grant date | Mar 12, 2013 |
| Priority date | — |
| Expiry date | Jul 22, 2031 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F11/3636
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
A system for detecting security vulnerabilities in computer software, including a cryptographic API identifier configured to identify a cryptographic API among the instructions of a computer software application, a path-to-source tracer configured to trace an information flow path among the instructions between the cryptographic API and a source that directly or indirectly provides data that are input to the cryptographic API, where a cryptographically-sensitive information carrier lies along the information flow path, a path-to-sink tracer configured to trace an information flow path among the instructions from the cryptographically-sensitive information carrier to a sink, and a security vulnerability identifier configured to provide a notification that the information flow path between the cryptographically-sensitive information carrier and the sink represents security vulnerability if the information flow path between the cryptographically-sensitive information carrier and the sink does not pass through a cryptographic API.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.