Patent · US Active

System and method for securing web application code and verifying correctness of software

US8555269B2 · kind B2 · utility

31Cited by

36References

23Claims

0Family size

Assignee

Armorize Technologies, Inc. · US

Inventors

Yao-Wen Huang · Hsinchu, TW
Fang Yu · Beijing, CN
Chung-Hung Tsai · Hsinchu, TW
Christian Hang · Wesel, DE
Der-Tsai Lee · Taipei, TW
Sy-Yen Kuo · Taipei, TW

Key dates

Filing date	Aug 5, 2010
Grant date	Oct 8, 2013
Priority date	—
Expiry date	Sep 20, 2031

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/54
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

Methods, software tools and systems for analyzing software applications, e.g., Web applications, are described. A software application to be analyzed is transformed into an abstract representation which preserves its information flow properties. The abstract interpretation is evaluated to identify vulnerabilities using, for example, type qualifiers to associate security levels with variables and/or functions in the application being analyzed and typestate checking. Runtime guards are inserted into the application to secure identified vulnerabilities.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.