Detecting privilege escalations in code including cross-service calls
作者: Wagner Timothy Allen
DOI:
关键词:
摘要: Systems and methods are described for conducting static analysis of code invoking network-based services to identify, without requiring execution the code, security issues that may be introduced due invocations services. A system is provided analyze detect both direct services, as well indirect caused by invocations. The can compare permissions information directly or indirectly invoked identify instances in which calls not permitted information. In some instances, traverse a “call graph” all either errors through multiple levels indirection.
lens.org 参考文章(500)
Arild E Skjolsvold, Vaman Bedekar, Hemal Khatri, Pradeep Kumar Gunda, Shyam Antony, Kavitha Manivannan, Sriram Sankaran, Ju Wang, Bradley Gene Calder, Yang Zhang, II Marvin Mcnett, Paas hierarchial scheduling and auto-scaling ,(2012)
Karanbir Gujral, Suhas A. Kelkar, Manikantan Narender Nath, Abhijit Sharma, Steve Wong, Rohit Kashikar, Application blueprint and deployment model for dynamic business service management (BSM) ,(2010)
Kenneth Frank Smolik, Shawn S. Yu, System for increasing the call capacity of a wireless communication system ,(1999)
Charles B. Thier, Antony Joel Messerli, Gregory Lee Holt, John A. Dickinson, Jason LuVern Kolker, Trey Eugene Morris, Matthew Charles Dietz, Paul Voccio, Vishvananda Ishaya, Alexander Walsh, Christopher James Behrens, Ziad Sawalha, Edward Leafe, William Randolph Mathews, Yogeshwar Srikrishan, Pluggable Allocation in a Cloud Computing System ,(2012)
Zhimin Lin, Alicia E. Chin, Jason T S Lam, Yonggang Hu, Zhenhua Hu, Computing session workload scheduling and management of parent-child tasks ,(2013)
Gaurav D. Ghare, Ying Xiong, John David Dunagan, Marvin Michael Theimer, Gregory M. Burgess, Partition-based data stream processing framework ,(2014)
Robert Morris, Theodosios Thomas, Methods, systems, and computer program products for controlling access to application data ,(2006)
Michael Paul DeHaan, Methods and systems for abstracting cloud management to allow communication between independently controlled clouds ,(2009)
Shunsuke Ota, Cloud computing system and method for controlling same ,(2011)