최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0800090 (2001-03-05) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 287 인용 특허 : 49 |
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client request
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity.
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client request
A method for detecting security vulnerabilities in a web application includes analyzing the client requests and server responses resulting therefrom in order to discover pre-defined elements of the application's interface with external clients and the attributes of these elements. The client requests are then mutated based on a pre-defined set of mutation rules to thereby generate exploits unique to the application. The web application is attacked using the exploits and the results of the attack are evaluated for anomalous application activity. cture using said one or more target maximum counts, wherein the allocating comprises creating an instance of the storage structure, and wherein the creating defines functionality of the instance of the storage structure, the functionality facilitating access within the instance of the storage structure. 2. The method of claim 1, wherein the allocated storage structure has the same characteristics as another structure. 3. The method of claim 1, wherein said allocating comprises: determining whether said one or more target maximum counts equal one or more provided maximum counts; and performing said allocating when said one or more target maximum counts equal said one or more provided maximum counts. 4. The method of claim 1, wherein said one or more target maximum counts include one or more of a target maximum entry count, a target maximum element count and a target maximum event monitor controls count. 5. The method of claim 1, further comprising selecting from one or more shared storage processors the shared storage processor within which said storage structure is to be allocated. 6. The method of claim 5, further comprising creating a list of said one or more shared storage processors, said list comprising said one or more shared storage processors in which said storage structure may be allocated. 7. The method of claim 6, wherein said creating of said list is based of one or more considerations, said one or more considerations comprising at least one of a pending policy consideration, a desired location of said storage structure, connectivity of one or more active connectors, availability of space for allocation of said storage structure, and a volatility consideration. 8. The method of claim 1, wherein said storage structure comprises a list structure. 9. The method of claim 1, wherein said storage structure comprises a list structure. 10. The method of claim 1, wherein said allocating comprises using said one or more target maximum counts to provide on allocated storage structure that best fits the one or more target maximum counts. 11. The method of claim 1, wherein said allocating comprises sufficiently allocating said storage structure, such that said storage stricture is able to receive any desired information from another storage structure. 12. The method of claim 1, wherein said one or more target data area counts include one or more of a target directory entry count and a target data area count. 13. A system of allocating storage structures within a shared storage processor of a computing environment, said shared storage processor being coupled to one or more processors of said computing environment, and said method comprising: means for specifying, without deriving from a structures within a shared storage to elements, one or more target maximum counts to be used in allocating a storage structure of said shared storage processor, wherein a target maximum count of the one or more target maximum counts indicates a maximum number of entries and elements to be includes in the storage structure; and means for allocating said storage structure using said one or more target maximum counts, wherein the allocating comprises creating an instance of the storage structure, and wherein the creating defines functionality of the instance of the storage structure, the functionality facilitating access within the instance of the storage structure. 14. The system of claim 13, wherein the allocated storage structure has the same characteristics as another structure. 15. The system of claim 13, wherein said means for allocating comprises: means for determining whether said one more target maximum counts equal one or more provided maximum counts; and means for performing said allocating when said one or more target maximum counts equal said one or more provided maximum counts. 16. The system of claim 13, wherein said one or more target maximum counts include one or more of a target maximum entry count, a target max imum element count and a target maximum event monitor controls count. 17. The system of claim 13, further comprising means for selecting from one or more shared storage processors the shared storage processor within which said storage structure is to be allocated. 18. The system of claim 17, further comprising means for creating a list of said one or more shared storage processors, said list comprising said one or more shared storage processors in which said storage structure may be allocated. 19. The system of claim 18, wherein the creating of said list is based on one or more considerations, said one or more considerations comprising at least one of a pending policy consideration, a desired location of said storage structure, connectivity of one or more active connectors, availability of space for allocation of said storage structure, and a volatility consideration. 20. The system of claim 13, wherein said storage structure comprises a list structure. 21. The system of claim 13, wherein said storage structure comprises a list structure. 22. The system of claim 13, wherein said means for allocating comprises a cache structure that best fits the one or more target maximum counts. 23. The system of claim 13, wherein said means for allocating comprises means for sufficiently allocating said storage structure, such that said storage structure is able to receive any desired information from another storage structure. 24. The system of claim 1, wherein said one or more target maximum counts include one or more of a target directory entry count and target data area count. 25. A system of allocating storage structures within a shared storage processor of a computing environment, said shared storage processor being coupled to one or more processors of said computing environment, and said method comprising: a first processor adapted to specify, without deriving from a structure size and a ratio of entries to elements, one or more target maximum counts to be used in allocating a storage structure of said shared storage processor, wherein a target maximum count of the one or more target maximum counts indicated a maximum number of one of entries and elements to be included in the storage structure; and a second processor adapted to allocate said storage structure using said one or more target maximum counts, wherein the allocating comprised creating an instance of the storage structure, and wherein the creating defines functionality of the instance of the storage structure, the functionality facilitating access within the instance of the storage structure. 26. The system of claim 25, wherein said first processor and said second processor are the same processor. 27. The system of claim 25, wherein said first processor and said second processor are different processors. 28. At least one program storage device readable by a machine, tangibly embodying at least one program of instructions executable by the machine to perform a method of allocating storage structures within a shared storage processor of a computing environment, said shared storage processor being couple to one or more processors of said computing environment, and said method comprising: specifying, without deriving from a structure size and a ratio of entries to elements, one or more target maximum counts to be used in allocating a storage structure of said shared storage processor, wherein target maximum count of the one or more target maximum counts indicates a maximum number of one of entries and to be included in the storage structure; and allocating said storage structure using said one or more target maximum counts, wherein the allocating comprises creating an instance of the storage structure, and wherein the creating defines functionality of the instance of the storage structure, the functionality facilitating access within the instance of the storage structure. 29. The at least one program storage device of claim 28, wherein the allocated storage structur e has the same characteristics as another structure. 30. The at least one program storage device of claim 28, wherein said allocating comprised: determining whether said one or more target maximum counts equal one or more provided maximum counts; and performing said allocating when said one or more target maximum counts equal said one or more provided maximum counts. 31. The at least one program storage device of claim 28, wherein said one or more target maximum counts include one or more of a target maximum entry count, a target maximum element count and a target maximum event monitor controls count. 32. The at least one program storage device of claim 28, wherein said method further comprises selecting from one or more shared storage processors the shared storage processor within which said storage structure is to be allocated. 33. The at least one program storage device of claim 32, wherein said method further comprises creating a list of said one or more shared storage processors, said list comprising said one or more shared storage processors in which said storage structure may be allocated. 34. The at least one program storage device of claim 33, wherein said creating of said list is based on one or more considerations, said one or more considerations comprising at least one of a pending policy consideration, a desired location of said storage structure, connectivity of one or more active connectors, availability of space for allocation of said storage structure, and a volatility consideration. 35. The at least one program storage device of claim 28, wherein said storage structure comprised a list structure. 36. The at least one program storage device of claim 28, wherein said storage structure comprises a cache structure. 37. The at least one program storage device of claim 28, wherein said allocating comprises using said one or more target maximum counts to provide an allocated storage structure that best fits the one or more target maximum counts. 38. The at least one program storage device of claim 28, wherein said allocating comprises sufficiently allocating said storage structure, such that said storage structure is able to receive any desired information from another storage structure. 39. The at least one program storage device of claim 28, wherein said one or more target maximum counts include one or more of a target directory entry count and a target data area count. o resources via said security kernel, and said desktop means including means for unlocking user access to said resources by transmitting one of said keys to said security kernel. 4. The system of claim 1 wherein said desktop means includes means for initiating processes on said workstation and daemon means for monitoring processes initiated by said desktop means. 5. The system of claim 4 wherein said daemon means includes enumeration means for checking processes on the workstation against the information record received from said server. 6. The system of claim 1 wherein said workstation operating system program including a registry of processes, said desktop means including means for establishing said supervising means as the primary process of said registry. 7. The system of claim 6 wherein said supervising means includes supervisor means for logging onto said server operating system with supervisor privileges. 8. The system of claim 7 wherein said supervisor means establishes user processes on said server according to said user specific parameters. 9. The system of claim 6 wherein said desktop means includes means for clearing said registry of processes except said supervising means. 10. The system of claim 9 wherein said desktop means includes neutralizing means for clearing all processes from said registry except said supervising means and ending connections with network resources. 11. In a network of computers including a server and a workstation, a method of providing user access to network providers, said method comprising the steps of: masking operation of the network providers while obtaining user specific parameters relating to the user's allowed scope of access to the network providers; enabling operation of the user only with the network providers authorized based on the user specific parameters; and monitoring the user's interaction with each network provider and only allowing user actions consistent with the user specific parameters. 12. The method of claim 11 further comprising the step of blocking user access to resources via a security kernel, wherein said user specific parameters include a key for only allowing user access to resources via said security kernel, and further comprising the step of allowing user access to resources upon receipt of a corresponding key from said desktop user interface. 13. The method of claim 11 further comprising the step of monitoring processes initiated by the desktop user interface. 14. The method of claim 13 wherein said monitoring step includes the step of checking processes on the workstation against the user specific parameters. 15. The method of claim 11 further comprising the step of preventing unauthorized access to the network resources through said desktop. 16. The method of claim 11 wherein a workstation operating system program includes a registry of processes, further including the step of establishing a security process as the primary process of said registry. 17. The method of claim 16 further including the step of the security process logging onto said server operating system with supervisor privileges. 18. The method of claim 17 wherein said logging step establishes user processes on said server according to the user specific parameters. 19. The method of claim 16 further including the step of clearing the registry of processes except for the security process. 20. The method of claim 19 further including the step of neutralizing the workstation by clearing all processes from the registry except the security process and ending connections with network resources. 21. A machine-readable program storage device for storing encoded instructions for a method of providing user access to network providers, said method comprising the steps of: masking operation of the network providers while obtaining user specific parameters relating to the user's allowed scope of access to the network providers; enabling operation of the user only with the network providers
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.