Patent application number | Description | Published |
20090019525 | DOMAIN-SPECIFIC LANGUAGE ABSTRACTIONS FOR SECURE SERVER-SIDE SCRIPTING - A method and apparatus is disclosed herein for secure server-side programming. In one embodiment, the method comprises creating a server-side program with one or more abstractions and compiling the server-side program by translating the server-side program, including the one or more abstractions, into target code that is guaranteed to execute in a secure manner with respect to a security criteria. | 01-15-2009 |
20090070746 | METHOD FOR TEST SUITE REDUCTION THROUGH SYSTEM CALL COVERAGE CRITERION - A method and apparatus is disclosed herein for determining whether a test case is to be included in a test suite. In one embodiment, the method comprises executing an application with test inputs of a test case during performance of software application testing and using a Finite State Machine (FSM) model of observable events generated from execution of other test cases in the test suite to determine whether to include the test case in the test suite for use in future testing of the application. | 03-12-2009 |
20090125976 | AUTOMATED TEST INPUT GENERATION FOR WEB APPLICATIONS - A method and apparatus is disclosed herein for automated test input generation for web applications. In one embodiment, the method comprises performing a source-to-source transformation of the program; performing interpretation on the program based on a set of test input values; symbolically executing the program; recording a symbolic constraint for each of one or more conditional expressions encountered during execution of the program, including analyzing a string operation in the program to identify one or more possible execution paths, and generating symbolic inputs representing values of variables in each of the conditional expressions as a numeric expression and a string constraint including generating constraints on string values by modeling string operations using finite state transducers (FSTs) and supplying values from the program's execution in place of intractable sub-expressions; and generating new inputs to drive the program during a subsequent iteration based on results of solving the recorded string constraints. | 05-14-2009 |
20090125977 | LANGUAGE FRAMEWORK AND INFRASTRUCTURE FOR SAFE AND COMPOSABLE APPLICATIONS - A method and apparatus is disclosed herein for using a language framework for composable programs. In one embodiment, the method comprises accessing active content having a software component embedded therein, where the software component has a plurality of components that together implement a work flow of a sequence of activities, the plurality of components representing one or more external services, one or more user interface controls and one or more inputs and output; executing the software component, including mediating communication between components using an information flow-based security model. | 05-14-2009 |
20090193497 | METHOD AND APPARATUS FOR CONSTRUCTING SECURITY POLICIES FOR WEB CONTENT INSTRUMENTATION AGAINST BROWSER-BASED ATTACKS - A method and apparatus is disclosed herein for constructing security policies for content instrumentation against attacks. In one embodiment, the method comprises constructing one or more security policies for web content using at least one rewriting template, at least one edit automata policy, or at least one policy template; and rewriting a script program in a document to cause behavior resulting from execution of the script to conform to the one or more policies. | 07-30-2009 |
20100088678 | METHOD AND APPARATUS FOR THE FORMAL SPECIFICATION AND ANALYSIS OF TIMING PROPERTIES IN SOFTWARE SYSTEMS - A method and apparatus is disclosed herein for formal specification and analysis of timing properties. In one embodiment, the method comprises receiving a software design that includes timing behaviors expressed in a specification language; analyzing the timing behaviors; and using abstract interpretation based static analysis to detect misuses of one or more timing constructs. | 04-08-2010 |
20100198768 | SYSTEM AND METHODS FOR OPTIMIZING USER INTERACTION IN WEB-RELATED ACTIVITIES - A method and apparatus is disclosed herein for facilitating user interaction in web-related activities. In one embodiment, the method comprises monitoring a user's current interaction with a browser, predicting a task a user is likely to take based on a current interaction context associated with the user's current interaction and one or more rules previously generated based on one or more previously recorded browser interactions, and generating, based on the prediction, and displaying a user interface component with the browser, the user interface component selectable by the user and representing an interaction (or a sequence of interactions) that the user can select to occur. | 08-05-2010 |
20100223604 | MODULE SYSTEM FOR POLYMORPHIC PI-CALCULUS - A method and apparatus is disclosed herein for using a module system for polymorphic π-calculus. In one embodiment, the method comprises receiving a formal specification of a software program; and performing automatic analysis on the formal specification using a module system fitted with processes of the polymorphic π-calculus processes. | 09-02-2010 |
20110072417 | DIRECTED TESTING FOR PROPERTY VIOLATIONS - A method and apparatus is disclosed herein for automated testing of an application. A processing system executes the application using test input values that are generated for testing the application with respect to a property of interest. During execution, constraints among symbolic variables of the application are collected. Property state is collected and is used to determine whether a branch in the application is relevant to the property. Based on the collected constraints and branch relevancy, new test input values are generated. The process is repeated until all paths in the application corresponding to relevant branches have been explored. | 03-24-2011 |
20140067801 | GEOTAGGING BASED ON SPECIFIED CRITERIA - A method of geotagging based on specified criteria is described. The method may include analyzing a data stream indicating a variable parameter associated with an object to determine data within the data stream satisfying a specified criteria. The method may also include obtaining geospatial information for the object or another object corresponding to a time the data was generated. Relevant data collected at the time the data satisfies the specified criteria may be tagged with the geospatial information. Related systems are also described. | 03-06-2014 |