Patent application number | Description | Published |
20090025068 | Authentication enforcement at resource level - The present description refers in particular to a computer-implemented method, a computer system, and a computer program product. The method may comprise providing authentication enforcement at resource level by specifying at design time at least one authentication key for at least one data storage unit of a resource. A request may be received at a server from a requester through a client to access the resource. Authentication of the requester may be enforced through the at least one authentication key at the at least one data storage unit of the resource. | 01-22-2009 |
20090037884 | Method for Automatically Creating a Behavior Pattern of a Computer Program for Model-based Testing Techniques - A method is provided for creating a behavior pattern of a computer program which comprises at least one source code with a plurality of program operations which are arranged in a logical succession and the source code is provided with annotations. Each annotation is referencing to a respective program operation and the annotations are read out automatically by a modeling tool, which is running on a processing unit and generating the behavior pattern of the computer program by arranging the annotations which have been read out according to the logical succession of the program operations and providing the generated behavior pattern, so that the generated behavior pattern can be represented via a representing unit. Furthermore, an appropriate server and an appropriate network system are provided. | 02-05-2009 |
20090044271 | INPUT AND OUTPUT VALIDATION - The present description refers in particular to a computer-implemented method, a computer system, and a computer program product for input validation and output validation to prevent SQL injections. In one aspect, an embodiment of the invention involves a service (e.g., a web service operating on a server) receiving a request message from a client over a network. The server includes a handler for checking the request message according to a first method, prior to sending the request message to the service. In addition, the handler checks a response message (from the service) according to the first method, prior to sending the response message to the client. | 02-12-2009 |
20100082993 | COMPUTER-IMPLEMENTED METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR GENERATING AND VERIFYING SIGNATURES - The present description refers in particular to a computer-implemented method, a computer program product, and a computer system for automatically generating a digital signature for a message, the message being representable in a hierarchical tree structure and to a computer-implemented method, a computer program product, and a computer system for automatically verifying a digital signature of a message, the message being representable in a hierarchical tree structure. The computer-implemented method for automatically generating a digital signature for a message, the message being representable in a hierarchical tree structure may comprise:
| 04-01-2010 |
20100162406 | SECURITY ASPECTS OF SOA - The present description refers in particular to a computer implemented method, computer program product, and computer system for dynamic separation of duties (SoD) during workflow execution. Based on at least one policy file, at a monitoring module, at least one node to be logged from a message in a message pipe of one or more messages exchanged when executing a workflow instance may be specified. Information on the at least one logged node may be passed to an enforcer. SoD violation for the at least one logged node may be checked at the enforcer. If, for the at least one logged node, SoD is violated, action may be taken based on the at least one policy file. | 06-24-2010 |
20100250476 | EVALUATION OF RISK OF CONFLICT FOR SECURITY SOLUTIONS INTEGRATION - A method and a system for evaluation of risk of conflict between a number of integrating security solutions. In a computer system, a number of fragmentary security solutions are received. A set of the received fragmentary security solutions is integrated to form a composite security solution to satisfy a number of security requirements. In one aspect, the security requirements are established during a design of a computer system. A risk of conflict between the set of integrating fragmentary security solutions is evaluated. In another aspect, the risk of conflict between the set of integrating fragmentary security solutions exists at authority level and at configuration level. Conflict at authority level arises when different authorities control the same fragmentary security solution. Conflict at configuration level arises when integrating fragmentary security solutions share configuration data. | 09-30-2010 |