SYSTEM AND METHOD FOR A SECURITY ASSESSMENT OF AN APPLICATION UPLOADED TO AN APPSTORE
First Claim
1. A method for assessing the level of security of an application to be uploaded to an App Store, comprising:
- i. Providing a security system comprising an attack dictionary relevant to a specific device, information regarding security sensitivity grades of subsystems of said device and an Identifier, suitable to recognize the API'"'"'s related to each of said subsystems and to inspect each line of the code to calculate the maximum security sensitivity grade for each information flow emanating from a given line of code;
ii. For each specific attack present in the attack dictionary, inspecting a code to determine whether the attack is attempted; and
iii. If a suspicion of attack is detected, taking corrective action.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for assessing the level of security of an application to be uploaded to an App Store, comprises: (i) Providing a security system comprising an attack dictionary relevant to a specific device, information regarding security sensitivity grades of subsystems of said device and an Identifier, suitable to recognize the API'"'"'s related to each of said subsystems and to inspect each line of the code to calculate the maximum security sensitivity grade for each information flow emanating from a given line of code; (ii) For each specific attack present in the attack dictionary, inspecting a code to determine whether the attack is attempted; and (iii) If a suspicion of attack is detected, taking corrective action.
20 Citations
8 Claims
-
1. A method for assessing the level of security of an application to be uploaded to an App Store, comprising:
-
i. Providing a security system comprising an attack dictionary relevant to a specific device, information regarding security sensitivity grades of subsystems of said device and an Identifier, suitable to recognize the API'"'"'s related to each of said subsystems and to inspect each line of the code to calculate the maximum security sensitivity grade for each information flow emanating from a given line of code; ii. For each specific attack present in the attack dictionary, inspecting a code to determine whether the attack is attempted; and iii. If a suspicion of attack is detected, taking corrective action. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for distributing applications through an App Store, comprising:
-
i. A security system comprising an attack dictionary relevant to a specific device, information regarding security sensitivity grades of subsystems of said device and an Identifier, suitable to recognize the API'"'"'s related to each of said subsystems and to inspect each line of the code to calculate the maximum security sensitivity grade for each information flow emanating from a given line of code; and ii. An Inspector, for inspecting a code to determine, for each specific attack present in the attack dictionary, whether the attack is attempted. - View Dependent Claims (8)
-
Specification