IDENTIFYING AND TRACKING SENSITIVE DATA
First Claim
1. A computer-implemented method of classifying privacy relevance of an application programming interface (API), the method comprising:
- analyzing a set of input applications to identify a plurality of custom APIs;
generating a respective taint specification for each identified custom API, each taint specification relating one or more sources of data to one or more data sinks;
generating one or more taint flows based on each taint specification, the one or more taint flows being a data path and associated data values between a source of data and a data sink;
matching one or more features and associated feature values from the one or more taint flows to a set of feature templates;
correlating the one or more matched features and associated feature values with respective privacy relevance of the plurality of custom APIs to identify a set of privacy relevant features;
detecting a candidate API;
extracting one or more features from the candidate API;
comparing the one or more features from the candidate API to the set of privacy relevant features; and
assigning a label to the candidate API indicating privacy relevance of the candidate API.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of classifying privacy relevance of an application programming interface (API) comprises analyzing a set of input applications to identify a plurality of custom APIs and generating a respective taint specification for each identified custom API. The method further comprises generating taint flows based on each taint specification and matching features and associated feature values from the taint flows to a set of feature templates. The method also comprises correlating the matched features and associated feature values with respective privacy relevance of the plurality of custom APIs to identify a set of privacy relevant features. The method further comprises detecting a candidate API, extracting features from the candidate API and comparing the extracted features to the set of privacy relevant features. Based on the comparison, a label is assigned to the candidate API indicating privacy relevance of the candidate API.
-
Citations
20 Claims
-
1. A computer-implemented method of classifying privacy relevance of an application programming interface (API), the method comprising:
-
analyzing a set of input applications to identify a plurality of custom APIs; generating a respective taint specification for each identified custom API, each taint specification relating one or more sources of data to one or more data sinks; generating one or more taint flows based on each taint specification, the one or more taint flows being a data path and associated data values between a source of data and a data sink; matching one or more features and associated feature values from the one or more taint flows to a set of feature templates; correlating the one or more matched features and associated feature values with respective privacy relevance of the plurality of custom APIs to identify a set of privacy relevant features; detecting a candidate API; extracting one or more features from the candidate API; comparing the one or more features from the candidate API to the set of privacy relevant features; and assigning a label to the candidate API indicating privacy relevance of the candidate API. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A program product comprising a processor-readable storage medium having program instructions embodied thereon, wherein the program instructions are configured, when executed by at least one programmable processor, to cause the at least one programmable processor to:
-
analyze a set of input applications to identify a plurality of custom APIs; generate a respective taint specification for each identified custom API, each taint specification relating one or more sources of data to one or more data sinks; generate one or more taint flows based on each taint specification, the one or more taint flows being a data path and associated data values between a source of data and a data sink; match one or more features and associated feature values from the one or more taint flows to a set of feature templates correlate the one or more matched features and associated feature values with respective privacy relevance of the plurality of custom APIs to identify a set of privacy relevant features; detect a candidate API; extract one or more features from the candidate API; compare the one or more features from the candidate API to the set of privacy relevant features; and assign a label to the candidate API indicating privacy relevance of the candidate API. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A computer system comprising:
-
a memory; a network interface; and a processor communicatively coupled to the memory and the network interface; wherein the processor is configured to obtain a set of input applications via the network interface and to analyze the set of input applications to identify a plurality of custom APIs in the set of input applications; wherein the processor is further configured to determine a set of privacy relevant features from the plurality of identified custom APIs and to store the set of privacy relevant features in the memory; wherein the processor is further configured to detect execution of a candidate API subsequent to storing the set of privacy relevant features in the memory; wherein the processor is further configured to extract one or more features from the candidate API and to compare the extracted one or more features to the set of privacy relevant features in order to determine the privacy relevance of the candidate API. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification