DETERMINING BASED ON STATIC COMPILER ANALYSIS THAT EXECUTION OF COMPILER CODE WOULD RESULT IN UNACCEPTABLE PROGRAM BEHAVIOR
First Claim
1. A method for securing computer code, the method comprising:
- receiving the computer code, wherein the computer code is written using a dynamic Domain Specific Language (DSL) running in a General Purpose Language (GPL) computing environment;
using a compiler to perform static compiler analysis on the computer code, the static compiler analysis including referencing a security policy defining one or more unacceptable program behaviors;
performing, during compile time at the compiler, runtime security checking functionality leveraging compiler extensions, type information, and environment specific compile context; and
indicating when execution of the computer code would result in performance of the one or more unacceptable program behaviors based on results of the static compiler analysis, wherein the one or more unacceptable program behaviors include modifying preexisting computer code to incorporate the computer code written using the DSL.
0 Assignments
0 Petitions
Accused Products
Abstract
Computer code is received that is written using a dynamic Domain Specific Language (DSL) running in a General Purpose Language (GPL) computing environment. A compiler performs static compiler analysis on the computer code. The static compiler analysis includes referencing a security policy defining one or more unacceptable program behaviors. During compile time at the compiler, runtime security checking functionality is performed leveraging compiler extensions, type information, and environment specific compile context. Results of the static compiler analysis are used to indicate when execution of the computer code would result in performance of the one or more unacceptable program behaviors. The one or more unacceptable program behaviors include modifying preexisting computer code to incorporate the computer code written using the DSL.
4 Citations
20 Claims
-
1. A method for securing computer code, the method comprising:
-
receiving the computer code, wherein the computer code is written using a dynamic Domain Specific Language (DSL) running in a General Purpose Language (GPL) computing environment; using a compiler to perform static compiler analysis on the computer code, the static compiler analysis including referencing a security policy defining one or more unacceptable program behaviors; performing, during compile time at the compiler, runtime security checking functionality leveraging compiler extensions, type information, and environment specific compile context; and indicating when execution of the computer code would result in performance of the one or more unacceptable program behaviors based on results of the static compiler analysis, wherein the one or more unacceptable program behaviors include modifying preexisting computer code to incorporate the computer code written using the DSL. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus comprising:
a digital processor coupled to a display and to a non-transitory processor-readable storage device, wherein the non-transitory processor-readable storage device includes one or more instructions executable by the digital processor to perform the following acts; receiving computer code, wherein the computer code is written using a dynamic Domain Specific Language (DSL) running in a General Purpose Language (GPL) computing environment; using a compiler to perform static compiler analysis on the computer code, the static compiler analysis including referencing a security policy defining one or more unacceptable program behaviors; performing, during compile time at the compiler, runtime security checking functionality leveraging compiler extensions, type information, and environment specific compile context; and indicating when execution of the computer code would result in performance of the one or more unacceptable program behaviors based on results of the static compiler analysis, wherein the one or more unacceptable program behaviors include modifying preexisting computer code to incorporate the computer code written using the DSL.
-
20. A non-transitory processor-readable storage device including instructions executable by a digital processor, the non-transitory processor-readable storage device including one or more instructions for:
-
receiving computer code, wherein the computer code is written using a dynamic Domain Specific Language (DSL) running in a General Purpose Language (GPL) computing environment; using a compiler to perform static compiler analysis on the computer code, the static compiler analysis including referencing a security policy defining one or more unacceptable program behaviors; performing, during compile time at the compiler, runtime security checking functionality leveraging compiler extensions, type information, and environment specific compile context; and indicating when execution of the computer code would result in performance of the one or more unacceptable program behaviors based on results of the static compiler analysis, wherein the one or more unacceptable program behaviors include modifying preexisting computer code to incorporate the computer code written using the DSL.
-
Specification