Method and system for generating and employing a secure integrated development environment
First Claim
1. A computer-implemented method comprising:
- identifying one or more modules associated with a conventional integrated development environment (IDE) that are to be modified to transform the conventional IDE into a secure IDE, wherein each of the one or more modules corresponds to an IDE component;
determining one or more security extensions to be associated with the one or more modules that are chosen to be modified based on their corresponding one or more IDE components; and
generating the secure IDE by modifying the one or more modules by associating a security extension to each IDE component corresponding to each of the one or more modules to transform each IDE component into a secure IDE component to transform the conventional IDE into the secure IDE, wherein the secure IDE provides security for one or more software applications that are developed using the secure IDE.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method are provided to generate a secure integrated development environment (IDE). In one embodiment, a plurality of modules in a source code associated with a conventional IDE is detected. One or more modules of the plurality of modules that are to be modified are identified. One or more modifying components are identified and are to be associated with the one or more modules that are to be modified. A secure IDE is generated by updating the conventional IDE by modifying the one or more modules in the source code associated with the conventional IDE, wherein the one or more modules are modified by associating the one or more modifying components to the corresponding one or more modules.
28 Citations
25 Claims
-
1. A computer-implemented method comprising:
-
identifying one or more modules associated with a conventional integrated development environment (IDE) that are to be modified to transform the conventional IDE into a secure IDE, wherein each of the one or more modules corresponds to an IDE component; determining one or more security extensions to be associated with the one or more modules that are chosen to be modified based on their corresponding one or more IDE components; and generating the secure IDE by modifying the one or more modules by associating a security extension to each IDE component corresponding to each of the one or more modules to transform each IDE component into a secure IDE component to transform the conventional IDE into the secure IDE, wherein the secure IDE provides security for one or more software applications that are developed using the secure IDE. - View Dependent Claims (2, 3, 4, 5, 6, 7, 16, 17, 18, 19, 20)
-
-
8. A system comprising:
a computer server having a mechanism for transforming a conventional integrated development environment (IDE) into a secure IDE, the computer server further having one or more virtual machines to provide a runtime system for running the mechanism, the conventional IDE, or the secure IDE, the mechanism to; identify one or more modules associated with the conventional IDE that are to be modified to transform the conventional IDE into a secure IDE, wherein each of the one or more modules corresponds to an IDE component; determine one or more security extensions to be associated with the one or more modules that are chosen to be modified based on their corresponding one or more IDE components; and generate the secure IDE by modifying the one or more modules by associating a security extension to each IDE component corresponding to each of the one or more modules to transform each IDE component into a secure IDE component to transform the conventional IDE into the secure IDE, wherein the secure IDE provides security for one or more software applications that are developed using the secure IDE. - View Dependent Claims (9, 21, 22, 23)
-
10. A non-transitory machine-accessible medium having instructions which, when executed, cause a machine to:
-
identify one or more modules associated with a conventional integrated development environment (IDE) that are to be modified to transform the conventional IDE into a secure IDE, wherein each of the one or more modules corresponds to an IDE component; determine one or more security extensions to be associated with the one or more modules that are chosen to be modified based on their corresponding one or more IDE components; and generate the secure IDE by modifying the one or more modules by associating a security extension to each IDE component corresponding to each of the one or more modules to transform each IDE component into a secure IDE component to transform the conventional IDE into the secure IDE, wherein the secure IDE provides security for one or more software applications that are developed using the secure IDE. - View Dependent Claims (11, 24, 25)
-
-
12. A computer-implemented method comprising:
-
transforming a conventional intrusion detection component of a conventional integrated development environment (IDE) into a secure intrusion detection component to transform the conventional IDE into a secure IDE, wherein the conventional intrusion detection component is transformed by accepting an intrusion detection exception, wherein the secure IDE provides security for one or more software applications that are developed using the secure IDE; detecting security intrusion in a programming method that performs an encryption operation or a decryption operation, wherein detecting includes generating and analyzing of stack trace information to detect intrusion and generate a security alert event, wherein detecting is performed to prevent an unauthorized access of the secure IDE and further includes; receiving an incoming call; detecting stack trace of the incoming call; generating the stack trace information associated with the stack trace of the incoming call; analyzing the stack trace information to determine whether a caller is authorized or unauthorized; generating the security alert event, if the caller is unauthorized; and allowing the call to proceed, if the caller is authorized, wherein the security alert event based on the secure intrusion detection component is used to determine whether the caller is authorized. - View Dependent Claims (13)
-
-
14. A computer-implemented method comprising:
-
transforming a conventional build security component of a conventional integrated development environment (IDE) into a secure build security component to transform the conventional IDE into a secure IDE, wherein the conventional build security component is transformed by accepting a build security exception, wherein the secure IDE provides security for one or more software applications that are developed using the secure IDE; securing reuse of sensitive build logic using the secure build security component, the securing reuse of the sensitive build logic including separating out ant based targets into a file, and calling classes containing sensitive encryption/decryption logic, and granting read-only access to the file to enable the securing reuse of the sensitive build logic, the securing reuse of the sensitive build logic further including; starting the secure IDE, and selecting a project; invoking a user level ant based script, the user level ant based script having a secure build script; invoking a file decryptor to perform decryption; invoking a compiler, or an encrypter to perform encryption, if an error has not occurred; and aborting a process for using the secure IDE, if the error has occurred, wherein aborting of the process including rolling back sensitive information to be secured. - View Dependent Claims (15)
-
Specification