Realtime tracking of software components
First Claim
Patent Images
1. A method comprising:
- loading, one or more classes of a software component on a server, wherein the one or more classes are of unknown origin;
analyzing the loaded one or more classes of the software component by identifying one or more features thereof and checking said one or more features against a set of configurable rules stored in a database;
classifying the software component as one of a set of component types, based on analyzing the one or more loaded classes, wherein;
a component classified as a first type component is safe to be executed;
a component classified as a second type component is not safe to be executed but recognized by the server, wherein the second type component is comprised of open-source having license conditions making it unsuitable for commercial use;
a component classified as a third type component is neither safe to be executed nor recognized by the server, wherein the third type component is comprised of classes associated with an acceptable risk or an unacceptable risk; and
performing an action on the software component, which action is dictated by the component type,wherein the component classified as the first component type is run without amendment when the action is performed;
wherein the component classified as the second component type is replaced by a component of equivalent functionality prior to running when the action is performed; and
wherein the component classified as the third component type has an acceptance of the classes logged for further investigation when the classes are associated with acceptable risk and is blocked from running when the classes are associated with unacceptable risk.
2 Assignments
0 Petitions
Accused Products
Abstract
The disclosure is for run-time accessing a software component is provided, together with a computer system embodying the same, and a software utility directing the method. Initially a software component is loaded and analyzed to identify one or more features thereof, which features are checked against a database. Following the check, the component is classified as one of at least first, second, and third component types. A first component type is run without amendment. A second component type is replaced by a component of equivalent functionality prior to running. A third component type is blocked from running.
3 Citations
18 Claims
-
1. A method comprising:
-
loading, one or more classes of a software component on a server, wherein the one or more classes are of unknown origin; analyzing the loaded one or more classes of the software component by identifying one or more features thereof and checking said one or more features against a set of configurable rules stored in a database; classifying the software component as one of a set of component types, based on analyzing the one or more loaded classes, wherein; a component classified as a first type component is safe to be executed; a component classified as a second type component is not safe to be executed but recognized by the server, wherein the second type component is comprised of open-source having license conditions making it unsuitable for commercial use; a component classified as a third type component is neither safe to be executed nor recognized by the server, wherein the third type component is comprised of classes associated with an acceptable risk or an unacceptable risk; and performing an action on the software component, which action is dictated by the component type, wherein the component classified as the first component type is run without amendment when the action is performed; wherein the component classified as the second component type is replaced by a component of equivalent functionality prior to running when the action is performed; and wherein the component classified as the third component type has an acceptance of the classes logged for further investigation when the classes are associated with acceptable risk and is blocked from running when the classes are associated with unacceptable risk. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product comprising:
-
one or more non-transitory storage mediums; program instructions stored on the one or more non-transitory storage mediums, wherein the program instructions are able to be executed by one or more processors to; load one or more classes of a software component on a server, wherein the one or more classes are of unknown origin; analyze the loaded one or more classes of the software component by identifying one or more features thereof and checking said one or more features against a set of configurable rules stored in a database; classify the software component as one of a set of component types, based on analyzing the one or more loaded classes, wherein; a component classified as a first type component is safe to be executed; a component classified as a second type component is not safe to be executed but recognized by the server, wherein the second type component is comprised of open-source having license conditions making it unsuitable for commercial use; a component classified as a third type component is neither safe to be executed nor recognized by the server, wherein the third type component is comprised of classes associated with an acceptable risk or an unacceptable risk; and perform an action on the software component, which action is dictated by the component type, wherein the component classified as the first component type is run without amendment when the action is performed; wherein the component classified as the second component type is replaced by a component of equivalent functionality prior to running when the action is performed; and wherein the component classified as the third component type has an acceptance of the classes logged for further investigation when the classes are associated with acceptable risk and is blocked from running when the classes are associated with unacceptable risk. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
one or more processors; one or more non-transitory storage mediums; program instructions stored on the one or more non-transitory storage mediums, wherein the one or more processors execute the program instructions to; load one or more classes of a software component on a server, wherein the one or more classes are of unknown origin; analyze the loaded one or more classes of the software component by identifying one or more features thereof and checking said one or more features against a set of configurable rules stored in a database; classify the software component as one of a set of component types, based on analyzing the one or more loaded classes, wherein; a component classified as a first type component is safe to be executed; a component classified as a second type component is not safe to be executed but recognized by the server, wherein the second type component is comprised of open-source having license conditions making it unsuitable for commercial use; a component classified as a third type component is neither safe to be executed nor recognized by the server, wherein the third type component is comprised of classes associated with an acceptable risk or an unacceptable risk; and perform an action on the software component, which action is dictated by the component type, wherein the component classified as the first component type is run without amendment when the action is performed; wherein the component classified as the second component type is replaced by a component of equivalent functionality prior to running when the action is performed; and wherein the component classified as the third component type has an acceptance of the classes logged for further investigation when the classes are associated with acceptable risk and is blocked from running when the classes are associated with unacceptable risk. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification