Self-repair and distributed-repair of applications

US 9,684,788 B2
Filed: 06/29/2015
Issued: 06/20/2017
Est. Priority Date: 06/29/2015
Status: Active Grant

First Claim

Patent Images

1. A method for self-repair and distributed-repair of applications, the method comprising:

providing a visual editor for a first set of policy configurations;

instrumenting the first set of policy configuration into a set of application instances corresponding to a set of computers;

detecting an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers;

correcting the information-flow-security violation for the first application instance corresponding to the first computer, to establish a corrected information-flow-security violation;

establishing a second set of policy configurations for the first application instance corresponding to the first computer based at least in part on the corrected information-flow-security violation;

communicating the second set of policy configurations to a monitor agent on a second computer of the set of computers; and

establishing by the monitor agent the second set of policy configuration for a subset of application instances in the set of application instances,wherein;

at least the step of establishing a second set of policy configurations for the first application instance is performed by computer software running on computer hardware.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method is provided to instrument applications with an instrumentation policy that is visually configurable and allows for run-time modifications of the policy. Instrumentation is achieved without modifying the source code of the applications. Modification of the instrumentation policy of an application is applied without re-compiling, re-deploying, and re-provisioning the application. The instrumentation tracks the flow of values at run time throughout the execution of an application and fixes any security violation automatically by dynamically modifying any value that violates integrity or confidentiality.

23 Citations

View as Search Results

20 Claims

1. A method for self-repair and distributed-repair of applications, the method comprising:
- providing a visual editor for a first set of policy configurations;
  
  instrumenting the first set of policy configuration into a set of application instances corresponding to a set of computers;
  
  detecting an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers;
  
  correcting the information-flow-security violation for the first application instance corresponding to the first computer, to establish a corrected information-flow-security violation;
  
  establishing a second set of policy configurations for the first application instance corresponding to the first computer based at least in part on the corrected information-flow-security violation;
  
  communicating the second set of policy configurations to a monitor agent on a second computer of the set of computers; and
  
  establishing by the monitor agent the second set of policy configuration for a subset of application instances in the set of application instances,wherein;
  
  at least the step of establishing a second set of policy configurations for the first application instance is performed by computer software running on computer hardware.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - refining the corrected information-flow-security violation and the second set of policy configurations for the first application instance based on a notification from a second application instance in the set of application instances corresponding to a third computer of the set of computers.
  - 3. The method of claim 1, wherein the step of instrumenting the first set of policy configurations into a set of application instances includes:
    - injecting the first set of policy configurations into a source code of the set of application instances.
  - 4. The method of claim 1, wherein:
    - the first set of policy configurations is dynamically modified at run time;
      
      the first application instance corresponding to the first computer is not redeployed or reprovisioned; and
      
      a consent of a user is not requested.
  - 5. The method of claim 1, wherein the step of detecting an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers includes:
    - dynamically tracking a flow of data throughout an execution of the first application instance corresponding to the first computer; and
      
      determining whether there exists a flow of untrusted data into a security-sensitive computation.
  - 6. The method of claim 1, wherein the step of correcting the information-flow-security violation for the first application instance corresponding to the first computer includes:
    - dynamically modifying a value that breaks an integrity or a confidentiality while the first computer continues to execute the first application instance.
  - 7. The method of claim 1, wherein the step of establishing the second set of policy configurations for a subset of application instances in the set of application instances includes:
    - notifying the application instances of a subset of application instances.
  - 8. The method of claim 1, wherein the step of instrumenting the first set of policy configurations into a set of application instances includes:
    - injecting the first set of policy configurations into a compiled code of the set of application instances.
  - 9. The method of claim 1, wherein the step of detecting an information-flow-security violation at run time of a first application instance corresponding to a first computer of the set of computers includes:
    - dynamically tracking a flow of data throughout an execution of the first application instance corresponding to the first computer; and
      
      determining whether there exists a flow of data that releases private data to unauthorized parties.

10. A computer program product for self-repair and distributed-repair of applications, the computer program product comprising a computer readable storage medium having stored thereon:
- first program instructions programmed to provide a visual editor for a first set of policy configurations;
  
  second program instructions programmed to instrument the first set of policy configuration into a set of application instances corresponding to a set of computers;
  
  third program instructions programmed to detect an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers;
  
  fourth program instructions programmed to correct the information-flow-security violation for the first application instance corresponding to the first computer, to establish a corrected information-flow-security violation;
  
  fifth program instructions to establish a second set of policy configurations for the first application instance corresponding to the first computer based at least in part on the corrected information-flow-security violation;
  
  sixth program instructions to communicate the second set of policy configurations to a monitor agent on a second computer of the set of computers; and
  
  seventh program instructions to establish by the monitor agent the second set of policy configuration for a subset of application instances in the set of application instances.wherein;
  
  at least the step of establishing a second set of policy configurations for the first application instance is performed by computer software running on computer hardware.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The computer program product of claim 10, further comprising:
    - eighth program instructions to refine the corrected information-flow-security violation and the second set of policy configurations for the first application instance based on a notification from a second application instance in the set of application instances corresponding to a third computer of the set of computers.
  - 12. The computer program product of claim 10, wherein the step of instrumenting the first set of policy configurations into a set of application instances includes:
    - injecting the first set of policy configurations into a source code of the set of application instances.
  - 13. The computer program product of claim 10, wherein:
    - the first set of policy configurations is dynamically modified at run time;
      
      the first application instance corresponding to the first computer is not redeployed or reprovisioned; and
      
      a consent of a user is not requested.
  - 14. The computer program product of claim 10, wherein the step of detecting an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers includes:
    - dynamically tracking a flow of data throughout an execution of the first application instance corresponding to the first computer; and
      
      determining whether there exists a flow of untrusted data into a security-sensitive computation.

15. A computer system for self-repair and distributed-repair of applications, the computer system comprising:
- a processor(s) set; and
  
  a computer readable storage medium;
  
  wherein;
  
  the processor set is structured, located, connected and/or programmed to run program instructions stored on the computer readable storage medium; and
  
  the program instructions include;
  
  first program instructions programmed to provide a visual editor for a first set of policy configurations;
  
  second program instructions programmed to instrument the first set of policy configuration into a set of application instances corresponding to a set of computers;
  
  third program instructions programmed to detect an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers;
  
  fourth program instructions programmed to correct the information-flow-security violation for the first application instance corresponding to the first computer, to establish a corrected information-flow-security violation;
  
  fifth program instructions to establish a second set of policy configurations for the first application instance corresponding to the first computer based at least in part on the corrected information-flow-security violation;
  
  sixth program instructions to communicate the second set of policy configurations to a monitor agent on a second computer of the set of computers; and
  
  seventh program instructions to establish by the monitor agent the second set of policy configuration for a subset of application instances in the set of application instances.wherein;
  
  at least the step of establishing a second set of policy configurations for the first application instance is performed by computer software running on computer hardware.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The computer system of claim 15, wherein:
    - the first set of policy configurations is dynamically modified at run time;
      
      the first application instance corresponding to the first computer is not redeployed or reprovisioned; and
      
      a consent of a user is not requested.
  - 17. The computer system of claim 15, wherein the step of detecting an information-flow-security violation at run time of a first application instance in the set of application instances corresponding to a first computer of the set of computers includes:
    - dynamically tracking a flow of data throughout an execution of the first application instance corresponding to the first computer; and
      
      determining whether there exists a flow of untrusted data into a security-sensitive computation.
  - 18. The computer system of claim 15, wherein the step of correcting the information-flow-security violation for the first application instance corresponding to the first computer includes:
    - dynamically modifying a value that breaks an integrity or a confidentiality while the first computer continues to execute the first application instance.
  - 19. The computer system of claim 15, wherein the step of establishing the second set of policy configurations for a subset of application instances in the set of application instances includes:
    - notifying the application instances of a subset of application instances.
  - 20. The computer system of claim 15, wherein the step of instrumenting the first set of policy configurations into a set of application instances includes:
    - injecting the first set of policy configurations into a compiled code of the set of application instances.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Ferrara, Pietro, Pistoia, Marco, Tripp, Omer, Tsankov, Petar I.
Primary Examiner(s)
Poltorak, Peter

Application Number

US14/753,569
Publication Number

US 20160378987A1
Time in Patent Office

722 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/566   Dynamic detection, i.e. det...

H04L 63/20   for managing network securi...

Self-repair and distributed-repair of applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Self-repair and distributed-repair of applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others