DE112018002984T5 - Konformitätsbewusste Laufzeiterzeugung auf Grundlage von Anwendungsmustern und Risikobeurteilung - Google Patents

Konformitätsbewusste Laufzeiterzeugung auf Grundlage von Anwendungsmustern und Risikobeurteilung Download PDF

Info

Publication number
DE112018002984T5
DE112018002984T5 DE112018002984.0T DE112018002984T DE112018002984T5 DE 112018002984 T5 DE112018002984 T5 DE 112018002984T5 DE 112018002984 T DE112018002984 T DE 112018002984T DE 112018002984 T5 DE112018002984 T5 DE 112018002984T5
Authority
DE
Germany
Prior art keywords
computer
conformity
component
information
determination
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
DE112018002984.0T
Other languages
German (de)
English (en)
Inventor
Constantin Mircea Adam
Maja Vukovic
Jinho Hwang
Shripad Nadgowda
Nikolaos Anerousis
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of DE112018002984T5 publication Critical patent/DE112018002984T5/de
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)
DE112018002984.0T 2017-07-19 2018-06-18 Konformitätsbewusste Laufzeiterzeugung auf Grundlage von Anwendungsmustern und Risikobeurteilung Pending DE112018002984T5 (de)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/653,676 US10803177B2 (en) 2017-07-19 2017-07-19 Compliance-aware runtime generation based on application patterns and risk assessment
US15/653,676 2017-07-19
PCT/IB2018/054458 WO2019016628A1 (en) 2017-07-19 2018-06-18 COMPLIANCE-SUSTAINABLE EXECUTION GENERATION BASED ON REASONS FOR APPLICATION AND RISK ASSESSMENT

Publications (1)

Publication Number Publication Date
DE112018002984T5 true DE112018002984T5 (de) 2020-02-27

Family

ID=65015628

Family Applications (1)

Application Number Title Priority Date Filing Date
DE112018002984.0T Pending DE112018002984T5 (de) 2017-07-19 2018-06-18 Konformitätsbewusste Laufzeiterzeugung auf Grundlage von Anwendungsmustern und Risikobeurteilung

Country Status (6)

Country Link
US (2) US10803177B2 (https=)
JP (1) JP6963671B2 (https=)
CN (1) CN110914809B (https=)
DE (1) DE112018002984T5 (https=)
GB (1) GB2578066B (https=)
WO (1) WO2019016628A1 (https=)

Families Citing this family (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10848494B2 (en) * 2017-08-14 2020-11-24 Microsoft Technology Licensing, Llc Compliance boundaries for multi-tenant cloud environment
US11637844B2 (en) * 2017-09-28 2023-04-25 Oracle International Corporation Cloud-based threat detection
US11880462B2 (en) * 2018-05-21 2024-01-23 Google Llc Identify malicious software
CN109919479B (zh) * 2019-03-01 2020-08-04 友谊国际工程咨询有限公司 一种工程项目的安全施工评估系统及其评估方法
US11232078B2 (en) 2019-04-05 2022-01-25 Sap Se Multitenancy using an overlay file system
US11113249B2 (en) 2019-04-05 2021-09-07 Sap Se Multitenant application server using a union file system
US10809994B1 (en) * 2019-04-05 2020-10-20 Sap Se Declarative multi-artefact software installation
US10942723B2 (en) 2019-04-05 2021-03-09 Sap Se Format for multi-artefact software packages
US10956140B2 (en) 2019-04-05 2021-03-23 Sap Se Software installation through an overlay file system
CN110610318B (zh) * 2019-09-18 2020-09-22 金润方舟科技股份有限公司 一种基于大数据的工程造价管理系统
US11029975B2 (en) * 2019-10-02 2021-06-08 International Business Machines Corporation Automated container image assembly
US11463478B2 (en) 2019-10-29 2022-10-04 International Business Machines Corporation Remediation strategy optimization for development, security and operations (DevSecOps)
US11762985B2 (en) * 2020-01-13 2023-09-19 Acronis International Gmbh Systems and methods for protecting files indirectly related to user activity
CN111324357B (zh) * 2020-02-11 2022-06-28 支付宝(杭州)信息技术有限公司 应用程序接入风控平台的方法及相关设备
CN111552908A (zh) * 2020-04-30 2020-08-18 深信服科技股份有限公司 终端、系统和应用程序的运行方法
US11537602B2 (en) * 2020-05-12 2022-12-27 International Business Machines Corporation Computer implemented live cross walks in compliance mappings in response to regulatory changes and assessing risks of changes
CN111767585A (zh) * 2020-06-29 2020-10-13 北京百度网讯科技有限公司 对象识别方法、装置、电子设备及存储介质
CN111885191B (zh) * 2020-07-30 2021-08-17 西安电子科技大学 一种计算机网络通信系统
US12541180B2 (en) 2020-09-04 2026-02-03 International Business Machines Corporation Movement sequence analysis utilizing printed circuits
KR102380434B1 (ko) * 2020-10-06 2022-03-31 숭실대학교 산학협력단 도커 파일 분석을 수행하는 도커 이미지 취약점 검사 장치 및 방법
KR102439818B1 (ko) * 2020-12-23 2022-09-02 사단법인 금융보안원 금융 컴플라이언스에 기반한 평가 기준 관리 장치 및 그 방법
KR102439817B1 (ko) * 2020-12-23 2022-09-02 사단법인 금융보안원 보안 취약점 관리 시스템과 방법 및 그 기록매체
JP2022135170A (ja) * 2021-03-04 2022-09-15 オムロン株式会社 開発支援装置、開発支援装置の制御方法、情報処理プログラム、および記録媒体
US11632411B2 (en) * 2021-03-31 2023-04-18 Tencent America LLC Method and apparatus for cascaded multi-input content preparation templates for 5G networks
US12086262B2 (en) * 2021-07-28 2024-09-10 Red Hat, Inc. Secure container image builds
US12010145B2 (en) * 2021-07-29 2024-06-11 International Business Machines Corporation Certification of computer pipeline results
US11556351B1 (en) * 2021-10-13 2023-01-17 International Business Machines Corporation Facilitation of application containerization
US12493455B2 (en) * 2022-02-11 2025-12-09 Micro Focus Llc Container based generation of inputs for generic functions
DE102022203086A1 (de) * 2022-03-29 2023-10-05 Volkswagen Aktiengesellschaft Risikoanalyse eines verteilten Untersuchungsgegenstands
US20230394159A1 (en) * 2022-06-06 2023-12-07 ArmorCode Inc A method and system for security risk identification and controlling release management of software application with vulnerable codes
US20240354422A1 (en) * 2023-04-20 2024-10-24 Micron Technology, Inc. Certification of device calibrations
US20250330469A1 (en) * 2024-04-17 2025-10-23 Red Hat, Inc. Remote login resource access control using a container

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181435A9 (en) * 2002-06-14 2004-09-16 Reinsurance Group Of America Corporation Computerized system and method of performing insurability analysis
EP1619572A1 (en) 2004-07-23 2006-01-25 Texas Instruments Incorporated System and method of identifying and preventing security violations within a computing system
EP1891524A4 (en) * 2005-05-23 2010-06-30 Sap Governance Risk And Compli ACCESS DEVICE ENFORCEMENT
US20070101432A1 (en) 2005-10-28 2007-05-03 Microsoft Corporation Risk driven compliance management
US8346911B2 (en) 2006-03-17 2013-01-01 International Business Machines Corporation Computer system evaluation
US20080016339A1 (en) * 2006-06-29 2008-01-17 Jayant Shukla Application Sandbox to Detect, Remove, and Prevent Malware
US9069967B2 (en) * 2007-02-16 2015-06-30 Veracode, Inc. Assessment and analysis of software security flaws
US8438609B2 (en) * 2007-03-22 2013-05-07 The Invention Science Fund I, Llc Resource authorizations dependent on emulation environment isolation policies
US8200741B1 (en) * 2008-02-08 2012-06-12 Joviandata, Inc. System for pause and play dynamic distributed computing
US8005950B1 (en) * 2008-12-09 2011-08-23 Google Inc. Application server scalability through runtime restrictions enforcement in a distributed application execution system
US20110112973A1 (en) * 2009-11-09 2011-05-12 Microsoft Corporation Automation for Governance, Risk, and Compliance Management
US9166966B2 (en) 2011-08-15 2015-10-20 Bank Of America Corporation Apparatus and method for handling transaction tokens
US20130219156A1 (en) 2012-02-22 2013-08-22 Sungard Availability Services Lp Compliance aware change control
US8918837B2 (en) * 2012-12-28 2014-12-23 Intel Corporation Web application container for client-level runtime control
US20150089300A1 (en) 2013-09-26 2015-03-26 Microsoft Corporation Automated risk tracking through compliance testing
US9519775B2 (en) 2013-10-03 2016-12-13 Qualcomm Incorporated Pre-identifying probable malicious behavior based on configuration pathways
US20160043892A1 (en) 2014-07-22 2016-02-11 Intigua, Inc. System and method for cloud based provisioning, configuring, and operating management tools
US9116768B1 (en) 2014-11-20 2015-08-25 Symantec Corporation Systems and methods for deploying applications included in application containers
JP6717206B2 (ja) * 2015-01-29 2020-07-01 日本電気株式会社 マルウェア対策装置、マルウェア対策システム、マルウェア対策方法、及び、マルウェア対策プログラム
US9646159B2 (en) 2015-03-31 2017-05-09 Juniper Networks, Inc. Multi-file malware analysis
US9785776B2 (en) 2015-04-27 2017-10-10 Iboss, Inc. High risk program identification based on program behavior
US10171310B2 (en) * 2015-06-17 2019-01-01 International Business Machines Corporation Ensuring regulatory compliance during application migration to cloud-based containers
US10223074B2 (en) * 2015-12-11 2019-03-05 International Business Machines Corporation Determining the identity of software in software containers
JP6749094B2 (ja) * 2015-12-18 2020-09-02 エヌ・ティ・ティ・コミュニケーションズ株式会社 コンテナ収容装置、コンテナ作成方法、及びプログラム
US10592664B2 (en) * 2017-02-02 2020-03-17 Cisco Technology, Inc. Container application security and protection
US10885189B2 (en) * 2017-05-22 2021-01-05 Microsoft Technology Licensing, Llc Isolated container event monitoring

Also Published As

Publication number Publication date
GB2578066B (en) 2022-02-16
US10789368B2 (en) 2020-09-29
GB2578066A (en) 2020-04-15
US20190026472A1 (en) 2019-01-24
US20190026474A1 (en) 2019-01-24
CN110914809B (zh) 2023-08-29
GB202000336D0 (en) 2020-02-26
JP6963671B2 (ja) 2021-11-10
WO2019016628A1 (en) 2019-01-24
JP2020527798A (ja) 2020-09-10
US10803177B2 (en) 2020-10-13
CN110914809A (zh) 2020-03-24

Similar Documents

Publication Publication Date Title
DE112018002984T5 (de) Konformitätsbewusste Laufzeiterzeugung auf Grundlage von Anwendungsmustern und Risikobeurteilung
DE112020005323B4 (de) Elastische ausführung von machine-learning-arbeitslasten unter verwendung einer anwendungsbasierten profilierung
DE112020003820T5 (de) Erkennung von Anomalien und Abweichungen unter Verwendung eines domänenindizierten Einschränkungs-Repository
DE112021004689T5 (de) Kontextbasierte risikobeurteilung einer schwachstelle in datenverarbeitungsressourcen
DE112021005636T5 (de) Migrieren von komplexen legacy-anwendungen
DE112021006130T5 (de) Automatisierte orchestrierung von containern durch bewerten von mikrodiensten
DE112020002110T5 (de) Ressourcenarme entitätsauflösung mit transfer learning
DE112021002245T5 (de) Verhindern einer unberechtigten bereitstellung von paketen in clustern
DE112017007510T5 (de) Blockchain für offene wissenschaftliche forschung
DE102017217971A1 (de) Ermöglichen von Debugging von serverlosen Anwendungen mittels Graph-Rewriting
DE112018004660T5 (de) Verwenden von kommentaren zum bereitstellen von optimierungen
DE112020003825T5 (de) Entsprechung zwischen externen Operationen und Containern sowie Mutationsereignissen
DE112018005167T5 (de) Aktualisieren von trainingsdaten
DE112012004238T5 (de) Auf Erkennung beruhende Identifizierung und Migration von leicht in eine Cloud verlagerbaren Anwendungen
DE112023001690T5 (de) Erklärbare klassifizierungen mit verzicht unter verwendung von kundenagnostischen maschinellen lernmodellen
DE112018005898T5 (de) Dynamische bereitstellung von software-funktionen
DE112021001639T5 (de) Schutz von computeranlagen vor bösartigen angriffen
DE112021003184T5 (de) Ermittlung von laufzeitumgebungen für software-container
DE112019001433T5 (de) Datenanonymisierung
DE112021003274T5 (de) Ressourcenzuordnung zum optimieren von hyperparametern bei umfangreichen deep-learning-arbeitslasten
DE102021123576B4 (de) Frühzeitiges stoppen von versuchen bei stapelweise erfolgender bayesscher optimierung in industrieprozessen
DE112021005927T5 (de) Patchen von arbeitsabläufen
DE112020004487T5 (de) Erkennen von mutationsereignissen zum überwachen der integrität
DE112020004806T5 (de) Cluster-sicherheit auf der grundlage von inhalten virtueller maschinen
DE112021004103T5 (de) Erkennung und handhabung einer übermässigen ressourcennutzung in einer verteilten datenverarbeitungsumgebung

Legal Events

Date Code Title Description
R012 Request for examination validly filed
R016 Response to examination communication
R084 Declaration of willingness to licence