JP6963671B2 - アプリケーションのパターンおよびリスク評価に基づくコンプライアンスを認識するランタイム生成 - Google Patents

アプリケーションのパターンおよびリスク評価に基づくコンプライアンスを認識するランタイム生成 Download PDF

Info

Publication number
JP6963671B2
JP6963671B2 JP2020501330A JP2020501330A JP6963671B2 JP 6963671 B2 JP6963671 B2 JP 6963671B2 JP 2020501330 A JP2020501330 A JP 2020501330A JP 2020501330 A JP2020501330 A JP 2020501330A JP 6963671 B2 JP6963671 B2 JP 6963671B2
Authority
JP
Japan
Prior art keywords
compliance
component
computer
information
risk
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2020501330A
Other languages
English (en)
Japanese (ja)
Other versions
JP2020527798A5 (enExample
JP2020527798A (ja
Inventor
アダム、コンスタンチン、ミルセア
ブコヴィッチ、マハ
フワン、ジンホ
ナドゴブダ、シュリパド
アネロウシス、ニコラオス
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Publication of JP2020527798A publication Critical patent/JP2020527798A/ja
Publication of JP2020527798A5 publication Critical patent/JP2020527798A5/ja
Application granted granted Critical
Publication of JP6963671B2 publication Critical patent/JP6963671B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/563Static detection by source code analysis
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/564Static detection by virus signature recognition
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)
  • Storage Device Security (AREA)
JP2020501330A 2017-07-19 2018-06-18 アプリケーションのパターンおよびリスク評価に基づくコンプライアンスを認識するランタイム生成 Active JP6963671B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US15/653,676 US10803177B2 (en) 2017-07-19 2017-07-19 Compliance-aware runtime generation based on application patterns and risk assessment
US15/653,676 2017-07-19
PCT/IB2018/054458 WO2019016628A1 (en) 2017-07-19 2018-06-18 COMPLIANCE-SUSTAINABLE EXECUTION GENERATION BASED ON REASONS FOR APPLICATION AND RISK ASSESSMENT

Publications (3)

Publication Number Publication Date
JP2020527798A JP2020527798A (ja) 2020-09-10
JP2020527798A5 JP2020527798A5 (enExample) 2020-12-10
JP6963671B2 true JP6963671B2 (ja) 2021-11-10

Family

ID=65015628

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2020501330A Active JP6963671B2 (ja) 2017-07-19 2018-06-18 アプリケーションのパターンおよびリスク評価に基づくコンプライアンスを認識するランタイム生成

Country Status (6)

Country Link
US (2) US10803177B2 (enExample)
JP (1) JP6963671B2 (enExample)
CN (1) CN110914809B (enExample)
DE (1) DE112018002984T5 (enExample)
GB (1) GB2578066B (enExample)
WO (1) WO2019016628A1 (enExample)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10848494B2 (en) * 2017-08-14 2020-11-24 Microsoft Technology Licensing, Llc Compliance boundaries for multi-tenant cloud environment
US11637844B2 (en) * 2017-09-28 2023-04-25 Oracle International Corporation Cloud-based threat detection
CN109919479B (zh) * 2019-03-01 2020-08-04 友谊国际工程咨询有限公司 一种工程项目的安全施工评估系统及其评估方法
US11232078B2 (en) 2019-04-05 2022-01-25 Sap Se Multitenancy using an overlay file system
US10942723B2 (en) 2019-04-05 2021-03-09 Sap Se Format for multi-artefact software packages
US10809994B1 (en) * 2019-04-05 2020-10-20 Sap Se Declarative multi-artefact software installation
US11113249B2 (en) 2019-04-05 2021-09-07 Sap Se Multitenant application server using a union file system
US10956140B2 (en) 2019-04-05 2021-03-23 Sap Se Software installation through an overlay file system
CN110610318B (zh) * 2019-09-18 2020-09-22 金润方舟科技股份有限公司 一种基于大数据的工程造价管理系统
US11029975B2 (en) * 2019-10-02 2021-06-08 International Business Machines Corporation Automated container image assembly
US11463478B2 (en) 2019-10-29 2022-10-04 International Business Machines Corporation Remediation strategy optimization for development, security and operations (DevSecOps)
US11762985B2 (en) * 2020-01-13 2023-09-19 Acronis International Gmbh Systems and methods for protecting files indirectly related to user activity
CN111324357B (zh) * 2020-02-11 2022-06-28 支付宝(杭州)信息技术有限公司 应用程序接入风控平台的方法及相关设备
CN111552908A (zh) * 2020-04-30 2020-08-18 深信服科技股份有限公司 终端、系统和应用程序的运行方法
US11537602B2 (en) * 2020-05-12 2022-12-27 International Business Machines Corporation Computer implemented live cross walks in compliance mappings in response to regulatory changes and assessing risks of changes
CN111767585A (zh) * 2020-06-29 2020-10-13 北京百度网讯科技有限公司 对象识别方法、装置、电子设备及存储介质
CN111885191B (zh) * 2020-07-30 2021-08-17 西安电子科技大学 一种计算机网络通信系统
US20220075329A1 (en) * 2020-09-04 2022-03-10 International Business Machines Corporation Movement sequence analysis utilizing printed circuits
KR102380434B1 (ko) * 2020-10-06 2022-03-31 숭실대학교 산학협력단 도커 파일 분석을 수행하는 도커 이미지 취약점 검사 장치 및 방법
KR102439818B1 (ko) * 2020-12-23 2022-09-02 사단법인 금융보안원 금융 컴플라이언스에 기반한 평가 기준 관리 장치 및 그 방법
KR102439817B1 (ko) * 2020-12-23 2022-09-02 사단법인 금융보안원 보안 취약점 관리 시스템과 방법 및 그 기록매체
JP2022135170A (ja) * 2021-03-04 2022-09-15 オムロン株式会社 開発支援装置、開発支援装置の制御方法、情報処理プログラム、および記録媒体
US11632411B2 (en) * 2021-03-31 2023-04-18 Tencent America LLC Method and apparatus for cascaded multi-input content preparation templates for 5G networks
US12086262B2 (en) * 2021-07-28 2024-09-10 Red Hat, Inc. Secure container image builds
US12010145B2 (en) * 2021-07-29 2024-06-11 International Business Machines Corporation Certification of computer pipeline results
US11556351B1 (en) * 2021-10-13 2023-01-17 International Business Machines Corporation Facilitation of application containerization
US12493455B2 (en) * 2022-02-11 2025-12-09 Micro Focus Llc Container based generation of inputs for generic functions
DE102022203086A1 (de) * 2022-03-29 2023-10-05 Volkswagen Aktiengesellschaft Risikoanalyse eines verteilten Untersuchungsgegenstands
US20240354422A1 (en) * 2023-04-20 2024-10-24 Micron Technology, Inc. Certification of device calibrations

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181435A9 (en) * 2002-06-14 2004-09-16 Reinsurance Group Of America Corporation Computerized system and method of performing insurability analysis
EP1619572A1 (en) * 2004-07-23 2006-01-25 Texas Instruments Incorporated System and method of identifying and preventing security violations within a computing system
US20090320088A1 (en) * 2005-05-23 2009-12-24 Jasvir Singh Gill Access enforcer
US20070101432A1 (en) 2005-10-28 2007-05-03 Microsoft Corporation Risk driven compliance management
US8346911B2 (en) 2006-03-17 2013-01-01 International Business Machines Corporation Computer system evaluation
US20080016339A1 (en) * 2006-06-29 2008-01-17 Jayant Shukla Application Sandbox to Detect, Remove, and Prevent Malware
US9069967B2 (en) * 2007-02-16 2015-06-30 Veracode, Inc. Assessment and analysis of software security flaws
US8438609B2 (en) * 2007-03-22 2013-05-07 The Invention Science Fund I, Llc Resource authorizations dependent on emulation environment isolation policies
US8090974B1 (en) * 2008-02-08 2012-01-03 Joviandata, Inc. State machine controlled dynamic distributed computing
US8005950B1 (en) * 2008-12-09 2011-08-23 Google Inc. Application server scalability through runtime restrictions enforcement in a distributed application execution system
US20110112973A1 (en) * 2009-11-09 2011-05-12 Microsoft Corporation Automation for Governance, Risk, and Compliance Management
US9166966B2 (en) 2011-08-15 2015-10-20 Bank Of America Corporation Apparatus and method for handling transaction tokens
US20130219156A1 (en) 2012-02-22 2013-08-22 Sungard Availability Services Lp Compliance aware change control
US8918837B2 (en) * 2012-12-28 2014-12-23 Intel Corporation Web application container for client-level runtime control
US20150089300A1 (en) 2013-09-26 2015-03-26 Microsoft Corporation Automated risk tracking through compliance testing
US9519775B2 (en) 2013-10-03 2016-12-13 Qualcomm Incorporated Pre-identifying probable malicious behavior based on configuration pathways
US20160043892A1 (en) 2014-07-22 2016-02-11 Intigua, Inc. System and method for cloud based provisioning, configuring, and operating management tools
US9116768B1 (en) 2014-11-20 2015-08-25 Symantec Corporation Systems and methods for deploying applications included in application containers
JP6717206B2 (ja) * 2015-01-29 2020-07-01 日本電気株式会社 マルウェア対策装置、マルウェア対策システム、マルウェア対策方法、及び、マルウェア対策プログラム
US9646159B2 (en) 2015-03-31 2017-05-09 Juniper Networks, Inc. Multi-file malware analysis
US9785776B2 (en) 2015-04-27 2017-10-10 Iboss, Inc. High risk program identification based on program behavior
US10171310B2 (en) * 2015-06-17 2019-01-01 International Business Machines Corporation Ensuring regulatory compliance during application migration to cloud-based containers
US10223074B2 (en) * 2015-12-11 2019-03-05 International Business Machines Corporation Determining the identity of software in software containers
JP6749094B2 (ja) * 2015-12-18 2020-09-02 エヌ・ティ・ティ・コミュニケーションズ株式会社 コンテナ収容装置、コンテナ作成方法、及びプログラム
US10592664B2 (en) * 2017-02-02 2020-03-17 Cisco Technology, Inc. Container application security and protection
US10885189B2 (en) * 2017-05-22 2021-01-05 Microsoft Technology Licensing, Llc Isolated container event monitoring

Also Published As

Publication number Publication date
US10803177B2 (en) 2020-10-13
WO2019016628A1 (en) 2019-01-24
GB2578066A (en) 2020-04-15
US20190026474A1 (en) 2019-01-24
CN110914809B (zh) 2023-08-29
US10789368B2 (en) 2020-09-29
DE112018002984T5 (de) 2020-02-27
GB202000336D0 (en) 2020-02-26
GB2578066B (en) 2022-02-16
CN110914809A (zh) 2020-03-24
US20190026472A1 (en) 2019-01-24
JP2020527798A (ja) 2020-09-10

Similar Documents

Publication Publication Date Title
JP6963671B2 (ja) アプリケーションのパターンおよびリスク評価に基づくコンプライアンスを認識するランタイム生成
JP7590088B2 (ja) パイプライン・アーティファクトの選択の動的自動化
US10073974B2 (en) Generating containers for applications utilizing reduced sets of libraries based on risk analysis
US11200048B2 (en) Modification of codified infrastructure for orchestration in a multi-cloud environment
US9426030B1 (en) Automatically generating configuration images and deploying computer components in a computing environment that comprises a shared pool of configurable computing resources
US10713038B2 (en) Transparent multi-architecture support in a container based cloud
US11221855B2 (en) Transformation of an enterprise application into a cloud native application
US20180121320A1 (en) Analysis to check web api code usage and specification
US11775655B2 (en) Risk assessment of a container build
TWI810017B (zh) 經由程式簡化之訓練資料增強
US11100233B2 (en) Optimizing operating system vulnerability analysis
US12265461B2 (en) Intelligently optimized machine learning models
JP7769448B2 (ja) システム、コンピュータに実装された方法及びコンピュータプログラム
JP2024538950A (ja) 人工知能モデル学習のイントロスペクション
US11294759B2 (en) Detection of failure conditions and restoration of deployed models in a computing environment
US11243854B2 (en) System, method and recording medium for antifragile computing problem management
CN111328393B (zh) 将云计算数据表示和分析为伪系统
US12045161B2 (en) Environment specific software test failure analysis
US10778709B2 (en) Cloud-native extensibility provided to security analytics
US20230409935A1 (en) Predicting the need for xai in artificial intelligence systems

Legal Events

Date Code Title Description
A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20201028

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20201130

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20210930

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20211012

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20211015

R150 Certificate of patent or registration of utility model

Ref document number: 6963671

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150