Data processing: software development – installation – and managem – Software program development tool – Testing or debugging
Reexamination Certificate
2006-05-23
2010-12-07
Dam, Tuan Q (Department: 2192)
Data processing: software development, installation, and managem
Software program development tool
Testing or debugging
C717S108000, C717S127000, C717S131000, C726S025000, C714S025000, C714S038110, C714S046000, C709S203000
Reexamination Certificate
active
07849448
ABSTRACT:
A technique for testing applications for vulnerabilities that may be as a result of loosely defined criteria and restrictions associated with interfacing to the applications. Interfaces associated with an application to be tested are identified. The interfaces may include the names of services provided by the application as well as parameters that are passed to the services. One or more mutant requests containing one or more mutations are then generated based on the identified interfaces. The application is then attacked by forwarding the mutant requests to the application. Vulnerabilities of the application that were exposed as a result of the attack are then detected.
REFERENCES:
patent: 5892903 (1999-04-01), Klaus
patent: 6584569 (2003-06-01), Reshef et al.
patent: 7028223 (2006-04-01), Kolawa et al.
patent: 2005/0154939 (2005-07-01), De Pauw et al.
patent: 2006/0101397 (2006-05-01), Mercer et al.
Suet Chun Lee, “Generating Test Cases XML-based Web Component Interactions Using Mutation Analysis”, 12th IEEE International Symposium on Software Re-liability Engineering, pp. 200-209, Nov. 2001.
“XML Schema Part 2: Datatypes Second Edition”, World Wide Web Consortium (W3C) Recommendation, Oct. 28, 2004, pp. 1-131.
“XML Schema Part 1: Structures Second Edition”, W3C Recommendation, Oct. 28, 2004, pp. 1-191.
“XML Schema Part 0: Primer Second Edition”, W3C Recommendation, Oct. 28, 2004, pp. 1-69.
“Basic Profile Version 1.1 Final Material”, Web Services Interoperability Organization (WS-I), Aug. 24, 2004, pp. 1-45.
“Simple Object Access Protocol (SOAP) 1.1”, W3C Note, May 8, 2000, pp. 1-32.
Mallal Rizwan
Yunus Mamoon
Crosscheck Networks
Dam Tuan Q
Hamilton Brook Smith & Reynolds P.C.
Tecklu Isaac T
LandOfFree
Technique for determining web services vulnerabilities and... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Technique for determining web services vulnerabilities and..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Technique for determining web services vulnerabilities and... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4168549