Identifying security risks in code using security metric comparison

An example system includes a processor to receive a source code and history information, wherein the history information includes a version control history or a defect history, or a combination of the version control history and the defect history. The processor is to also divide the source code int...

Full description

Saved in:
Bibliographic Details
Main Authors Raz, Orna, Brodie, Aharon, Derobertis, Christopher V
Format Patent
LanguageEnglish
Published 09.06.2020
Subjects
CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

Abstract An example system includes a processor to receive a source code and history information, wherein the history information includes a version control history or a defect history, or a combination of the version control history and the defect history. The processor is to also divide the source code into security-related components and security-non-related components. The processor is to further calculate security metrics for each of the security-related components and each of the security-non-related components based on the history information. The processor is also to compare the security metrics of the security-related components with the security metrics of the security-non-related components. The processor is to further generate a visual representation comprising a highlighted area of concern based on the comparison.
AbstractList An example system includes a processor to receive a source code and history information, wherein the history information includes a version control history or a defect history, or a combination of the version control history and the defect history. The processor is to also divide the source code into security-related components and security-non-related components. The processor is to further calculate security metrics for each of the security-related components and each of the security-non-related components based on the history information. The processor is also to compare the security metrics of the security-related components with the security metrics of the security-non-related components. The processor is to further generate a visual representation comprising a highlighted area of concern based on the comparison.
Author Raz, Orna
Derobertis, Christopher V
Brodie, Aharon
Author_xml – fullname: Raz, Orna
– fullname: Brodie, Aharon
– fullname: Derobertis, Christopher V
BookMark eNrjYmDJy89L5WRw9kxJzSvJTKvMzEtXKE5NLi3KLKlUKMoszi5WyMxTSM5PSVUoLUaRzE0tKcpMBkrlFiQCFebn8TCwpiXmFKfyQmluBkU31xBnD93Ugvz41OKCxOTUvNSS-NBgQwMzcwtLIzMnI2Ni1AAA6HA1Fw
ContentType Patent
DBID EVB
DatabaseName esp@cenet
DatabaseTitleList
Database_xml – sequence: 1
  dbid: EVB
  name: esp@cenet
  url: http://worldwide.espacenet.com/singleLineSearch?locale=en_EP
  sourceTypes: Open Access Repository
DeliveryMethod fulltext_linktorsrc
Discipline Medicine
Chemistry
Sciences
Physics
ExternalDocumentID US10678926B2
GroupedDBID EVB
ID FETCH-epo_espacenet_US10678926B23
IEDL.DBID EVB
IngestDate Fri Jul 19 15:04:31 EDT 2024
IsOpenAccess true
IsPeerReviewed false
IsScholarly false
Language English
LinkModel DirectLink
MergedId FETCHMERGED-epo_espacenet_US10678926B23
Notes Application Number: US201715401118
OpenAccessLink https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200609&DB=EPODOC&CC=US&NR=10678926B2
ParticipantIDs epo_espacenet_US10678926B2
PublicationCentury 2000
PublicationDate 20200609
PublicationDateYYYYMMDD 2020-06-09
PublicationDate_xml – month: 06
  year: 2020
  text: 20200609
  day: 09
PublicationDecade 2020
PublicationYear 2020
RelatedCompanies International Business Machines Corporation
RelatedCompanies_xml – name: International Business Machines Corporation
Score 3.2725625
Snippet An example system includes a processor to receive a source code and history information, wherein the history information includes a version control history or...
SourceID epo
SourceType Open Access Repository
SubjectTerms CALCULATING
COMPUTING
COUNTING
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRIC DIGITAL DATA PROCESSING
ELECTRICITY
PHYSICS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Title Identifying security risks in code using security metric comparison
URI https://worldwide.espacenet.com/publicationDetails/biblio?FT=D&date=20200609&DB=EPODOC&locale=&CC=US&NR=10678926B2
hasFullText 1
inHoldings 1
isFullTextHit
isPrint
link http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV1bS8MwFD6MeX3Tqui8EEH6Vsxc2tmHIjRtGcIuuFX2NtKYwgS7YSv-fU9id3nR1wRCcuDknJN833cA7nLMsVnmUactlXAYY7kjsG5wXCaExPRBuIYh1x94vZQ9T91pA95XXBijE_ptxBHRoyT6e2Xu6-XmESsy2MryPpvj0OIpmQSRXVfHuj6mvh2FQTwaRkNucx6kY3vwEmiltEf_wQvxut7BNLqrvSF-DTUrZbkdUpIj2B3hakV1DA1VWHDAV53XLNjv1x_eFuwZhKYscbD2wvIE-C-71jCUSFk3oCMaJF6SeUE0S51oPPvW5IdunCWJXHcdPIXbJJ7wnoP7mq2NMEvHmyN0zqBZLAp1DoTmb0ayq511KcYjIXLPoxLLPqW16Ri7gNbf67T-m7yEQ21QA4vyr6BZfX6pawzAVXZjLPcDDDWKUw
link.rule.ids 230,309,783,888,25576,76876
linkProvider European Patent Office
linkToHtml http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwfV3dS8MwED_G_JhvWhWdXxGkb8Vupp19KELTlaprN9wmextpbGGC3bAV_30vsft40dcEQnJwubvk9_sdwE2GOTZNbNNoiZQblNLM4Fg3GBblXGD6wC3FkItiOxzTp4k1qcH7kgujdEK_lTgiepRAfy_Vfb1YP2L5CltZ3CYzHJo_BCPX16vqWNbHpqP7ntsd9P0-0xlzx0M9fnGlUtq907Y9vK63MMXuSG_ovnqSlbLYDCnBPmwPcLW8PIBammvQYMvOaxrsRtWHtwY7CqEpChysvLA4BPbLrlUMJVJUDeiIBIkXZJYTyVInEs--MfkhG2cJIlZdB4_gOuiOWGjgvqYrI0zHw_UR7o6hns_z9ASImb0pya5W0jExHnGe2bYpsOxLpTYdpafQ_Hud5n-TV9AIR1Fv2nuMn89gTxpXQaScc6iXn1_pBQbjMrlUVvwBtOeNRg
openUrl ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Apatent&rft.title=Identifying+security+risks+in+code+using+security+metric+comparison&rft.inventor=Raz%2C+Orna&rft.inventor=Brodie%2C+Aharon&rft.inventor=Derobertis%2C+Christopher+V&rft.date=2020-06-09&rft.externalDBID=B2&rft.externalDocID=US10678926B2