-
公开(公告)号:US10447672B2
公开(公告)日:2019-10-15
申请号:US15482638
申请日:2017-04-07
Applicant: salesforce.com, inc.
Inventor: Kevin Venkiteswaran , Sergey Gorbaty , Bob Yao , Trevor James Bliss
IPC: H04L29/06 , H04L29/08 , G06F21/62 , G06F21/60 , G06F16/957
Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for encrypting and securely storing session data during a browser session using a session-based cryptographic key. The session data may be decrypted during the browser session or other browser sessions using the session-based cryptographic key or other backwards compatible session-based cryptographic keys. In addition, session-based cryptographic keys may be shared among browser sessions to enable encrypted session data to be decrypted across page refreshes and browser tabs.
-
公开(公告)号:US20190036929A1
公开(公告)日:2019-01-31
申请号:US16151625
申请日:2018-10-04
Applicant: salesforce.com, inc.
Inventor: Doug Chasman , Caridy Patiño , Trevor James Bliss , Sergey Gorbaty
Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.
-
公开(公告)号:US11038863B2
公开(公告)日:2021-06-15
申请号:US16557547
申请日:2019-08-30
Applicant: salesforce.com, inc.
Inventor: Kevin Venkiteswaran , Sergey Gorbaty , Bob Yao , Trevor James Bliss
IPC: H04L29/06 , H04L29/08 , G06F21/62 , G06F21/60 , G06F16/957
Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for encrypting and securely storing session data during a browser session using a session-based cryptographic key. The session data may be decrypted during the browser session or other browser sessions using the session-based cryptographic key or other backwards compatible session-based cryptographic keys. In addition, session-based cryptographic keys may be shared among browser sessions to enable encrypted session data to be decrypted across page refreshes and browser tabs.
-
公开(公告)号:US20190386971A1
公开(公告)日:2019-12-19
申请号:US16557547
申请日:2019-08-30
Applicant: salesforce.com, inc.
Inventor: Kevin Venkiteswaran , Sergey Gorbaty , Bob Yao , Trevor James Bliss
IPC: H04L29/06 , H04L29/08 , G06F21/62 , G06F21/60 , G06F16/957
Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for encrypting and securely storing session data during a browser session using a session-based cryptographic key. The session data may be decrypted during the browser session or other browser sessions using the session-based cryptographic key or other backwards compatible session-based cryptographic keys. In addition, session-based cryptographic keys may be shared among browser sessions to enable encrypted session data to be decrypted across page refreshes and browser tabs.
-
公开(公告)号:US10481996B2
公开(公告)日:2019-11-19
申请号:US16271210
申请日:2019-02-08
Applicant: Salesforce.com, Inc.
Inventor: Sergey Gorbaty
Abstract: Computer program, methods, and systems for code modification of a programming language platform and a software application in an intermediate language at different times are disclosed. The methods and system may modify a portion of the programming language platform in the intermediate language at a first time to alter a functionality of or add a new functionality to the programming language platform; and may modify the software application in the intermediate language at a second time different from the first time, where the software application may be modified based on a runtime analysis rule that uses the altered or added new functionality of the programming language platform. The modified programming language platform may be included in a first package, and the modified software application may be included in a second package, and executed on the modified programming language platform.
-
Patent Agency Ranking
公开(公告)号:US11025629B2
公开(公告)日:2021-06-01
申请号:US16151625
申请日:2018-10-04
Applicant: salesforce.com, inc.
Inventor: Doug Chasman , Caridy Patiño , Trevor James Bliss , Sergey Gorbaty
Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.
-
公开(公告)号:US10380347B2
公开(公告)日:2019-08-13
申请号:US15177017
申请日:2016-06-08
Applicant: salesforce.com, inc.
Inventor: Sergey Gorbaty , Travis Safford , Xiaoran Wang
Abstract: A runtime analysis framework (RTA) stores a hierarchical list of input tags and a hierarchical list of output tags. The RTA stores defined vulnerabilities that include associated input tags and output tags. During runtime the software application may receive a request from a user system. The RTA assigns an input tag from the hierarchical list of input tags to an object associated with the request and assigns an output tag from the hierarchical list of output tags to a method generating a response to the request. The RTA identifies one of the defined vulnerabilities as a potential vulnerability if the assigned output tag and output tag associated the potential vulnerability are in a same subtree of the hierarchical list of output tags and the assigned input tag and the input tag associated with the potential vulnerability are in a same subtree of the hierarchical list of input tags.
-
公开(公告)号:US10140456B2
公开(公告)日:2018-11-27
申请号:US15176963
申请日:2016-06-08
Applicant: salesforce.com, inc.
Inventor: Sergey Gorbaty , Travis Safford , Xiaoran Wang , Yoel Gluck
Abstract: During runtime of the software application, the runtime analysis framework may assign input tags to objects associated with the user requests. The input tags may identify the requests as potentially malicious and carry a security risk. The RTA framework then may assign sanitization tags to the objects identifying security checks performed on the objects during runtime. The RTA framework identifies output responses to the user requests that include the objects and compares the input tags assigned to the objects with any sanitization tags assigned to the objects. The RTA framework may identify the software application as susceptible to a security vulnerability when the input tags for the objects do not include corresponding sanitization tags.
-
公开(公告)号:US10129258B2
公开(公告)日:2018-11-13
申请号:US15364939
申请日:2016-11-30
Applicant: salesforce.com, inc.
Inventor: Doug Chasman , Caridy Patiño , Trevor James Bliss , Sergey Gorbaty
Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.
-
公开(公告)号:US20180152456A1
公开(公告)日:2018-05-31
申请号:US15364929
申请日:2016-11-30
Applicant: salesforce.com, inc.
Inventor: Doug Chasman , Caridy Patiño , Trevor James Bliss , Sergey Gorbaty
IPC: H04L29/06
CPC classification number: H04L63/101 , G06F21/6218 , H04L63/06
Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the components modeled in hierarchical form. Each API component is assigned to a system mode setting, where the system mode setting is configured to provide the API component access to all of the components in the application. One or more secure documents are generated for each custom component, with each secure document containing a key in accordance with the rules of capability security. Each custom component is then assigned to a user mode setting, where the user mode setting is configured to provide custom components access to other components in the application for which a key can be provided.
-
-
-
-
-
-
-
-
-
Search Results
15
records
(took 0.015 seconds)
