Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test, receiving tool data from a register of tools, the tool data including one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool, processing the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data including a plurality of data sets and links between data sets, and providing the attack tree data to display a graphical representation of an attack tree on a display.

Abstract: Embodiments are configured for automating security design in IoT systems. The achievable security level for any given IoT system may be assessed based on the capabilities of each of the entities involved in its data path to generate a set of security policies for the IoT system. The capabilities of each entity involved in the IoT data path can be evaluated together with the capabilities of the communication links between entities. Based on these capabilities and user security preferences, the security policies can be generated to achieve a target level security. Based on this approach, security designs of IoT architectures can be developed through automated information collection.

Abstract: A component selector may select a first software component stored in a software component library in conjunction with a first annotation, the first annotation being linked to a second annotation of a second software component via a link. An evaluation engine may evaluate a property expressed by the first annotation relative to a requirement expressed by the second annotation, and thereby verify compliance of the first software component and the second software component for inclusion within a software application being developed. A component update monitor may re-verify the compliance, based on an update to at least one of the first software component and the second software component.

Abstract: A set of data is received for a data analysis. The set of data includes personal identifiable information. The set of data is anonymized to protect the privacy information. Risk rates and utility rates are determined for a number of combinations of anonymization techniques defined correspondingly for data fields from the set of data. A risk rate is related to a privacy protection failure when defining first anonymized data through applying a combination of anonymization techniques for the data fields. A utility rate is related to accuracy of the data analysis when applied over the anonymized data. Based on evaluation of the risk rates and the utility rates, one or more anonymization techniques from the number of anonymization techniques are determined. The set of data is anonymized according to a determined anonymization techniques and/or a combination thereof.

Abstract: A multi-domain decision manager facilitates software development of a software application across knowledge domains, based on relationships between a first knowledge domain and a second knowledge domain. The multi-domain decision manager includes an assessment engine configured to construct a first assessment as an instantiation of a first knowledge base model of the first knowledge domain, and a second assessment as an instantiation of a second knowledge base model of the second knowledge domain. A relationship engine may be configured to characterize relationships between the first assessment and the second assessment, wherein the relationships characterize a likelihood that inclusion of a first selectable assessment option of the first assessment is associated with inclusion of a second selectable assessment option of the second assessment.

Abstract: A multi-domain decision manager facilitates software development of a software application across knowledge domains, based on relationships between a first knowledge domain and a second knowledge domain. The multi-domain decision manager includes an assessment engine configured to construct a first assessment as an instantiation of a first knowledge base model of the first knowledge domain, and a second assessment as an instantiation of a second knowledge base model of the second knowledge domain. A relationship engine may be configured to characterize relationships between the first assessment and the second assessment, wherein the relationships characterize a likelihood that inclusion of a first selectable assessment option of the first assessment is associated with inclusion of a second selectable assessment option of the second assessment.

Abstract: A component selector may select a first software component stored in a software component library in conjunction with a first annotation, the first annotation being linked to a second annotation of a second software component via a link. An evaluation engine may evaluate a property expressed by the first annotation relative to a requirement expressed by the second annotation, and thereby verify compliance of the first software component and the second software component for inclusion within a software application being developed. A component update monitor may re-verify the compliance, based on an update to at least one of the first software component and the second software component.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving parameters defining a detection technique, an attack scenario, and detection logic, receiving configuration data that is specific to a target system that is to be monitored, providing an attack pattern based on the parameters and the configuration data, monitoring the target system based on the attack pattern and data provided by one or more logs of the target system, and selectively generating, based on monitoring, an alert indicating a potential end-to-end intrusion into the target system.

Abstract: According to some embodiments, a list of files comprising each file in a data repository that is associated with the website is determined. A list of user roles comprising each user role in the data repository that is associated with the website is determined. Each file in the list of files based on each user role in the list of user roles is attempted to be accessed and a report indicating the success or failure of the attempt to access each file in the list of files based on each user role in the list of user roles is created.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for receiving goal data and start-up information, the goal data indicating a goal to be achieved during a penetration test, the start-up information indicating initial data for beginning the penetration test, receiving tool data from a register of tools, the tool data including one or more tools that can be used during the penetration test, and, for each tool, input data required to execute the tool and output data provided by the tool, processing the goal data, the start-up information and the tool data to automatically generate attack tree data, the attack tree data including a plurality of data sets and links between data sets, and providing the attack tree data to display a graphical representation of an attack tree on a display.

Abstract: A mapping engine may be used to determine an attack model enumerating software attacks, the software attacks being represented by linked attack components, and may be used to determine a software architecture to be tested, the software architecture being represented by linked architectural components in an architecture diagram. The mapping engine may then associate each attack component and each architectural component with at least one attack tag characterizing attack requirements. A global test plan generator may be used to determine an attack test model, including associating attack components with corresponding architectural components, based on associated attack tags, and may thus generate attack test workflows from the attack test model, to thereby test the software architecture.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for providing application attack monitoring. Actions can include: obtaining a security graph model associated with an attack vulnerability of a distributed application, the security graph model comprising a plurality of rule parts; screening log data obtained by a plurality of connectors to selectively obtain relevant log data corresponding to one or more of the rule parts, each connector being in communication with a respective components of the distributed application; evaluating the relevant log data based on the security graph model to provide an evaluation score; and in response to determining that the evaluation score is greater than a predetermined threshold, providing output indicating an attack on the distributed application.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for providing secure mobile data sharing. Actions can include: receiving, by the one or more processors, a request for secure mobile data sharing, the request being received from a mobile device and comprising a security definition; obtaining, by the one or more processors, based at least in part on the security definition of the request: a decryption key, a recipient identifier, and a security policy; receiving, by the one or more processors, a decryption request from a third-party device, the decryption request comprising an identifier distinguishing the third-party device as a recipient of an encrypted message corresponding to the decryption key; and providing the decryption key to the third-party device in response to validating the decryption request.

Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage mediums for providing application attack monitoring. Actions can include: obtaining a security graph model associated with an attack vulnerability of a distributed application, the security graph model comprising a plurality of rule parts; screening log data obtained by a plurality of connectors to selectively obtain relevant log data corresponding to one or more of the rule parts, each connector being in communication with a respective components of the distributed application; evaluating the relevant log data based on the security graph model to provide an evaluation score; and in response to determining that the evaluation score is greater than a predetermined threshold, providing output indicating an attack on the distributed application.

Abstract: According to some embodiments, a list of files comprising each file in a data repository that is associated with the website is determined. A list of user roles comprising each user role in the data repository that is associated with the website is determined. Each file in the list of files based on each user role in the list of user roles is attempted to be accessed and a report indicating the success or failure of the attempt to access each file in the list of files based on each user role in the list of user roles is created.

Abstract: There are provided a method, a system and an initiator server for a secure execution of workflow tasks of a workflow to be executed according to a given execution pattern in a distributed workflow management system within a decentralized network system with a plurality of servers (b0, b1, . . . , bn) including at least an initiator server and at least a number of groups of servers of the plurality of servers. Each group satisfies a policy (poli) of a vertex, and thus, knows a corresponding policy key pair including a policy private key (SKpoli) and a policy public key (PKpoli), respectively. Each vertex denotes a set of workflow tasks to be executed in accord with the execution pattern and is assigned a vertex key pair including a vertex private key and a vertex public key.

Abstract: A mapping engine may be used to determine an attack model enumerating software attacks, the software attacks being represented by linked attack components, and may be used to determine a software architecture to be tested, the software architecture being represented by linked architectural components in an architecture diagram. The mapping engine may then associate each attack component and each architectural component with at least one attack tag characterizing attack requirements. A global test plan generator may be used to determine an attack test model, including associating attack components with corresponding architectural components, based on associated attack tags, and may thus generate attack test workflows from the attack test model, to thereby test the software architecture.

Abstract: A request handler may receive an access request for access to application server resources of an application server and determine that the access request is unauthorized. A response manager may provide a false positive response including apparent access to the application server resources.

Abstract: Techniques for managing a display of a system architecture include displaying a first visual representation of the system architecture that includes respective virtual representations of at least two components of the system architecture at a first level of detail; displaying a first virtual representation of a semantically relevant connector that extends between the two components of the system architecture at the first level of detail; receiving a request from a user to display a second visual representation of the system architecture; and generating a second visual representation of the system architecture for display, that includes respective virtual representations of the at least two components of the system architecture at a second level of detail different than the first level of detail, and a second virtual representation of the semantically relevant connector that extends between the at least two components of the system architecture at the second level of detail.

Abstract: The present description refers in particular to a computer-implemented method, computer program product, and computer system for trust evaluation of sensor data during at least part of a sensor data life-cycle. The computer-implemented method may include evaluating an acquisition trust value (ATV) of sensor data at a sensor data acquisition module from at least one sensor node in a wireless sensor network (WSN), wherein the WSN comprises at least one sink, evaluating a delivery trust value (DTV) of sensor data at a sensor data delivery module from a sending entity to a receiving entity; and evaluating a processing trust value (PTV) at a sensor data processing module in a processing entity, to obtain a trust evaluation of the sensor data.