Abstract: Searching a service registry system including a plurality of services identified by respective service names, wherein at least some of said service names being associated with a set of client identifiers, includes receiving a search request, said request including a service name and a further set of client identifiers, searching, using a processor, the service registry system for a match between the requested service name and a service name of one of said services in the service registry system, and, in the absence of such a match, searching, using the processor, the service registry system for services that have an association with at least some of the client identifiers in said further set. A search result can be returned.

Abstract: A method detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

Abstract: The disclosed embodiments include systems, methods, and computer readable media configured to classify graphical user interface items according to their exposure to security sensitive operations. The techniques described in the disclosed embodiments may be used to reduce the risk of application errors by disabling graphical user interface items. Thus, the techniques may be used to minimize the risk of system crashes caused by restricting application access to a certain resource. As a result, the disclosed embodiments improve usability of application running in a restricted mode.

Abstract: Black-box security testing for a Web application includes identifying infrastructure supporting the Web application, obtaining vulnerability data for the Web application from an external data source according to the infrastructure, deriving a test payload from the vulnerability data using a processor, and determining a type of vulnerability exploited by the test payload. An existing validation operation of a testing system is selected for validating a response from the Web application to the test payload according to the type of vulnerability.

Abstract: Black-box security testing for a Web application includes identifying infrastructure supporting the Web application, obtaining vulnerability data for the Web application from an external data source according to the infrastructure, deriving a test payload from the vulnerability data using a processor, and determining a type of vulnerability exploited by the test payload. An existing validation operation of a testing system is selected for validating a response from the Web application to the test payload according to the type of vulnerability.

Abstract: A system for detecting a vulnerability in a Web service can include a processor configured to initiate executable operations including determining whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service and, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

Abstract: A method detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

Abstract: A method of detecting a vulnerability in a Web service can include determining, using a processor, whether a Web service uses identity of a requester to select one of a plurality of different paths of a branch in program code of the Web service. The method further can include, responsive to determining that the Web service does select one of a plurality of different paths of a branch according to identity of the requester, indicating that the Web service has a potential vulnerability.

Abstract: The present disclosure relates to an intelligent service (e.g., a smart home, a smart building, a smart car, etc.) based on a 5G communication technology and an IoT related technology. In accordance with an embodiment of the present disclosure, a method is provided for detecting, by a web server in a wireless communication system, a malicious code which is injected into the command stream of a widget miming on a web-based OS in a device. The method includes: analyzing the widget in the web server; determining at least one invariant condition constantly maintained and conserved while the widget is running, on the basis of a result of the analyzing; generating a metadata file including data satisfying the at least one invariant condition; and associating the metadata file with the widget and providing the widget in a state in which the associated metadata file is included in the widget.

Abstract: Disclosed embodiments include systems, methods, and computer-readable media for maintaining and accessing security metadata associated with a micro service. Aspects include generating security metadata associated with a micro service. The security metadata may be separate from an executable portion of the micro service and define a plurality of security attributes of the micro service. Examples of security attributes include a security grade level for the micro service, a security sensitive operation that the micro service is programmed to perform, a function classification for the micro service, and an idempotence property for the micro service, among others. Aspects also include accessing the security metadata, and determining, based on the security metadata, whether to perform a control action of various different types for the micro service.

Abstract: The disclosed embodiments include systems, methods, and computer-readable media configured to detect client-side exploits. The techniques described in the disclosed embodiments may be used to minimize the attack surface of the client devices. Thus, the techniques may be used to reduce injection-type cyberattacks on client devices by detecting anomalies occurring in the client devices. As a result, the disclosed embodiments reduce the vulnerabilities and weaknesses associated with web applications and other client applications.

Abstract: The disclosed embodiments include systems, methods, and computer readable media configured to classify graphical user interface items according to their exposure to security sensitive operations. The techniques described in the disclosed embodiments may be used to reduce the risk of application errors by disabling graphical user interface items. Thus, the techniques may be used to minimize the risk of system crashes caused by restricting application access to a certain resource. As a result, the disclosed embodiments improve usability of application running in a restricted mode.

Abstract: A technique for synthesizing tests from a Web service document includes locating at least one parameter for at least one client to server function call in a Web service document. Client validation constraints for the at least one parameter are discovered. Server validation constraints for the at least one parameter in the Web service document are discovered. At least one range for the at least one parameter that will be accepted by the server and not be accepted by the client is discovered. Tests using parameter values from the discovered at least one range are synthesized.

Abstract: A hybrid program analysis method includes initiating a static program analysis of an application, generating, by a static program analyzer, a query to a dynamic program analyzer upon determining a code construct of the application requiring dynamic analysis, resolving, by the dynamic program analyzer, the query into a set of arguments with which to invoke the code construct of the application, generating, by the dynamic program analyzer, the set of arguments, invoking, by the dynamic program analyzer, the code construct of the application using set of arguments, answering, by the dynamic program analyzer, the query, and continuing the static program analysis of the application.

Abstract: A method, system, and/or computer program product invokes a web service in a software application. A software application comprises a machine readable description of a functionality to be supported by a web service to be invoked, and a machine readable description of an execution instruction for the web service to be invoked. One or more processors determine/identify a web service that supports the functionality to be supported and the execution instruction for the web service to be invoked.

Abstract: Searching a service registry system including a plurality of services identified by respective service names, wherein at least some of said service names being associated with a set of client identifiers, includes receiving a search request, said request including a service name and a further set of client identifiers, searching, using a processor, the service registry system for a match between the requested service name and a service name of one of said services in the service registry system, and, in the absence of such a match, searching, using the processor, the service registry system for services that have an association with at least some of the client identifiers in said further set. A search result can be returned.

Abstract: Searching a service registry system including a plurality of services identified by respective service names, wherein at least some of said service names being associated with a set of client identifiers, includes receiving a search request, said request including a service name and a further set of client identifiers, searching, using a processor, the service registry system for a match between the requested service name and a service name of one of said services in the service registry system, and, in the absence of such a match, searching, using the processor, the service registry system for services that have an association with at least some of the client identifiers in said further set. A search result can be returned.

Abstract: The present disclosure relates to a communication technique for fusing a 5G communication system for supporting a high data transmission rate after a 4G system with the IoT technology, and a system thereof. The present disclosure can be applied to an intelligent service (e.g., a smart home, a smart building, a smart city, a smart car or connected car, healthcare, digital education, retail business, security and safety related service, etc.) based on the 5G communication technology and the IoT related technology. In accordance with an embodiment of the present disclosure, a method for detecting a malicious code which is injected into the command stream of a widget miming on a web-based OS in a device by a web server in a wireless communication system is provided.

Abstract: Testing computer software applications includes comparing multiple execution paths associated with multiple interactions performed with a computer software application during execution of the computer software application in order to determine which of the execution paths are similar in accordance with a predefined similarity criterion, identifying a subset of the interactions whose associated execution paths are similar in accordance with the predefined similarity criterion, and performing fewer than all of the interactions in the subset with the computer software application during execution of the computer software application.

Abstract: Detecting error states when interacting with web applications is performed by accessing a first web page of a web application, determining that the first web page includes an input validation operation, configuring an input to cause the input validation operation to effect an error state, providing the input to the first web page, thereby effecting the error state, identifying a feature that is absent from the first web page before the input is provided to the first web page and present in the first web page after the input is provided to the first web page, and detecting that a second web page of the web application is in an error state if the feature is present in the second web page.