Patents by Inventor Jeffrey Charles Turnham
Jeffrey Charles Turnham has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10482262Abstract: An application analysis platform enables automatic generation of abstract program representations (APRs) that are amenable to static analyses for finding security vulnerabilities. The APR is generated automatically, preferably from an existing build system or a source repository, and then encapsulated into a binary archival format for consumption by a static analysis tool, which operates on-premises or in the cloud. The abstract program representation is a highly compact version of the actual source code it represents. The archival format obfuscates the source code that is subjected to the analysis, thus protecting it from being reverse-engineered when moved off-premises or otherwise shared with other users, teams and even organizations.Type: GrantFiled: October 9, 2017Date of Patent: November 19, 2019Assignee: International Business Machines CorporationInventors: Babita Sharma, Andrew Mak, Richard Myer Goldberg, John Thomas Peyton, Jr., Jeffrey Charles Turnham, Matthew Francis Murphy, Hua Xiao
-
Publication number: 20180032737Abstract: An application analysis platform enables automatic generation of abstract program representations (APRs) that are amenable to static analyses for finding security vulnerabilities. The APR is generated automatically, preferably from an existing build system or a source repository, and then encapsulated into a binary archival format for consumption by a static analysis tool, which operates on-premises or in the cloud. The abstract program representation is a highly compact version of the actual source code it represents. The archival format obfuscates the source code that is subjected to the analysis, thus protecting it from being reverse-engineered when moved off-premises or otherwise shared with other users, teams and even organizations.Type: ApplicationFiled: October 9, 2017Publication date: February 1, 2018Inventors: Babita Sharma, Andrew Mak, Richard Myer Goldberg, John Thomas Peyton, JR., Jeffrey Charles Turnham, Matthew Francis Murphy, Hua Xiao
-
Patent number: 9785777Abstract: An application analysis platform enables automatic generation of abstract program representations (APRs) that are amenable to static analyzes for finding security vulnerabilities. The APR is generated automatically, preferably from an existing build system or a source repository, and then encapsulated into a binary archival format for consumption by a static analysis tool, which operates on-premises or in the cloud. The abstract program representation is a highly compact version of the actual source code it represents. The archival format obfuscates the source code that is subjected to the analysis, thus protecting it from being reverse-engineered when moved off-premises or otherwise shared with other users, teams and even organizations.Type: GrantFiled: December 19, 2014Date of Patent: October 10, 2017Assignee: International Business Machines CorporationInventors: Babita Sharma, Andrew Mak, Richard Myer Goldberg, John Thomas Peyton, Jr., Jeffrey Charles Turnham, Matthew Francis Murphy, Hua Xiao
-
Patent number: 9779252Abstract: A cloud-based static analysis security tool that is accessible by a set of application development environments is augmented to provide for anonymous knowledge sharing to facilitate reducing security vulnerabilities. To the end, a crowdsourcing platform and social network are associated with the application development environments. Access to the social network platform by users of the application development environments is enabled. The anonymous access enables users to post messages without exposing sensitive data associated with a particular application development environment. As the static analysis security tool is used, a knowledgebase of information regarding identified security findings, fix priorities, and so forth, is continuously updated. Social network content (e.g., in the form of analytics, workflow recommendations, and the like) is then published from the knowledgebase to provide users with security knowledge generated by the tool from the set of application development environments.Type: GrantFiled: December 27, 2016Date of Patent: October 3, 2017Assignee: International Business Machines CorporationInventors: Babita Sharma, Richard Myer Goldberg, Jeffrey Charles Turnham
-
Publication number: 20170177879Abstract: A cloud-based static analysis security tool that is accessible by a set of application development environments is augmented to provide for anonymous knowledge sharing to facilitate reducing security vulnerabilities. To the end, a crowdsourcing platform and social network are associated with the application development environments. Access to the social network platform by users of the application development environments is enabled. The anonymous access enables users to post messages without exposing sensitive data associated with a particular application development environment. As the static analysis security tool is used, a knowledgebase of information regarding identified security findings, fix priorities, and so forth, is continuously updated. Social network content (e.g., in the form of analytics, workflow recommendations, and the like) is then published from the knowledgebase to provide users with security knowledge generated by the tool from the set of application development environments.Type: ApplicationFiled: December 27, 2016Publication date: June 22, 2017Inventors: Babita Sharma, Richard Myer Goldberg, Jeffrey Charles Turnham
-
Patent number: 9544327Abstract: A cloud-based static analysis security tool accessible by a set of application development environments is augmented to provide for anonymous knowledge sharing to facilitate reducing security vulnerabilities. To the end, a crowdsourcing platform and social network are associated with the application development environments. Access to the social network platform by users of the application development environments is enabled. The anonymous access enables users to post messages without exposing sensitive data associated with a particular application development environment. As the static analysis security tool is used, a knowledgebase of information regarding identified security findings, fix priorities, and so forth, is continuously updated. Social network content (e.g., in the form of analytics, workflow recommendations, and the like) is then published from the knowledgebase to provide users with security knowledge generated by the tool from the set of application development environments.Type: GrantFiled: November 20, 2015Date of Patent: January 10, 2017Assignee: International Business Machines CorporationInventors: Babita Sharma, Kristofer Alyn Duer, Richard Myer Goldberg, Stephen Darwin Teilhet, Jeffrey Charles Turnham, Shu Wang, Hua Xiao
-
Patent number: 9531745Abstract: A cloud-based static analysis security tool that is accessible by a set of application development environments is augmented to provide for anonymous knowledge sharing to facilitate reducing security vulnerabilities. To the end, a crowdsourcing platform and social network are associated with the application development environments. Access to the social network platform by users of the application development environments is enabled. The anonymous access enables users to post messages without exposing sensitive data associated with a particular application development environment. As the static analysis security tool is used, a knowledgebase of information regarding identified security findings, fix priorities, and so forth, is continuously updated. Social network content (e.g., in the form of analytics, workflow recommendations, and the like) is then published from the knowledgebase to provide users with security knowledge generated by the tool from the set of application development environments.Type: GrantFiled: November 20, 2015Date of Patent: December 27, 2016Assignee: International Business Machines CorporationInventors: Babita Sharma, Richard Myer Goldberg, Jeffrey Charles Turnham
-
Publication number: 20160180096Abstract: An application analysis platform enables automatic generation of abstract program representations (APRs) that are amenable to static analyses for finding security vulnerabilities. The APR is generated automatically, preferably from an existing build system or a source repository, and then encapsulated into a binary archival format for consumption by a static analysis tool, which operates on-premises or in the cloud. The abstract program representation is a highly compact version of the actual source code it represents. The archival format obfuscates the source code that is subjected to the analysis, thus protecting it from being reverse-engineered when moved off-premises or otherwise shared with other users, teams and even organizations.Type: ApplicationFiled: December 19, 2014Publication date: June 23, 2016Inventors: Babita Sharma, Andrew Mak, Richard Myer Goldberg, John Thomas Peyton, JR., Jeffrey Charles Turnham, Matthew Francis Murphy, Hua Xiao
-
Patent number: 8141158Abstract: A computer implemented method, a data processing system, and a computer usable recordable-type medium having a computer usable program code monitor a black box web application security scan. A black box scan of a web application is initiated. The black box scan sends a test is sent to a plurality of web application inputs of the web application. A runtime analysis is performed on the black box scan of the web application. Based on the run time analysis of the black box scan, the black box scan is modified.Type: GrantFiled: December 31, 2008Date of Patent: March 20, 2012Assignee: International Business Machines CorporationInventors: Robert Calendino, Craig Ronald Earl Conboy, Ashish Patel, Guy Podjarny, Jeffrey Charles Turnham
-
Publication number: 20100169974Abstract: A computer implemented method, a data processing system, and a computer usable recordable-type medium having a computer usable program code monitor a black box web application security scan. A black box scan of a web application is initiated. The black box scan sends a test is sent to a plurality of web application inputs of the web application. A runtime analysis is performed on the black box scan of the web application. Based on the run time analysis of the black box scan, the black box scan is modified.Type: ApplicationFiled: December 31, 2008Publication date: July 1, 2010Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Robert Calendino, Craig Ronald Earl Conboy, Ashish Patel, Guy Podjarny, Jeffrey Charles Turnham