Enhancing container security by performing container vulnerability reduction based on static analysis of dynamically loaded symbols and system call blocking
US-2024220632-A1 · Jul 4, 2024 · US
Information processing apparatus and control method of the same
US8955116B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-8955116-B2 |
| Application number | US-201213605634-A |
| Country | US |
| Kind code | B2 |
| Filing date | Sep 6, 2012 |
| Priority date | Sep 15, 2011 |
| Publication date | Feb 10, 2015 |
| Grant date | Feb 10, 2015 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A device function to be used by an application is specified, a risk level of the specified device function is acquired, and a risk level of the application is calculated based on the acquired risk level of the device function.
First claim
Opening claim text (preview).
What is claimed is: 1. An information processing apparatus comprising: a microprocessor and memory; a specification unit configured to specify a device function to be used by an application; an acquisition unit configured to acquire a risk level of the specified device function; a calculation unit configured to calculate a risk level of the application from the acquired risk level of the device function; and a control unit configured to control whether to install the application based on the risk level of the application and a threshold, wherein in a case where the control unit installs the application, the installed application uses the specified device function having the risk level contributing to an acceptable risk level of the installed application and in a case where the control unit doesn't install the application, the control unit causes a display unit to display a message that the application has a high risk level; a presentation unit configured to present, to a user, a user interface screen to inquire whether the risk level of the specified device function is to be changed or the threshold is to be changed, according to an operation by the user on a user interface item displayed with the message; and a changing unit configured to change the risk level of the specified device function so that the risk level of the application is less than the threshold in a case where an operation by the user on the user interface screen presented by the presentation unit is an instruction to change the risk level of the specified device function, and the changing unit configured to change the threshold to a value larger than the risk level of the specified device function in a case where the operation by the user is an instruction to change the threshold, wherein the control unit is configured to install the application based on the changed risk level of the application and the threshold or the risk level of the application and the chanced threshold. 2. The information processing apparatus according to claim 1 , further comprising a setting unit configured to set a device function weighting to be used during calculation by the calculation unit. 3. The information processing apparatus according to claim 1 , further comprising a storage unit configured to store a risk level table indicating a risk level of a device function, wherein the acquisition unit is configured to acquire the risk level of the specified device function from the risk level table. 4. The information processing apparatus according to claim 3 , wherein the storage unit is configured to store a calculation formula for calculating a risk level of an application, and wherein the calculation unit is configured to calculate the risk level of the application based on the calculation formula and the acquired risk level of the device function. 5. A method for processing information comprising: specifying a device function to be used by an application; acquiring a risk level of the specified device function; calculating a risk level of the application from the risk level of the acquired device function; and controlling whether to install the application based on the risk level of the application and a threshold, wherein if the application is installed, the installed application uses the specified device function having the risk level contributing to an acceptable risk level of the installed application and in a case where the application is not installed, a user interface screen that includes a message that the application has a high risk level is displayed on a display unit; presenting, to a user, the user interface screen to inquire whether the risk level of the specified device function is to be changed or the threshold is to be changed, according to an operation by the user on a user interface item displayed with the message; and changing the risk level of the specified device function so that the risk level of the application is less than the threshold in a case where an operation by the user on the user interface screen is an instruction to change the risk level of the specified device function, and changing the threshold to a value larger than the risk level of the specified device function in a case where the operation by the user is an instruction to change the threshold, installing the application based on the changed risk level of the application and the threshold or the risk level of the application and the changed threshold. 6. The method according to claim 5 , further comprising setting a device function weighting to be used during calculation. 7. The method according to claim 5 , further comprising storing a risk level table indicating a risk level of a device function, wherein the risk level of the specified device function is acquired from the risk level table. 8. The method according to claim 5 , further comprising: storing a calculation formula for calculating a risk level of an application; and calculating the risk level of the application based on the calculation formula and the acquired risk level of the device function. 9. A non-transitory computer-readable storage medium storing a computer program for causing a computer to perform a method of processing information comprising: specifying a device function to be used by an application; acquiring a risk level of the specified device function; calculating a risk level of the application from the risk level of the acquired device function; and controlling whether to install the application based on the risk level of the application and a threshold, wherein if the application is installed, the installed application uses the specified device function having the risk level contributing to an acceptable risk level of the installed application and in a case where the application is not installed, a user interface screen that includes a message that the application has a high risk level is displayed on a display unit; presenting, to a user, the user interface screen to inquire whether the risk level of the specified device function is to be changed or the threshold is to be changed, according to an operation by the user on a user interface item displayed with the message; and changing the risk level of the specified device function so that the risk level of the application is less than the threshold in a case where an operation by the user on the user interface screen is an instruction to change the risk level of the specified device function, and changing the threshold to a value larger than the risk level of the specified device function in a case where the operation by the user is an instruction to change the threshold, installing the application based on the changed risk level of the application and the threshold or the risk level of the application and the changed threshold.
Assignees
Inventors
Classifications
- G06F21/51Primary
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
- G06F21/00Primary
Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity · CPC title
Test or assess software · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US8955116B2 cover?
- A device function to be used by an application is specified, a risk level of the specified device function is acquired, and a risk level of the application is calculated based on the acquired risk level of the device function.
- Who is the assignee on this patent?
- Ikeda Atsushi, Canon Kk
- What technology area does this patent fall under?
- Primary CPC classification G06F21/51. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 10 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).