Inventors:
Aaron Kershenbaum - New City NY, US
Lawrence Koved - Pleasantville NY, US
Marco Pistoia - Yorktown Heights NY, US
Assignee:
International Business Machines Corporation - Armonk NY
International Classification:
G06F 17/30
US Classification:
726 30, 726 22, 726 26, 726 27, 713167
Abstract:
This invention provides methods and apparatus for determining a set of authorization usage for collection of code. By using a program graph, the present invention identifies the code within in bounded paths in the program graph that use authorization. The level of precision is able to identify authorization usage to the level of basic blocks, methods, classes or other collections of code. By using the analysis technique described in this invention, we can determine the authorizations needed by collections code, including Java applets, servlets, and Enterprise JavaBeans. By using the present invention, it is possible, prior to loading the mobile code, to prompt the administrator or end-user to authorize or deny the code access to restricted the resources, or determine whether authorization testing will be required.