Method and apparatus of web application server for blocking a client session based on a threshold number of service calls

US 10,701,178 B2
Filed: 10/31/2017
Issued: 06/30/2020
Est. Priority Date: 10/31/2016
Status: Active Grant

First Claim

Patent Images

1. A client session blocking method performed by a client session blocking apparatus, the method comprising:

receiving a first request of a client for a service executable by one of a first application and a second application, from a web server;

in response to a session of the client being a session of the first application, performing a first determination regarding whether the session of the client for the first application is valid;

in response to the first determination indicating that the session of the first application is valid, performing a second determination regarding whether a number of consecutive calls for the session of the first application is equal to or greater than a predetermined threshold number of calls for the service; and

in response to the second determination indicating that the number of the consecutive calls is equal to or greater than the predetermined threshold number, blocking the session of the first application, and maintaining a session of the second application,wherein the receiving of the first request comprises determining whether a type of a network from which the first request was received is an Internet,wherein the performing of the second determination comprises;

in response to determining that the type of the network is the Internet, determining a first threshold number corresponding to an intranet;

generating a second threshold number based on the determined first threshold number, wherein the second threshold number is smaller than the first threshold number by a predetermined value, andperforming the second determination based on the second threshold number.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A client session blocking method performed by a client session blocking apparatus includes receiving a first request of a client for a service from a web server, performing a first determination regarding whether a session of the client for the service is valid, in response to the first determination indicating that the session is valid, performing a second determination regarding whether a number of consecutive calls for the service is equal to or greater than a predetermined threshold number of calls for the service and in response to the second determination indicating that the number of the consecutive calls is equal to or greater than the predetermined threshold number, and blocking the session of the client for the service.

28 Citations

10 Claims

1. A client session blocking method performed by a client session blocking apparatus, the method comprising:
- receiving a first request of a client for a service executable by one of a first application and a second application, from a web server;
  
  in response to a session of the client being a session of the first application, performing a first determination regarding whether the session of the client for the first application is valid;
  
  in response to the first determination indicating that the session of the first application is valid, performing a second determination regarding whether a number of consecutive calls for the session of the first application is equal to or greater than a predetermined threshold number of calls for the service; and
  
  in response to the second determination indicating that the number of the consecutive calls is equal to or greater than the predetermined threshold number, blocking the session of the first application, and maintaining a session of the second application,wherein the receiving of the first request comprises determining whether a type of a network from which the first request was received is an Internet,wherein the performing of the second determination comprises;
  
  in response to determining that the type of the network is the Internet, determining a first threshold number corresponding to an intranet;
  
  generating a second threshold number based on the determined first threshold number, wherein the second threshold number is smaller than the first threshold number by a predetermined value, andperforming the second determination based on the second threshold number.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the performing of the second determination comprises:
    - determining whether the first request was received within a predetermined time range after a time at which a second request for the session of the second application was received;
      
      in response to determining that the first request was received within the predetermined time range, identifying the predetermined threshold number; and
      
      performing the second determination based on the identified predetermined threshold number.
  - 3. The method of claim 2 further comprises:
    - in response to the determining that the first request was received within the predetermined time range, recording a reception time of the first request; and
      
      increasing the number of the consecutive calls.
  - 4. The method of claim 2 further comprises:
    - in response to the determining that the first request was not received within the predetermined time range, recording a reception time of the first request; and
      
      initializing a record of the number of the consecutive calls.
  - 5. The method of claim 1, further comprising providing the client with a result indicating the blocking of the session of the first application.
  - 6. The method of claim 5,wherein the providing of the result indicating the blocking the session of the first application comprises,in response to the session of the first application being blocked, providing information about the second application to the client in response to the blocking of the session of the first application.
  - 7. The method of claim 1, further comprising:
    - in response to the second determination indicating that the number of the consecutive calls for the session of the first application is less than the predetermined threshold number, calculating a difference between the number of the consecutive calls and the predetermined threshold number; and
      
      changing the predetermined threshold number when the calculated difference is within a predetermined range.
  - 8. The method of claim 1, wherein the receiving of the first request further comprises determining a type of a network from which the first request was received, andwherein the performing of the second determination comprises:
    - determining the predetermined threshold number based on the determined type of the network;
      
      performing the second determination based on a first threshold number in response to determining that the type of the network is a first type; and
      
      performing the second determination based on a second threshold number in response to determining that the type of the network is a second type.

9. A client session blocking apparatus comprising:
- one or more processors;
  
  a network interface;
  
  a memory configured to load a computer program to be executed by the processors; and
  
  a storage which stores the computer program,wherein the computer program comprises instructions to perform;
  
  an operation of receiving a first request of a client for a service, executable by one of a first application and a second application, from a web server;
  
  an operation of performing a first determination regarding whether a session of the first application is valid in response to a session of the client being the session of the first applicationan operation of performing a second determination regarding whether a number of consecutive calls for the session of the first application is equal to or greater than a predetermined threshold number in response to the first determination indicating that the session of the first application is valid; and
  
  an operation of blocking the session of the first application and maintaining a session of the second application in response to the second determination indicating that the number of the consecutive calls is equal to or greater than the predetermined threshold number,wherein the receiving of the first request comprises determining whether a type of a network from which the first request was received is an Internet,wherein the performing of the second determination comprises;
  
  in response to determining that the type of the network is the Internet, determining a first threshold number corresponding to an intranet;
  
  generating a second threshold number based on the determined first threshold number, wherein the second threshold number is smaller than the first threshold number by a predetermined value, andperforming the second determination based on the second threshold number.

10. A non-transitory computer-readable medium configured to store a computer program which, when executed, causes a computing apparatus to:
- receive a first request of a client for a service, executable by one of a first application and a second application, from a web server;
  
  in response to a session of the client being a session of the first application, perform a first determination regarding whether the session of the first application is valid;
  
  in response to the first determination indicating that the session of the first application is valid, perform a second determination regarding whether a number of consecutive calls for a session of the first application is equal to or greater than a predetermined threshold number andin response to the second determination indicating that the number of the consecutive calls is equal to or greater than the predetermined threshold number, block the session of the first application, and maintaining the session of the second application,wherein the receiving of the first request comprises determining whether a type of a network from which the first request was received is an Internet,wherein the performing of the second determination comprises;
  
  in response to determining that the type of the network is the Internet, determining a first threshold number corresponding to an intranet;
  
  generating a second threshold number based on the determined first threshold number, wherein the second threshold number is smaller than the first threshold number by a predetermined value, andperforming the second determination based on the second threshold number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung SDS (China) Co., Ltd. (Samsung Group)
Original Assignee
Samsung SDS (China) Co., Ltd. (Samsung Group)
Inventors
Lee, Ju Ho
Primary Examiner(s)
Murray, Daniel C.

Application Number

US15/798,639
Publication Number

US 20180124204A1
Time in Patent Office

973 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/1458   Denial of Service

H04L 63/168   above the transport layer

H04L 67/01   Protocols

H04L 67/141   Setup of application sessio...

H04L 67/535   Tracking the activity of th...

H04L 67/60   Scheduling or organising th...

Method and apparatus of web application server for blocking a client session based on a threshold number of service calls

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus of web application server for blocking a client session based on a threshold number of service calls

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links