User impersonation by a proxy server
First Claim
1. A computer implemented method in a network for transmitting information between a web browser and a proxy server, comprising:
- initiating and sending an HTTP request from the web browser to the proxy server, the HTTP request having a script identifier;
extracting the script identifier from the HTTP request, and thereafter searching a database for the script associated with the script identifier;
executing the script associated with the script identifier at the proxy server;
generating a result from the script associated with the script identifier; and
transmitting the result from the proxy server to the web browser.
1 Assignment
0 Petitions
Accused Products
Abstract
A user is connected to the Internet by a proxy server that impersonates the user. Websites are accessed by sending an HTTP request to the proxy server. The HTTP request is encoded with characters that are understood by the proxy as requiring that the HTTP request be intercepted and either an identified script be executed or data within the request be extracted. The impersonating proxy automatically carries out the steps that would otherwise be carried out by the user when performing a transaction at a website. In one example, a user checks a bank website for a balance inquiry. A first HTTP request includes a script identifier. The proxy retrieves and executes the identified script, which in turn causes a an HTTP response to be sent to the user'"'"'s browser for personal information (e.g., user name and password). That personal information is extracted from a second HTTP request returned to the proxy, and the proxy accesses the bank website, enters the personal information, retrieves the account balance, and provides it to the user.
52 Citations
32 Claims
-
1. A computer implemented method in a network for transmitting information between a web browser and a proxy server, comprising:
-
initiating and sending an HTTP request from the web browser to the proxy server, the HTTP request having a script identifier;
extracting the script identifier from the HTTP request, and thereafter searching a database for the script associated with the script identifier;
executing the script associated with the script identifier at the proxy server;
generating a result from the script associated with the script identifier; and
transmitting the result from the proxy server to the web browser. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16, 17, 18, 19)
-
-
14. A computer implemented method for a user to access a website through a proxy impersonating the user, comprising:
-
sending an Internet Protocol (IP) message from the user to the proxy;
receiving the IP message at the proxy;
parsing the IP message at the proxy, extracting a script identifier from the IP message, and thereafter searching a database for the script associated with the script identifier;
executing the script associated with the script identifier;
generating a result from the script associated with a script identifier; and
sending the result from the proxy to the user.
-
-
20. In a network having a plurality of users with web browsers and connected for accessing websites via the Internet, a database, and a proxy for impersonating a user, the proxy comprising:
-
a server for executing scripts that are stored in the database and that represent executable programming code, the server executing the scripts in order to request information from a specific user, to request information from a website to be accessed by the specific user, and to use the requested information to generate results for the specific user;
wherein the server receives an HTTP message from the web browser of the specific user when access to the website is requested, such message including a script identifier for a script to be executed by the server in order to access the website;
wherein the server extracts the script identifier from the HTTP message, discards the message, and executes the identified script; and
wherein in response to execution of the identified script the server requests information from at least one of the specific user and the website, uses such information in further executing the identified script, and provides a result to the user. - View Dependent Claims (21, 22, 23, 26, 27, 28, 29, 30, 31)
-
-
24. In a network having a plurality of users with web browsers and connected for accessing websites via the Internet, a data storage means, and a proxy for impersonating a user, the proxy comprising:
-
server means for executing scripts stored in the data base means in order to request information from a specific user, request information from a website to be accessed by the specific user, and use the requested information to generate results for the specific user;
wherein the server means receives an HTTP message from the specific user when access to the website is requested, such message including a script identifier for a script to be executed by the server means in order to access the website;
wherein the server means extracts the script identifier from the HTTP message, discards the message, and executes the identified script; and
wherein in response to execution of the identified script the server means requests information from at least one of the specific user and the website, uses such information in further executing the identified script, and provides a result to the user.
-
-
25. A network comprising:
-
a plurality of users, each user having a web browser for accessing websites via the Internet; and
a proxy for impersonating specific users and for connecting those users to the Internet;
wherein the proxy server receives an HTTP request from a user having personal information relating to the user, such personal information also relating to a specific website; and
wherein the proxy extracts the personal information from the HTTP request and uses the extracted personal information to obtain results for the user.
-
-
32. In a network having a plurality of users connected for accessing websites via the Internet, a database, and a proxy for impersonating a user, the proxy comprising:
-
a server;
wherein the server receives an HTTP message from a specific user, such message including personalized information for the specific user;
wherein the server extracts the personalized information from the HTTP message, and uses such personalized information to provide a result to the user; and
wherein the personalized information extracted by the server is stored in the database, so that when the server subsequently receives an HTTP message from the user, the stored personalized information can be used by the server without requesting such information from the user.
-
Specification