User impersonation by a proxy server

US 20020046170A1
Filed: 10/09/2001
Published: 04/18/2002
Est. Priority Date: 10/12/2000
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method in a network for transmitting information between a web browser and a proxy server, comprising:

initiating and sending an HTTP request from the web browser to the proxy server, the HTTP request having a script identifier;

extracting the script identifier from the HTTP request, and thereafter searching a database for the script associated with the script identifier;

executing the script associated with the script identifier at the proxy server;

generating a result from the script associated with the script identifier; and

transmitting the result from the proxy server to the web browser.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user is connected to the Internet by a proxy server that impersonates the user. Websites are accessed by sending an HTTP request to the proxy server. The HTTP request is encoded with characters that are understood by the proxy as requiring that the HTTP request be intercepted and either an identified script be executed or data within the request be extracted. The impersonating proxy automatically carries out the steps that would otherwise be carried out by the user when performing a transaction at a website. In one example, a user checks a bank website for a balance inquiry. A first HTTP request includes a script identifier. The proxy retrieves and executes the identified script, which in turn causes a an HTTP response to be sent to the user'"'"'s browser for personal information (e.g., user name and password). That personal information is extracted from a second HTTP request returned to the proxy, and the proxy accesses the bank website, enters the personal information, retrieves the account balance, and provides it to the user.

52 Citations

View as Search Results

32 Claims

1. A computer implemented method in a network for transmitting information between a web browser and a proxy server, comprising:
- initiating and sending an HTTP request from the web browser to the proxy server, the HTTP request having a script identifier;
  
  extracting the script identifier from the HTTP request, and thereafter searching a database for the script associated with the script identifier;
  
  executing the script associated with the script identifier at the proxy server;
  
  generating a result from the script associated with the script identifier; and
  
  transmitting the result from the proxy server to the web browser.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15, 16, 17, 18, 19)
- - 2. The method of claim 1, wherein the proxy server is a gateway to the Internet for a user of the web browser, and wherein the result generated from the script uses result information obtained by the proxy server via the Internet.
  - 3. The method of claim 2, wherein the HTTP request from the web browser to the proxy server is a first HTTP request, wherein executing the script at the proxy server results in an HTTP response being sent from the proxy server to the web browser, such HTTP response requesting personalized information for the user, and wherein the web browser responds with a second HTTP request having such personalized information.
  - 4. The method of claim 3, wherein the first and second HTTP requests to the proxy server are encoded for being interpreted at the proxy server and then discarded without being forwarded to the Internet.
  - 5. The method of claim 3, wherein the personalized information is information required for accessing a website via the Internet.
  - 6. The method of claim 3, wherein the personalized information in the second HTTP request is extracted by the proxy server, and the proxy server uses such personalized information to obtain the results information via the Internet.
  - 7. The method of claim 6, wherein the personalized information extracted from the second HTTP request is stored in a database for subsequent use by the proxy server in response to subsequent HTTP requests originating from the same user.
  - 8. The method of claim 6, wherein the results information obtained via the Internet is information at a website, wherein the website facilitates transactions concerning personal accounts, and wherein the personalized information is required for accessing personal account information of the user at such website.
  - 9. The method of claim 8, wherein the website facilitates transactions concerning financial accounts.
  - 10. The method of claim 8, wherein website facilitates retail transactions by the user, and wherein the personalized information is required for conducting a retail transaction at such website.
  - 11. The method of claim 6, wherein the personalized information comprises a user name and password.
  - 12. The method of claim 6, wherein the personalized information comprises a cookie previously stored at a user machine associated with the web browser.
  - 13. The method of claim 6, wherein the result information includes a cookie to be stored at a user machine associated with the web browser.
  - 15. The method of claim 14, wherein the IP message is a first HTTP message.
  - 16. The method of claim 15, wherein in response to executing the script, a second HTTP message is sent from the proxy to the user requesting a username and a password, the second HTTP message resulting in a prompt at the user for entering a usemame and password.
  - 17. The method of claim 16, further comprising sending a third HTTP message with the usemame and password from the user to the proxy;
    - extracting the username and password from the third HTTP message at the proxy, and discarding the third HTTP message; and
      
      further executing the script associated with the script identifier using the username and password extracted from the third HTTP message.
  - 18. The method of claim 15, wherein in response to executing the script, a second HTTP message is sent from the proxy server to the user pointing to the website and resulting in a third HTTP message being sent to the proxy and intended by the user for the website, the user providing a cookie associated with the website and accompanying the third HTTP message.
  - 19. The method of claim 18, wherein the proxy extracts the cookie from the third HTTP message, discards that message, and uses the cookie in further execution of the script.

14. A computer implemented method for a user to access a website through a proxy impersonating the user, comprising:
- sending an Internet Protocol (IP) message from the user to the proxy;
  
  receiving the IP message at the proxy;
  
  parsing the IP message at the proxy, extracting a script identifier from the IP message, and thereafter searching a database for the script associated with the script identifier;
  
  executing the script associated with the script identifier;
  
  generating a result from the script associated with a script identifier; and
  
  sending the result from the proxy to the user.

20. In a network having a plurality of users with web browsers and connected for accessing websites via the Internet, a database, and a proxy for impersonating a user, the proxy comprising:
- a server for executing scripts that are stored in the database and that represent executable programming code, the server executing the scripts in order to request information from a specific user, to request information from a website to be accessed by the specific user, and to use the requested information to generate results for the specific user;
  
  wherein the server receives an HTTP message from the web browser of the specific user when access to the website is requested, such message including a script identifier for a script to be executed by the server in order to access the website;
  
  wherein the server extracts the script identifier from the HTTP message, discards the message, and executes the identified script; and
  
  wherein in response to execution of the identified script the server requests information from at least one of the specific user and the website, uses such information in further executing the identified script, and provides a result to the user.
- View Dependent Claims (21, 22, 23, 26, 27, 28, 29, 30, 31)
- - 21. The proxy of claim 20, wherein in response to execution of the script the server sends a second HTTP message to the web browser of the specific user requesting personalized information of that user, and wherein in response to the second HTTP message the web browser sends a third HTTP message to the server having such personalized information, the third HTTP message being discarded by the server after such personalized information is extracted by the server.
  - 22. The proxy of claim 21, wherein the personalized information is a user name and password.
  - 23. The proxy of claim 21, wherein the personalized information is a cookie previously stored at the user by the website.
  - 26. The network of claim 25, wherein the proxy also receives information from the specific website and uses both the personal information and the website information to obtain results for the user.
  - 27. The network of claim 25 wherein the proxy stores the personal information in a data storage device.
  - 28. The network of claim 27 wherein in subsequent HTTP requests to the website that do not contain personal information, the proxy uses the stored personal information to obtain results for the user.
  - 29. The network of claim 27 where the personal information is a user name and password.
  - 30. The network of claim 27 where the personal information is a cookie.
  - 31. The network of claim 25, wherein the HTTP request from the user is sent in response to an HTTP redirect massage from the proxy, the HTTP redirect message pointing to the specific website.

24. In a network having a plurality of users with web browsers and connected for accessing websites via the Internet, a data storage means, and a proxy for impersonating a user, the proxy comprising:
- server means for executing scripts stored in the data base means in order to request information from a specific user, request information from a website to be accessed by the specific user, and use the requested information to generate results for the specific user;
  
  wherein the server means receives an HTTP message from the specific user when access to the website is requested, such message including a script identifier for a script to be executed by the server means in order to access the website;
  
  wherein the server means extracts the script identifier from the HTTP message, discards the message, and executes the identified script; and
  
  wherein in response to execution of the identified script the server means requests information from at least one of the specific user and the website, uses such information in further executing the identified script, and provides a result to the user.

25. A network comprising:
- a plurality of users, each user having a web browser for accessing websites via the Internet; and
  
  a proxy for impersonating specific users and for connecting those users to the Internet;
  
  wherein the proxy server receives an HTTP request from a user having personal information relating to the user, such personal information also relating to a specific website; and
  
  wherein the proxy extracts the personal information from the HTTP request and uses the extracted personal information to obtain results for the user.

32. In a network having a plurality of users connected for accessing websites via the Internet, a database, and a proxy for impersonating a user, the proxy comprising:
- a server;
  
  wherein the server receives an HTTP message from a specific user, such message including personalized information for the specific user;
  
  wherein the server extracts the personalized information from the HTTP message, and uses such personalized information to provide a result to the user; and
  
  wherein the personalized information extracted by the server is stored in the database, so that when the server subsequently receives an HTTP message from the user, the stored personalized information can be used by the server without requesting such information from the user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
Toptier Israel Limited
Inventors
Gvily, Yaniv

Granted Patent

US 7,370,015 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/42
CPC Class Codes

G06F 21/31   User authentication

G06Q 20/108   Remote banking, e.g. home b...

G06Q 40/02   Banking, e.g. interest calc...

H04L 2463/102   applying security measure f...

H04L 63/0281   Proxies

H04L 63/083   using passwords cryptograph...

H04L 67/02   based on web technology, e....

H04L 67/2871   Implementation details of s...

H04L 67/563   Data redirection of data ne...

H04L 67/564   Enhancement of application ...

H04L 67/567   Integrating service provisi...

H04L 67/59   Providing operational suppo...

H04L 69/329   in the application layer [O...

H04L 9/40   Network security protocols

User impersonation by a proxy server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

52 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

User impersonation by a proxy server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links