Application layer security method and system
First Claim
1. An application layer security method comprising the steps of:
- receiving an operation request to be executed by an application, identifying an application attribute of said operation request, identifying an application path associated with said identified application attribute, and directing said operation request to said identified application path.
1 Assignment
0 Petitions
Accused Products
Abstract
The invention provides an application layer security method and system to secure trusted computer applications from executing out of their intended and authorized scope caused by illegal or harmful operation requests received from a distrusted environment. In an embodiment of the invention, a protective layer is implemented in between a trusted application and distrusted application operation requests. In operation, the protective layer identifies an application path of each operation request. Depending on the application path identified, one or more security pipes scrutinize the application contents of the operation request to determine if the operation request is illegal or harmful to the application or a surrounding environment.
239 Citations
30 Claims
-
1. An application layer security method comprising the steps of:
-
receiving an operation request to be executed by an application, identifying an application attribute of said operation request, identifying an application path associated with said identified application attribute, and directing said operation request to said identified application path. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. An application security system for protecting a trusted application comprising:
-
an application attribute identifier, wherein said application attribute identifier identifies an application attribute of a message directed to or from said trusted application and identifies an application path associated with said identified application attribute;
a message router, wherein said message router routes each message to said identified application path associated with said message; and
a number of security pipes, wherein a portion of said number of security pipes are associated with said identified application path and are implemented on said message upon routing of said message to said application path. - View Dependent Claims (15, 16, 17)
-
-
18. An application security method comprising the steps of:
-
classifying an application attribute of a message directed to or from a trusted application and implementing on said message a predetermined number of security pipes based on said classification of said application attribute. - View Dependent Claims (19, 20)
-
-
21. A method for protecting at least one application attribute in a message comprising the steps of:
-
intercepting a message directed toward a recipient, wherein said message comprises at least one application attribute;
encrypting said at least one application attribute to generate an encrypted application attribute;
modifying said message by substituting said encrypted application attribute for said at least one application attribute; and
forwarding said modified message to said recipient. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A method for protecting application at least one application attribute in a message comprising the steps of:
-
intercepting a message directed toward a recipient, wherein said message comprises at least one encrypted application attribute;
decrypting said at least one encrypted application attribute;
modifying said message by substituting said decrypted application attribute for said at least one encrypted application attribute; and
forwarding said modified message to said recipient. - View Dependent Claims (28, 29, 30)
-
Specification