USING EXCLUSION BASED SECURITY RULES FOR ESTABLISHING URI SECURITY
First Claim
Patent Images
1. A method for controlling access to Uniform Resource Identifier (URI) identified resources comprising:
- receiving a request for a resource identified by a URI;
comparing the URI associated with the request against at least one previously established security rule, said security rule including an exclusion comparison operator and a regular expression defining a pattern; and
determining whether to grant a requester access to the resource based at least in part upon results of the comparing of the URI against the previously established security rule.
1 Assignment
0 Petitions
Accused Products
Abstract
A solution for controlling access to Uniform Resource Identifier (URI) identified resources can receive a request for a resource identified by a URI. The URI associated with the request can be compared against at least one previously established security rule. The security rule can include an exclusion comparison operator and a regular expression defining a pattern. A determination as to whether to grant a requester access to the resource can be based at least in part upon results of the comparing of the URI against the previously established security rule.
-
Citations
19 Claims
-
1. A method for controlling access to Uniform Resource Identifier (URI) identified resources comprising:
-
receiving a request for a resource identified by a URI; comparing the URI associated with the request against at least one previously established security rule, said security rule including an exclusion comparison operator and a regular expression defining a pattern; and determining whether to grant a requester access to the resource based at least in part upon results of the comparing of the URI against the previously established security rule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product for controlling access to Uniform Resource Identifier (URI) identified resources comprising:
-
a computer usable medium having computer usable program code embodied therewith, the computer usable program code comprising; computer usable program code configured to receive a request for a resource identified by a URI; computer usable program code configured to compare the URI associated with the request against at least one previously established security rule, said security rule including an exclusion comparison operator and a regular expression defining a pattern; and computer usable program code configured to determine whether to grant a requester access to the resource based at least in part upon results of the comparing of the URI against the previously established security rule. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An application server comprising:
-
a URI security engine configured to evaluate requests for URI identified resources based upon a plurality of previously established security rules, said URI security engine comprising an exclusion mechanism configured to evaluate security rules comprising exclusion conditional operators; and a Web server configured to selectively serve a plurality of URI identified resources to requesting clients based upon evaluation results of the URI security engine, wherein the security rules are based upon a plurality of matching rules comprising pattern matching, exact matching, and extension based matching.
-
Specification