Systems and methods for preventing transmission of compromised data in a computer network
First Claim
1. A system for preventing transmission of data through a computer network when said data is compromised, said system comprising:
- means for intercepting a request from a remote computer for said data;
means for determining whether said data has been altered without authorization; and
means for transmitting automatically a secure copy of the requested data to said remote computer if said data has been altered without authorization, wherein said secure copy of said requested data is not altered when said requested data is altered without authorization, and wherein the substitution of said secure copy of the requested data is transparent to a user of said remote computer.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for controlling the transmission of data in a computer network; specifically, systems and methods related to preventing the transmission of compromised data. In one embodiment, a web server is configured to transmit requested data to a remote client through a computer network, such as the Internet. The web server includes a conventional computing system, including a processor and random access memory, and a non-volatile storage medium for storing the requested data. A software-defined process is executed by the computing system, whereby the software-defined process and the computing system cooperate to receive a request from a remote client for the requested data; determine whether the requested data has been compromised; and prevent the transmission of the requested data to the remote client if the data is compromised. Various techniques are disclosed for determining whether the requested data has been compromised, such as through comparison of a digital signature associated with the requested data to a control signature, which can be unique to the requested data or predefined for all data. Alternatively, or in addition to a comparison of signatures, the requested data may be directly compared to a secure copy of the requested data.
-
Citations
27 Claims
-
1. A system for preventing transmission of data through a computer network when said data is compromised, said system comprising:
-
means for intercepting a request from a remote computer for said data;
means for determining whether said data has been altered without authorization; and
means for transmitting automatically a secure copy of the requested data to said remote computer if said data has been altered without authorization, wherein said secure copy of said requested data is not altered when said requested data is altered without authorization, and wherein the substitution of said secure copy of the requested data is transparent to a user of said remote computer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
means for computing a digital signature for said data; and
means for comparing said digital signature to a control signature, said data being compromised if said digital signature is not identical to said control signature.
-
-
3. The system recited in claim 2, wherein said control signature is unique to said data.
-
4. The system recited in claim 2, wherein said control signature is stored in a database inaccessible through said computer network.
-
5. The system recited in claim 1, wherein said data comprises HyperText Markup Language (HTML) data.
-
6. The system recited in claim 5, wherein said means for determining whether said data has been altered without authorization comprises:
-
means for storing a control copy of said HTML data in a database inaccessible through said computer network; and
means for comparing said HTML data to said control copy.
-
-
7. The system recited in claim 6, wherein said means for comparing said HTML data to said control copy comprises:
-
means for determining a digital signature for said HTML data;
means for determining a control signature for said control copy; and
means for comparing said digital signature to said control signature, said HTML data being compromised if said digital signature is not identical to said control signature.
-
-
8. A method for preventing transmission of data through a computer network when said data is compromised, said method comprising the steps of:
-
receiving a request from a remote computer for said data;
determining whether said data has been altered without authorization; and
transmitting automatically a secure copy of the requested data to said remote computer if said data has been altered without authorization, wherein said secure copy of said requested data is not altered when said requested data is altered without authorization, and wherein the substitution of said secure copy of the requested data is transparent to a user of said remote computer. - View Dependent Claims (9, 10, 11, 12, 13, 14)
computing a digital signature for said data; and
comparing said digital signature to a control signature, said data being compromised if said digital signature is not identical to said control signature.
-
-
10. The method recited in claim 9, wherein said control signature is unique to said data.
-
11. The method recited in claim 9, wherein said control signature is stored in a database inaccessible through said computer network.
-
12. The method recited in claim 8, wherein said data comprises HyperText Markup Language (HTML) data.
-
13. The method recited in claim 12, wherein said step of determining whether said data has been altered without authorization comprises:
-
storing a control copy of said HTML data in a database inaccessible through said computer network; and
comparing said HTML data to said control copy.
-
-
14. The method recited in claim 13, wherein said step of comparing said HTML data to said control copy comprises:
-
determining a digital signature for said HTML data;
determining a control signature for said control copy; and
comparing said digital signature to said control signature, said HTML data being compromised if said digital signature is not identical to said control signature.
-
-
15. A web server for transmitting requested data to a remote client through a computer network, said web server comprising;
-
a computing system including a processor and random access memory;
a non-volatile storage medium for storing said data; and
a software-defined process executable by said computing system, said software-defined process and said computing system cooperating to;
i) receive a request from said remote client for said requested data;
ii) determine whether said requested data has been altered without authorization; and
iii) transmit automatically a secure copy of the requested data to said remote client if said data has been altered without authorization, wherein said secure copy of said requested data is not altered when said requested data is altered without authorization, and wherein the substitution of said secure copy of the requested data is transparent to a user of said remote client. - View Dependent Claims (16, 17, 18, 19, 20, 21)
i) computing a digital signature for said data; and
ii) comparing said digital signature to a control signature, said requested data being compromised if said digital signature is not identical to said control signature.
-
-
17. The web server recited in claim 16, wherein said control signature is unique to said requested data.
-
18. The web server recited in claim 16, wherein said control signature is stored in a location inaccessible to said computer network.
-
19. The web server recited in claim 15, wherein said requested data comprises HyperText Markup Language (HTML) data.
-
20. The web server recited in claim 19, wherein said software-defined process causes said computing system to determine whether said requested data has been altered without authorization by comparing said HTML data to a control copy of said HTML data, said control copy stored in a location inaccessible through said computer network.
-
21. The web server recited in claim 20, wherein said software-defined process causes said computing system to compare said HTML data to said control copy by:
-
i) determining a digital signature for said HTML data;
ii) determining a control signature for said control copy; and
iii) comparing said digital signature to said control signature, said HTML data being compromised if said digital signature is not identical to said control signature.
-
-
22. A method for preventing transmission of data through a computer network when said data is compromised, said method comprising the steps of:
-
intercepting the transmission of said data to a remote computer requesting said data;
determining whether said data has been altered without authorization; and
transmitting automatically a secure copy of the requested data to said remote computer if said data has been altered without authorization, wherein said secure copy of said requested data is not altered when said requested data is altered without authorization, and wherein the substitution of said secure copy of the requested data is transparent to a user of said remote computer. - View Dependent Claims (23, 24, 25, 26, 27)
computing a digital signature for said data; and
comparing said digital signature to a control signature, said data being compromised if said digital signature is not identical to said control signature.
-
-
24. The method recited in claim 23, wherein said control signature is unique to said data.
-
25. The method recited in claim 22, wherein said data comprises HyperText Markup Language (HTML) data.
-
26. The method recited in claim 25, wherein said step of determining whether said data has been altered without authorization comprises the steps of:
-
storing a control copy of said HTML data in a database inaccessible through said computer network; and
comparing said HTML data to said control copy.
-
-
27. The method recited in claim 26, wherein said step of comparing said HTML data to said control copy comprises:
-
determining a digital signature for said HTML data;
determining a control signature for said control copy; and
comparing said digital signature to said control signature, said HTML data being compromised if said digital signature is not identical to said control signature.
-
Specification