Data access control
First Claim
Patent Images
1. An information server comprising:
- means for establishing a session between a client and an information server;
means for receiving at said information server a first request from the client for an item of information, said item of information including a plurality of references to a plurality of further items of information;
means for modifying the item of information by replacing at least one reference by a token;
means for storing data that relates each token to its corresponding reference in storage means for the duration of said session;
means for returning to the client the modified item of information in which at least one reference has been replaced by a token;
means for receiving at said information server a second request from the client for an item of information, the second request including a token indicative of the item of information requested;
means for comparing the token with the tokens which have been stored in said storage means during said session to find a matching stored token; and
means for returning to the client, in dependence upon finding a matching stored token, the respective corresponding item of information.
3 Assignments
0 Petitions
Accused Products
Abstract
A modified Web server comprises a session manager which intercepts all incoming requests from clients for Web pages. Each request incorporates a token which the session manager compares with tokens which are stored in a session store. On finding a matching token, a URL associated with the matching token is used by the Web server to return a Web page indicated by the URL to the requester.
Any URLs embedded in the Web page to be returned are tokenised by the session manager before the page is returned, and the resulting token/URL pair is stored in the session store.
-
Citations
18 Claims
-
1. An information server comprising:
-
means for establishing a session between a client and an information server;
means for receiving at said information server a first request from the client for an item of information, said item of information including a plurality of references to a plurality of further items of information;
means for modifying the item of information by replacing at least one reference by a token;
means for storing data that relates each token to its corresponding reference in storage means for the duration of said session;
means for returning to the client the modified item of information in which at least one reference has been replaced by a token;
means for receiving at said information server a second request from the client for an item of information, the second request including a token indicative of the item of information requested;
means for comparing the token with the tokens which have been stored in said storage means during said session to find a matching stored token; and
means for returning to the client, in dependence upon finding a matching stored token, the respective corresponding item of information.
-
-
2. A server according to claim 1, further comprising means for deriving from a request an indication of the identity of the client.
-
3. A server according to claim 2, further comprising means for comparing the indication of the identity of the client with indications of identity stored in association with each stored token and corresponding reference, and wherein the means for returning operates also in dependence on finding a matching stored indication of identity with the indication of the identity of the client derived from the request.
-
4. A server according to claim 1, further comprising random number generating means for generating a random number and forming a token on the basis of the random number.
-
5. A server according to claim 1, further comprising means for storing in association with each token and its corresponding reference an indication of the identity of the client.
-
6. An information server having Web server functionality operable in accordance with the server according to claim 1.
-
7. An information server for providing information in response to requests, comprising:
-
a session manager for allocating a session to a client requesting information; and
a session store, wherein if the client-requested information includes references to further information, said session manager, before providing the client-requested information to the client, replaces at least some of the references with tokens and stores data in said session store that relates each token to the reference it replaced, and if a request from the client for information includes one of the tokens, said session manager compares the token in the request with the tokens in the session store to find a matching stored token and returns information corresponding to the matching stored token to the client.
-
-
8. An information server according to claim 7, further comprising:
-
a database; and
page building gateways for building HTML pages on information retrieved from said database, wherein the client-requested information is an HTML page built by said page building gateways and the references to further information include uniform resource locators (URLs).
-
-
9. An information server according to claim 8, further comprising:
log-in gateways for controlling whether the client is allowed access to said database.
-
10. An information server according to claim 7, wherein the client-requested information is an HTML page and the references to further information include uniform resource locators (URLs).
-
11. An information server according to claim 7, further comprising:
- an HTML page store, wherein
the client-requested information is an HTML page stored in said HTML page store and the references to further information include uniform resource locators (URLs).
- an HTML page store, wherein
-
12. An information server according to claim 7, further comprising a random number generator for generating random numbers used for at least part of the tokens.
-
13. An information server according to claim 7, wherein said session store stores exception entries identifying certain client-requested information for which the references to further information included therein need not be replaced with tokens.
-
14. A method for providing information in response to requests comprising:
-
allocating a session to a client requesting information from an information server;
before providing to the client client-requested information containing references to further information, replacing at least some of the references with tokens and storing in a session store data that relates each token to the reference it replaced; and
if a request from the client for information includes one of the tokens, comparing the token in the request with the tokens in the session store to find a matching stored token and returning information corresponding to the matching stored token to the client.
-
-
15. A method according to claim 14, wherein the client-requested information is an HTML page and the references to further information include uniform resource locators (URLs).
-
16. A method of controlling an information server, comprising the steps of:
-
establishing a session between a client and the information server;
receiving a first request from the client for an item of information, said item of information including a plurality of references to a plurality of further items of information;
modifying the item of information by replacing at least one reference by a token;
storing data that relates each token to its corresponding reference in a store for the duration of said session; and
returning to the client the modified item of information in which at least one reference has been replaced by a token;
receiving a second request from the client for an item of information, the second request including a token indicative of the item of information requested;
comparing the token with the tokens which have been stored in said store during said session to find a matching stored token; and
returning to the client, in dependence upon finding a matching stored token, the respective corresponding item of information.
-
-
17. A method of controlling an information server according to claim 16, in which the server has Web functionality and at least one request from the client is a request for an HTML-formatted document, said method comprising the additional steps of:
retrieving from a data source data to be formatted as the requested HTML-formatted document; and
forming the requested HTML-formatted document on the basis of the retrieved data.
-
18. A method of controlling an information server according to claim 16, in which the server has Web functionality and at least one request from the client is a request for an HTML-formatted document, said method comprising the additional step of:
retrieving from a data source the requested HTML-formatted document.
Specification