System and method for using dynamic web components to remotely control the security state of web pages

US 7,000,107 B2
Filed: 01/31/2001
Issued: 02/14/2006
Est. Priority Date: 09/30/2000
Status: Active Grant

First Claim

Patent Images

1. In an Internet web page having at least two frames, a method for remotely controlling a security state for each frame comprising:

automatically determining a security state of a called Internet web page when a local client computer calls that Internet web page from a remote server computer for inclusion in at least one of the frames;

automatically determining whether the called Internet web page has a security state different from any existing frames which comprise an initial Internet web page on the local client;

wherein the remote server automatically directs the local client to load replacement frames for any existing frames which have a different security state than the called Internet web page, with the replacement frames having the same security state as the called Internet web page; and

wherein the local client automatically generates a new Internet web page comprising the called Internet web page and the replacement frames in response to the direction from the remote server to the local client, and wherein all frames of the new Internet web page have the same security state.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention involves a new system and process for automatically controlling whether a displayed web page and associated frames displayed within a window of a web browser are secure or non-secure. For example, whether the displayed web page and associated frames are provided via a secure socket layer (SSL), i.e. a web page from an HTTPS address (secure), or simply via an HTTP address (non-secure), respectively. Specifically, the present invention uses a dynamic “Web Component” to remotely control web page security states. Further, the Web Component according to the present invention uses the same script and HTML for all implementations or instantiations of the Web Component, regardless of which, or how many, unique local clients make use of the Web Component. This code reuse is accomplished by using entry web pages, or “entry points,” as described in further detail below, to set the value of function properties or parameters of the Web Component for dynamically and controlling the security state of a web page having at least two frames. The script and/or HTML source code of the Web Component pages does not change based on each new implementation or instantiation. Consequently, little setup work is required for each implementation, and only a basic verification test pass is needed for each unique automatically customized Internet web page.

49 Citations

View as Search Results

23 Claims

1. In an Internet web page having at least two frames, a method for remotely controlling a security state for each frame comprising:
- automatically determining a security state of a called Internet web page when a local client computer calls that Internet web page from a remote server computer for inclusion in at least one of the frames;
  
  automatically determining whether the called Internet web page has a security state different from any existing frames which comprise an initial Internet web page on the local client;
  
  wherein the remote server automatically directs the local client to load replacement frames for any existing frames which have a different security state than the called Internet web page, with the replacement frames having the same security state as the called Internet web page; and
  
  wherein the local client automatically generates a new Internet web page comprising the called Internet web page and the replacement frames in response to the direction from the remote server to the local client, and wherein all frames of the new Internet web page have the same security state.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1 wherein automatically determining a security state of a called Internet web page comprises determining which one of at least one entry point address is used to call the Internet web page from the remote server computer.
  - 3. The method of claim 1 wherein automatically directs the local client computer to load replacement frames comprises using a security state script to direct the local client computer to load the replacement frames.
  - 4. The method of claim 3 wherein the security state script is resident on the remote server.
  - 5. The method of claim 3 wherein the security state script is resident on the local client computer.
  - 6. The method of claim 1 wherein the replacement frames are hosted on the local client computer.
  - 7. The method of claim 1 wherein at least one of the replacement frames is automatically populated with an automatically generated customized web page.
  - 8. The method of claim 7 wherein the automatically generated customized web page is customized by setting at least one the variable function parameters for defining the appearance of at least one of page color, page style, page layout, page border, page background, font size, font type, font style, font color, font characteristics, included images, and scripts, for each automatically generated customized web page.
  - 9. The method of claim 7 wherein the automatically generated customized web page includes at least one predefined script.
  - 10. The method of claim 9 wherein the at least one predefined script is automatically retrieved from at least one computer readable storage medium.
  - 11. The method of claim 8 wherein setting the at least one variable function parameter comprises calling at least one intermediate web page having variable function parameters from the local client computer, the intermediate web page in turn calling the remote server and passing the variable function parameters to the remote server.
  - 12. The method of claim 2 wherein each entry point addressed by any local client computer causes at least one web page generation script to automatically generate a unique web page depending upon which entry point is addressed.

13. Steps for automatically controlling a security state for an Internet web page having at least two frames in accordance with the following acts:
- providing a remote server computer in communication with the Internet, the remote server hosting a dynamic web page script having at least one pre-defined entry point addressable by at least one local client computer;
  
  receiving an input at the remote server from one of the local client computers via the Internet;
  
  automatically addressing one of the web page script entry points based upon the input received at the remote server;
  
  automatically determining a desired security state based upon which entry point is addressed;
  
  automatically passing the determined security state from the remote server to a security state script; and
  
  automatically directing the local client computer, via the security state script, to load replacement frames having the desired security state for each frame of the Internet web page.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The dynamic web page script of claim 13 wherein the input received from one of the local client computers is provided via a pre-defined intermediate page called by the local client computer.
  - 15. The dynamic web page script of claim 13 wherein the script is represented by at least one of HTML, ASP, CGI, and PERL scripts.
  - 16. The dynamic web page script of claim 13 wherein the script is reusable by a plurality of unique local client computers for automatically controlling the security state of a plurality of unique web pages.
  - 17. The dynamic web page script of claim 13 wherein the script further comprises the capability to automatically determine whether a local client computer is authorized to access the dynamic web page script.

18. A computer-readable medium having computer executable instructions for dynamically generating at least one web page for inclusion in parent web page having at least two frames, and controlling the security state of the parent web page, said computer executable instructions comprising:
- a dynamic web page generation script capable of accepting parameters passed from at least one intermediate page used to call the dynamic web page generation script;
  
  wherein the dynamic web page generation script further comprises at least one encapsulated web-based function which is automatically configured in response to the parameters passed from the intermediate page;
  
  dynamically generating at least one customized web page, having a desired security state, in response to the automatic configuration of each encapsulated web-based function;
  
  transmitting each customized web page from a remote host computer to at least one local client computer via a network; and
  
  automatically directing the at least one local client computer to load replacement frames having the same security state as the customized web page for any existing frames of the parent web page which have a different security state than the customized web page.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The computer-readable medium of claim 18 wherein the dynamic web page generation script automatically includes at least one applet in each customized web page.
  - 20. The computer-readable medium of claim 19 wherein at least one of the applets is retrieved by the web page generation script from at least one computer readable storage medium.
  - 21. The computer-readable medium of claim 18 wherein the dynamic web page generation script includes at least one addressable entry point, and wherein at least one of the entry points is addressed by at least one local client computer via at least one of the intermediate pages.
  - 22. The computer-readable medium of claim 21 wherein the appearance and content of each dynamically generated customized web page is dependant upon which entry point is addressed.
  - 23. The computer-readable medium of claim 21 wherein the desired security state is automatically determined based upon which entry point is addressed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Hewett, Delane Robert, Sundstrom, Johan A. F., Beiter, Christopher J.
Primary Examiner(s)
Morse, Gregory
Assistant Examiner(s)
HENEGHAN, MATTHEW E

Application Number

US09/775,141
Publication Number

US 20020104023A1
Time in Patent Office

1,840 Days
Field of Search

345/741, 345/742, 713/201, 715/513, 715/514, 715/526, 715/530, 715/540
US Class Current

713/164
CPC Class Codes

G06F 16/958   Organisation or management ...

G06F 40/186   Templates

H04L 61/35   involving non-standard use ...

H04L 63/168   above the transport layer

H04L 67/30   Profiles

H04L 69/329   in the application layer [O...

System and method for using dynamic web components to remotely control the security state of web pages

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for using dynamic web components to remotely control the security state of web pages

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links