Method and system for verifying a client request
First Claim
1. A method for authorizing execution of requested actions transmitted between clients and servers of a data processing system, the method comprising:
- receiving a plurality of server messages from a server, each server message including a set of actions;
simulating execution of each set of actions upon receipt of the plurality of server messages;
based on each simulated execution, building or supplementing a list of allowable actions or user-definable inputs to the allowable actions in response to receiving a server message corresponding to the simulated execution;
receiving one or more client messages from one or more clients, each client message including one or more user-requested actions or inputs;
comparing the list of allowable actions or user-definable inputs in existence prior to receipt of the one or more client messages to the user-requested actions or inputs; and
where the list of allowable actions or user-definable inputs includes the user-requested actions or inputs, authorizing execution of the user requested actions or inputs, and supplementing the list of allowable actions or user-definable inputs upon receipt of a subsequent server message in response to the authorized execution.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method are presented for authorizing execution of requested actions transmitted between clients and servers of a data processing system. The method includes receiving a message including a set of actions and simulating execution of the set of actions. A list representing allowable actions and user-definable inputs to the simulated actions is defined. The list of allowable actions and user-definable inputs to the allowable action is then compared to user-requested actions and inputs. When elements within the user-requested actions and inputs are included in the allowable actions and input list, the user-requested actions and inputs are authorized for execution.
-
Citations
13 Claims
-
1. A method for authorizing execution of requested actions transmitted between clients and servers of a data processing system, the method comprising:
-
receiving a plurality of server messages from a server, each server message including a set of actions; simulating execution of each set of actions upon receipt of the plurality of server messages; based on each simulated execution, building or supplementing a list of allowable actions or user-definable inputs to the allowable actions in response to receiving a server message corresponding to the simulated execution; receiving one or more client messages from one or more clients, each client message including one or more user-requested actions or inputs; comparing the list of allowable actions or user-definable inputs in existence prior to receipt of the one or more client messages to the user-requested actions or inputs; and where the list of allowable actions or user-definable inputs includes the user-requested actions or inputs, authorizing execution of the user requested actions or inputs, and supplementing the list of allowable actions or user-definable inputs upon receipt of a subsequent server message in response to the authorized execution. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for authorizing execution of requested actions transmitted from a client to a server of a client/server data processing system, the method performed by a gateway coupled between the client and the server, comprising:
-
receiving, from the server, a plurality of documents, each document including a set of actions; simulating execution of each set of actions upon receipt of the plurality of documents; based on each simulated execution, building or supplementing a list of allowable actions or user-definable inputs to the allowable actions in response to receiving from the server a subsequent document corresponding to the simulated execution; receiving, from the client, one or more messages, each message including one or more user-requested actions or inputs; comparing the list of allowable actions or user-definable inputs in existence prior to receipt of the one or more messages to the user-requested actions or inputs; and where the list of allowable actions or user-definable inputs includes the user-requested actions or inputs, transmitting the user-requested actions or inputs to the server for execution, and supplementing the list of allowable actions or user-definable inputs upon receipt of a subsequent document from the server in response to the transmitted user-requested action or input. - View Dependent Claims (12)
-
-
13. A method for authorizing execution of requested actions transmitted between clients and servers of a data processing system, the method comprising:
-
receiving a plurality of server messages, each server message including programmable logic integrated with a client application; simulating execution of each programmable logic upon receipt of the plurality of server messages; based on each simulated execution, building or supplementing a list of allowable actions associated with the programmable logic or user-definable inputs to the allowable actions in response to receiving a server message corresponding to the simulated execution; receiving one or more client messages from one or more clients, each client message including one or more user-requested actions or inputs; comparing the list of allowable actions associated with the programmable logic or user-definable inputs in existence prior to receipt of the one or more client messages to the user-requested actions or inputs; and where the list of allowable actions associated with the programmable logic or user-definable inputs includes the user-requested actions or inputs, authorizing execution of the user requested actions or inputs, and supplementing the list of allowable actions associated with the programmable logic or user-definable inputs upon receipt of a subsequent server message in response to the authorized execution.
-
Specification