Method and system for verifying a client request

US 7,293,281 B1
Filed: 10/25/2000
Issued: 11/06/2007
Est. Priority Date: 10/25/1999
Status: Expired due to Fees

First Claim

Patent Images

1. A method for authorizing execution of requested actions transmitted between clients and servers of a data processing system, the method comprising:

receiving a plurality of server messages from a server, each server message including a set of actions;

simulating execution of each set of actions upon receipt of the plurality of server messages;

based on each simulated execution, building or supplementing a list of allowable actions or user-definable inputs to the allowable actions in response to receiving a server message corresponding to the simulated execution;

receiving one or more client messages from one or more clients, each client message including one or more user-requested actions or inputs;

comparing the list of allowable actions or user-definable inputs in existence prior to receipt of the one or more client messages to the user-requested actions or inputs; and

where the list of allowable actions or user-definable inputs includes the user-requested actions or inputs, authorizing execution of the user requested actions or inputs, and supplementing the list of allowable actions or user-definable inputs upon receipt of a subsequent server message in response to the authorized execution.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method are presented for authorizing execution of requested actions transmitted between clients and servers of a data processing system. The method includes receiving a message including a set of actions and simulating execution of the set of actions. A list representing allowable actions and user-definable inputs to the simulated actions is defined. The list of allowable actions and user-definable inputs to the allowable action is then compared to user-requested actions and inputs. When elements within the user-requested actions and inputs are included in the allowable actions and input list, the user-requested actions and inputs are authorized for execution.

Citations

13 Claims

1. A method for authorizing execution of requested actions transmitted between clients and servers of a data processing system, the method comprising:
- receiving a plurality of server messages from a server, each server message including a set of actions;
  
  simulating execution of each set of actions upon receipt of the plurality of server messages;
  
  based on each simulated execution, building or supplementing a list of allowable actions or user-definable inputs to the allowable actions in response to receiving a server message corresponding to the simulated execution;
  
  receiving one or more client messages from one or more clients, each client message including one or more user-requested actions or inputs;
  
  comparing the list of allowable actions or user-definable inputs in existence prior to receipt of the one or more client messages to the user-requested actions or inputs; and
  
  where the list of allowable actions or user-definable inputs includes the user-requested actions or inputs, authorizing execution of the user requested actions or inputs, and supplementing the list of allowable actions or user-definable inputs upon receipt of a subsequent server message in response to the authorized execution.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as set forth in claim 1, wherein the step of simulating comprises identifying all possible actions or inputs to the possible actions resulting from an execution of each set of actions at a client.
  - 3. The method as set forth in claim 1, wherein the step of simulating comprises invoking and triggering each command, field, user-selectable input option and HTTP request within each set of actions.
  - 4. The method as set forth in claim 1, wherein the user-requested actions or inputs include actions or inputs provided during a user session performed in response to receipt of a server message at a client.
  - 5. The method as set forth in claim 1, comprising:
    - during the step of simulating, detecting an input control requesting entry of a data value and assigning a unique place holder to represent the data value; and
      
      during the step of comparing, matching a pattern of the unique place holder to the input received from the user.
  - 6. The method as set forth in claim 1, wherein the step of simulating comprises:
    - detecting an input control requesting selection of one of a plurality of predefined data values; and
      
      iteratively selecting one of the plurality of predefined data values and continuing simulation of the set of actions and building or supplementing of the list of allowable actions or user-definable inputs with the selected one data value until each of the plurality of predefined data values is selected and listed.
  - 7. The method as set forth in claim 1, comprising:
    - prior to the step of simulating, tracing execution of the set of actions at a client; and
      
      during the step of simulating, providing results of the tracing in response to the user-definable inputs.
  - 8. The method as set forth in claim 1, comprising:
    - prior to the step of simulating;
      
      identifying actions within a set of actions of a server message;
      
      supplementing the server message with actions for tracing input to the identified actions; and
      
      transmitting the supplemented server message to a client; and
      
      during the set of simulating, providing results of the tracing as user-definable inputs to the identified actions are requested.
  - 9. The method as set forth in claim 8, wherein the results of the tracing are included within a client message.
  - 10. The method as set forth in claim 8, wherein the results of the tracing are included in a client message that is received prior to receipt of a client message that is sent in response to the server message.

11. A method for authorizing execution of requested actions transmitted from a client to a server of a client/server data processing system, the method performed by a gateway coupled between the client and the server, comprising:
- receiving, from the server, a plurality of documents, each document including a set of actions;
  
  simulating execution of each set of actions upon receipt of the plurality of documents;
  
  based on each simulated execution, building or supplementing a list of allowable actions or user-definable inputs to the allowable actions in response to receiving from the server a subsequent document corresponding to the simulated execution;
  
  receiving, from the client, one or more messages, each message including one or more user-requested actions or inputs;
  
  comparing the list of allowable actions or user-definable inputs in existence prior to receipt of the one or more messages to the user-requested actions or inputs; and
  
  where the list of allowable actions or user-definable inputs includes the user-requested actions or inputs, transmitting the user-requested actions or inputs to the server for execution, and supplementing the list of allowable actions or user-definable inputs upon receipt of a subsequent document from the server in response to the transmitted user-requested action or input.
- View Dependent Claims (12)
- - 12. The method as set forth in claim 11, comprising storing, at the gateway, the list of allowable actions or user-definable inputs.

13. A method for authorizing execution of requested actions transmitted between clients and servers of a data processing system, the method comprising:
- receiving a plurality of server messages, each server message including programmable logic integrated with a client application;
  
  simulating execution of each programmable logic upon receipt of the plurality of server messages;
  
  based on each simulated execution, building or supplementing a list of allowable actions associated with the programmable logic or user-definable inputs to the allowable actions in response to receiving a server message corresponding to the simulated execution;
  
  receiving one or more client messages from one or more clients, each client message including one or more user-requested actions or inputs;
  
  comparing the list of allowable actions associated with the programmable logic or user-definable inputs in existence prior to receipt of the one or more client messages to the user-requested actions or inputs; and
  
  where the list of allowable actions associated with the programmable logic or user-definable inputs includes the user-requested actions or inputs, authorizing execution of the user requested actions or inputs, and supplementing the list of allowable actions associated with the programmable logic or user-definable inputs upon receipt of a subsequent server message in response to the authorized execution.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
Watchfire Corp. (Ontario) (International Business Machines Corporation)
Inventors
Reshef, Eran, Moran, Tal, Raanan, Gil, El-Hanani, Yuval
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Powers; William S

Application Number

US09/696,736
Time in Patent Office

2,568 Days
Field of Search

705/51, 705/52, 713/165, 713/166, 713/170, 713/182, 726/3, 726/4
US Class Current

726/3
CPC Class Codes

H04L 63/101 Access control lists [ACL]

Method and system for verifying a client request

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for verifying a client request

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links