Methods and systems for using digital signatures in uniform resource locators

US 7,487,354 B2
Filed: 05/18/2001
Issued: 02/03/2009
Est. Priority Date: 05/18/2001
Status: Expired due to Fees

First Claim

Patent Images

1. In a network system that includes a server computer system and a client computer system, wherein the server computer system is capable of transmitting a document that contains Uniform Resource Locators (URLs) to the client computer system, a method of the server computer system dispatching the document to the client computer system in a manner that increases the security of one or more of the Uniform Resource Locators in the document even if the document is intercepted during transmission, the method comprising the following:

a) obtaining a document that contains original URLs;

b) calculating a digital signature that is unique to the client computer system or unique to a user of the client computer system, wherein at least a portion of the digital signature is generated using a hash function that receives as input at least a unique client identifier for the client computer system to which the document is to be dispatched and a secret key known to the server computer system and to the client computer system;

c) for at least one of the original URLs, performing the following;

i) including the digital signature in the original URL to modify the original URL; and

ii) replacing the original URL in the document with the modified URL; and

d) initiating the transfer of the document with the modified URLs to the client computer system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Preparing a document for transmission over a network in a manner that increases the security of URLs included in the document. A server accesses a document that contains a number of URLs. For one or more of those URLs, the server calculates a digital signature that is unique to the intended recipient client, or unique to the user of the client. The server then modifies each of those URLs by including the digital signature in the URL. The document with the modified URLs in then transmitted over the network to the client. Thus, even if a sensitive URL is discovered, that modified URL is unique to the client only or to the user of the client only. Therefore, the damage that may be caused by an unauthorized user is limited to just that client or user.

Citations

26 Claims

1. In a network system that includes a server computer system and a client computer system, wherein the server computer system is capable of transmitting a document that contains Uniform Resource Locators (URLs) to the client computer system, a method of the server computer system dispatching the document to the client computer system in a manner that increases the security of one or more of the Uniform Resource Locators in the document even if the document is intercepted during transmission, the method comprising the following:
- a) obtaining a document that contains original URLs;
  
  b) calculating a digital signature that is unique to the client computer system or unique to a user of the client computer system, wherein at least a portion of the digital signature is generated using a hash function that receives as input at least a unique client identifier for the client computer system to which the document is to be dispatched and a secret key known to the server computer system and to the client computer system;
  
  c) for at least one of the original URLs, performing the following;
  
  i) including the digital signature in the original URL to modify the original URL; and
  
  ii) replacing the original URL in the document with the modified URL; and
  
  d) initiating the transfer of the document with the modified URLs to the client computer system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. A method in accordance with claim 1, wherein the original URLs are in conformance with the HyperText Transport Protocol (HTTP).
  - 3. A method in accordance with claim 1, wherein the original URLs are in conformance with the HyperText Transport Protocol Secure (HTTPS) protocol.
  - 4. A method in accordance with claim 1, wherein the original URLs are in conformance with the Wireless Application Protocol (WAP).
  - 5. A method in accordance with claim 1, wherein at least one of the original URLs in the document is associated with services offered by the server computer system.
  - 6. A method in accordance with claim 1, wherein at least one of the original URLs in the document is associated with services offered by other server computer systems in the network system.
  - 7. A method in accordance with claim 1, further comprising the following:
    - receiving a request for service that includes one of the modified URLs;
      
      identifying a requestor based on the digital signature included in the modified URL; and
      
      tailoring the service based on the identification of the requestor.
  - 8. A method in accordance with claim 1, further comprising the following:
    - determining which of the original URLs are to be modified.
  - 9. A method in accordance with claim 1, wherein including the digital signature further comprises the following:
    - including an identifier in the original URL to modify the original URL, wherein the identifier represents that the digital signature is contained in the modified URL.
  - 10. A method in accordance with claim 1, wherein including the digital signature further comprises the following:
    - including an identifier in the original URL to modify the original URL, wherein the identifier represents the location of the digital signature in the modified URL.
  - 11. A method in accordance with claim 1, wherein including the digital signature further comprises the following:
    - including a random bit sequence in the original URL to modify the original URL.
  - 12. A method in accordance with claim 1, wherein the hash function comprises the MD5 hash algorithm.
  - 13. A method in accordance with claim 1 wherein the hash function also receives as input an application name.
  - 14. A method in accordance with claim 1, wherein the unique client identifier comprises a serial number associated with the client computer system.
  - 15. A method in accordance with claim 1, wherein the hash function also receives as input a secret key.

16. A computer program product for use in a network system that includes a server computer system and a client computer system, wherein the server computer system is capable of transmitting a document that contains Uniform Resource Locators (URLs) to the client computer system, the computer program product for implementing a method of the server computer system dispatching the document to the client computer system in a manner that increases the security of one or more of the Uniform Resource Locators in the document even if the document is intercepted during transmission, the computer program product comprising computer-readable media having stored thereon computer-executable instructions for performing the following:
- a) causing a document that contains original URLs to be accessed;
  
  b) calculating a digital signature that is unique to the client computer system or unique to a user of the client computer system, wherein at least a portion of the digital signature is generated using a hash function that receives as input at least a unique client identifier for the client computer system to which the document is to be dispatched and a secret key known to the server computer system and to the client computer system;
  
  c) for at least one of the original URLs, performing the following;
  
  i) including the digital signature in the original URL to modify the original URL; and
  
  ii) replacing the original URL in the document with the modified URL; and
  
  d) causing the document to be transferred with the modified URLs to the client computer system.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 17. A computer program product in accordance with claim 16, wherein the computer-readable media further includes thereon computer-executable instructions for performing the following:
    - detecting the receipt of a request for service that includes one of the modified URLs;
      
      identifying a requestor based on the digital signature included in the modified URL; and
      
      tailoring the service based on the identification of the requestor.
  - 18. A computer program product in accordance with claim 16, wherein the computer-readable media further includes thereon computer-executable instructions for performing the following:
    - determining which of the original URLs are to be modified.
  - 19. A computer program product in accordance with claim 16, wherein the computer-readable media further includes thereon computer-executable instructions for performing the following:
    - including an identifier in the original URL to modify the original URL, wherein the identifier represents that the digital signature is contained in the modified URL.
  - 20. A computer program product in accordance with claim 16, wherein the computer-executable instructions for including the digital signature further comprise computer-executable instructions for performing the following:
    - including an identifier in the original URL to modify the original URL, wherein the identifier represents the location of the digital signature in the modified URL.
  - 21. A computer program product in accordance with claim 16, wherein the computer-executable instructions for including the digital signature further comprise computer-executable instructions for performing the following:
    - including a random bit sequence in the original URL to modify the original URL.
  - 22. A computer program product in accordance with claim 16, wherein the hash function comprises the MD5 hash algorithm.
  - 23. A computer program product in accordance with claim 16, wherein the hash function also receives as input.
  - 24. A computer program product in accordance with claim 16, wherein the hash function also receives as input a serial number associated with the client computer system.
  - 25. A computer program product in accordance with claim 16, wherein the hash function also receives as input a secret key.

26. A server computer system in a network system that includes the server computer system and a client computer system, wherein the server computer system is capable of transmitting a document that contains Uniform Resource Locators (URLs) to the client computer system, the server computer system enabled to dispatch the document to the client computer system in a manner that increases the security of one or more of the Uniform Resource Locators in the document even if the document is intercepted during transmission, the server system comprising at least one computer processor and at least one computer-readable medium, the at least one computer-readable medium having stored thereon computer-executable instructions that, when executed, cause the at least one processor to perform the following:
- a) obtaining a document that contains original URLs;
  
  b) calculating a digital signature that is unique to the client computer system or unique to a user of the client computer system, wherein at least a portion of the digital signature is generated using a hash function that receives as input at least a unique client identifier for the client computer system to which the document is to be dispatched and a secret key known to the server computer system and to the client computer system;
  
  c) for at least one of the original URLs, performing the following;
  
  i) including the digital signature with the original URL to generate a modified URL; and
  
  ii) replacing the original URL in the document with the modified URL; and
  
  d) initiating the transfer of the document with the modified URLs to the client computer system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Graham, John C., Logue, Jay D.
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
Davis; Zachary A

Application Number

US09/861,329
Publication Number

US 20020174341A1
Time in Patent Office

2,818 Days
Field of Search

713/179, 713/162, 713/168, 713/176, 713/181, 713/201, 709/217, 709/229, 709223-225, 726/21, 726/4, 715/208
US Class Current

713/176
CPC Class Codes

H04L 63/123 received data contents, e.g...

Methods and systems for using digital signatures in uniform resource locators

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for using digital signatures in uniform resource locators

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links