Method and apparatus for encrypted communications to a secure server

US 7,673,329 B2
Filed: 02/22/2001
Issued: 03/02/2010
Est. Priority Date: 05/26/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method, comprising:

a first server receiving a request for a web page from a computer;

responsive to receiving the request, said first server retrieving said web page, wherein said web page includes a link referencing a first address;

said first server receiving a cookie in response to retrieving said web page, wherein the cookie specifies a first domain name;

said first server modifying said web page, wherein said modifying comprises modifying said link such that the modified link references a second address, wherein said second address includes an encrypted version of said first address;

said first server modifying said cookie, wherein modifying said cookie comprises replacing the first domain name with a domain name of said first server;

said first server sending said modified web page to said computer; and

said first server sending said modified cookie to said computer.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Encrypted communications to a secure server. A user at a terminal, communicatively coupled to the secure server by a secure link, can obtain web pages from web sites in a network, in encrypted form, via the secure link. Addresses associated with the web pages are altered to make it appear as if the web pages come from the secure server rather than from the web sites. Spoofing units may be used as alternative access points to the secure server, with the secure server sending the requested web pages directly to the terminal.

55 Citations

View as Search Results

32 Claims

1. A method, comprising:
- a first server receiving a request for a web page from a computer;
  
  responsive to receiving the request, said first server retrieving said web page, wherein said web page includes a link referencing a first address;
  
  said first server receiving a cookie in response to retrieving said web page, wherein the cookie specifies a first domain name;
  
  said first server modifying said web page, wherein said modifying comprises modifying said link such that the modified link references a second address, wherein said second address includes an encrypted version of said first address;
  
  said first server modifying said cookie, wherein modifying said cookie comprises replacing the first domain name with a domain name of said first server;
  
  said first server sending said modified web page to said computer; and
  
  said first server sending said modified cookie to said computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein said second address also includes a domain name, wherein said encrypted version of said first address is concatenated with said domain name.
  - 3. The method of claim 2,wherein said domain name is a name of a first domain, wherein the second address referenced by the modified link is an address in said first domain;
    - wherein said first address referenced by said link before said link is modified is an address in a second domain, wherein said second domain is different than said first domain.
  - 4. The method of claim 3, wherein the second domain is the domain that the second server is in.
  - 5. The method of claim 2,wherein said domain name is a first domain name;
    - wherein said request references said first server via a second domain name, wherein said second domain name is different than said first domain name.
  - 6. The method of claim 2, wherein said domain name is a domain name of said first server.
  - 7. The method of claim 2, wherein said first server is included in a first domain, wherein said request for said web page is received at said first server via a second domain, wherein said domain name in said second address is a name of the second domain.
  - 8. The method of claim 7, wherein a connection between said first server and the computer is a stateful connection, and wherein a connection between the computer and the second domain is a non-stateful connection.
  - 9. The method of claim 8, wherein the stateful connection is a Transmission Control Protocol/Internet Protocol (TCP/IP) connection.
  - 10. The method of claim 7, wherein a connection between said first server and the computer is a non-stateful connection, and wherein a connection between the computer and the second domain is a stateful connection.
  - 11. The method of claim 7, farther comprising:
    - a computer in the second domain stripping at least some data from the request prior to forwarding the request to said first sewer.
  - 12. The method of claim 1, wherein said link is implemented in computer code written in a markup language, wherein modifying said link comprises modifying said computer code.
  - 13. The method of claim 1, wherein said link is implemented in computer code including dynamic hypertext markup language (DHTML) code, wherein modifying said link comprises modifying said DHTML code.
  - 14. The method of claim 1, wherein said web page also includes a function operable to access a third address in a first domain;
    - wherein modifying said web page further comprises modifying said function such that the modified function is operable to access a fourth address in a second domain, wherein said second domain is different than said first domain.
  - 15. The method of claim 14, wherein modifying said function includes:
    - appending a prefix to the second address to form the third address, wherein the prefix includes a name of the second domain name.
  - 16. The method of claim 14, wherein the first domain is the domain that the second server is in.
  - 17. The method of claim 1,wherein the cookie also specifies a pathname;
    - wherein modifying the cookie further comprises replacing the original pathname with a new pathname.
  - 18. The method of claim 1,wherein the cookie also includes a first variable name;
    - wherein modifying the cookie further comprises replacing the first variable name with a second variable name, wherein at least a portion of the second variable name is encrypted.
  - 19. The method of claim 1, wherein communications between said computer and said first server are performed using an encrypted connection.
  - 20. The method of claim 1, wherein the first domain name specified by the cookie before the cookie is modified is a name of the domain that the second server is in.

21. A machine-readable storage medium, including program instructions executable to:
- receive at a first server, a request from a computer for a web page;
  
  responsive to receiving the request, retrieve said web page to said first sewer, wherein said web page includes a link referencing a first address;
  
  receive a cookie in response to retrieving said web page, wherein the cookie specifies a first domain name;
  
  modify said web page at said first server, wherein said modifying comprises modifying said link such that the modified link references a second address, wherein said second address includes an encrypted version of said first address;
  
  modify the cookie by replacing the first domain name with a domain name of the first server;
  
  send said modified web page from said first server to said computer; and
  
  send said modified cookie from said first server to said computer.
- View Dependent Claims (22, 23, 24, 25, 26, 27)
- - 22. The machine-readable storage medium of claim 21, wherein said second address also includes a domain name, wherein said encrypted version of said first address is concatenated with said domain name.
  - 23. The machine-readable storage medium of claim 22,wherein said domain name is a name of a first domain, wherein the second address referenced by the modified link is an address in said first domain;
    - wherein said first address referenced by said link before said link is modified is an address in a second domain, wherein said second domain is different than said first domain.
  - 24. The machine-readable storage medium of claim 23, wherein the second domain is the domain that the second server is in.
  - 25. The machine-readable storage medium of claim 22, wherein said domain name is a domain name of said first server.
  - 26. The machine-readable storage medium of claim 22, wherein said first server is included in a first domain, wherein said request for said web page is received at said first server via a second domain, wherein said domain name in said second address is a name of the second domain.
  - 27. The machine-readable storage medium of claim 21, wherein the request is received from the computer using an encrypted connection.

28. A first server system comprising:
- one or more processors; and
  
  memory storing program instructions executable by the one or more processors to;
  
  receive a request for a web page from a client computer;
  
  responsive to receiving the request, retrieve said web page, wherein said web page includes a link referencing a first address;
  
  receive a cookie in response to retrieving said web page, wherein the cookie specifies a first domain name;
  
  modify said web page, wherein said modifying comprises modifying said link such that the modified link references a second address, wherein said second address includes an encrypted version of said first address;
  
  modify the cookie, wherein modifying the cookie comprises replacing the first domain name with a domain name of the first server system;
  
  send said modified web page to said client computer;
  
  send said modified cookie to said client computer.
- View Dependent Claims (29, 30, 31, 32)
- - 29. The first server system of claim 28, wherein said second address also includes a domain name, wherein said encrypted version of said first address is concatenated with said domain name.
  - 30. The first server system of claim 29, wherein said domain name is a domain name of said first server system.
  - 31. The first server system of claim 28,wherein said domain name is a name of a first domain, wherein the second address referenced by the modified link is an address in said first domain;
    - wherein said first address referenced by said link before said link is modified is an address in a second domain, wherein said second domain is different than said first domain.
  - 32. The first server system of claim 31, wherein the second domain is the domain that the second server system is in.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Hormuzdiar, James Noshir, Hui Hsu, Stephen Dao
Primary Examiner(s)
Korzuch; William R
Assistant Examiner(s)
Moorthy; Aravind K

Application Number

US09/792,226
Publication Number

US 20040230820A1
Time in Patent Office

3,295 Days
Field of Search

713/200, 713/150, 713/153, 713/201
US Class Current

726/6
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/0407   wherein the identity of one...

H04L 63/0428   wherein the data content is...

H04L 67/01   Protocols

Method and apparatus for encrypted communications to a secure server

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

55 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for encrypted communications to a secure server

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links