System for verifying a client request
First Claim
1. A security gateway coupled between clients and servers of a data processing system, comprising:
- an evaluator for evaluating transmissions between said clients and servers and for identifying informational content and application programming logic included within each transmission;
a simulator for simulating a processing environment for executing said application programming logic of said transmissions, said simulator including an enumeration engine for triggering events and identifying user-definable inputs to said application programming logic, said simulator providing a list of allowable actions and user-definable input values to said actions; and
a filter for receiving transmissions including user-requested actions and input, comparing said user-requested actions and input to said list of allowable actions and user-definable input values, and passing through said security gateway transmissions having user-requested actions and inputs within said list of allowable actions and input values.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method are presented for authorizing execution of requested actions transmitted between clients and servers of a data processing system. The method includes receiving a message including a set of actions and simulating execution of the set of actions. A list representing allowable actions and user-definable inputs to the simulated actions is defined. The list of allowable actions and user-definable inputs to the allowable action is then compared to user-requested actions and inputs. When elements within the user-requested actions and inputs are included in the allowable actions and input list, the user-requested actions and inputs are authorized for execution.
-
Citations
9 Claims
-
1. A security gateway coupled between clients and servers of a data processing system, comprising:
-
an evaluator for evaluating transmissions between said clients and servers and for identifying informational content and application programming logic included within each transmission; a simulator for simulating a processing environment for executing said application programming logic of said transmissions, said simulator including an enumeration engine for triggering events and identifying user-definable inputs to said application programming logic, said simulator providing a list of allowable actions and user-definable input values to said actions; and a filter for receiving transmissions including user-requested actions and input, comparing said user-requested actions and input to said list of allowable actions and user-definable input values, and passing through said security gateway transmissions having user-requested actions and inputs within said list of allowable actions and input values. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A security gateway coupled between clients and servers of a data processing system, comprising:
-
a simulator for simulating a processing environment for executing application programming logic included within transmissions between said clients and servers, said simulator including an enumeration engine for triggering events and identifying user-definable inputs to said application programming logic, said simulator providing a list of allowable actions and user-definable input values to said actions; and a filter for receiving transmissions including user-requested actions and input, comparing said user-requested actions and input to said list of allowable actions and user-definable input values, and passing through said security gateway transmissions having user-requested actions and inputs within said list of allowable actions and input values.
-
Specification