Method and apparatus for encrypted communications to a secure server

US 8,065,520 B2
Filed: 02/27/2009
Issued: 11/22/2011
Est. Priority Date: 05/26/2000
Status: Expired due to Term

First Claim

Patent Images

1. An article of manufacture comprising a computer-readable memory medium having stored thereon program instructions executable on a first server in a first Internet domain to implement a method, the method comprising:

receiving a request originating from a client computer for a web page in a second Internet domain that is different from the first Internet domain, wherein the request is received at the first server in the first Internet domain and includes a URL that includes an encrypted address of the web page in the second Internet domain appended after an unencrypted form of a first address hosted by the first server;

decrypting the encrypted address of the web page;

in response to said decrypting, communicating with a second server in the second Internet domain to retrieve the web page from the second Internet domain; and

sending the retrieved web page to the client computer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An embodiment of the invention includes a secure server. A user at a terminal, communicatively coupled to the secure server by a secure link, can obtain web pages from web sites in a network, in encrypted form, via the secure link. Addresses associated with the web pages are altered to make it appear as if the web pages come from the secure server rather than from the web sites. Spoofing units may be used as alternative access points to the secure server, with the secure server sending the requested web pages directly to the terminal. In general, address rewriting and other manipulation can be performed on the requested web pages, such that the true sources of the web pages are disguised and such that subsequent communications from the terminal are directed to the secure server and/or spoofing unit, rather than to the true source of the web pages. Components of the user'"'"'s privacy may be sold, or advertisements may be provided, in exchange for protection of the user'"'"'s identity.

40 Citations

View as Search Results

20 Claims

1. An article of manufacture comprising a computer-readable memory medium having stored thereon program instructions executable on a first server in a first Internet domain to implement a method, the method comprising:
- receiving a request originating from a client computer for a web page in a second Internet domain that is different from the first Internet domain, wherein the request is received at the first server in the first Internet domain and includes a URL that includes an encrypted address of the web page in the second Internet domain appended after an unencrypted form of a first address hosted by the first server;
  
  decrypting the encrypted address of the web page;
  
  in response to said decrypting, communicating with a second server in the second Internet domain to retrieve the web page from the second Internet domain; and
  
  sending the retrieved web page to the client computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The article of manufacture of claim 1,wherein the retrieved web page includes one or more links pointing to the second Internet domain;
    - wherein the method further comprises;
      
      before sending the retrieved web page to the client computer, modifying the retrieved web page by modifying the one or more links to point to the first Internet domain instead of the second Internet domain.
  - 3. The article of manufacture of claim 1,wherein the retrieved web page includes scripting code operable to direct requests from the client computer to one or more additional Internet domains other than the first Internet domain;
    - wherein the program method further comprises;
      
      before sending the retrieved web page to the client computer, modifying the retrieved web page by modifying the scripting code to direct requests to the first Internet domain instead of the one or more additional Internet domains.
  - 4. The article of manufacture of claim 1,wherein the request received at the first server is addressed to the URL that includes the encrypted address of the web page in the second Internet domain appended after the unencrypted form of the first address hosted by the first server.
  - 5. The article of manufacture of claim 1,wherein the request from the client computer includes an IP address of the client computer;
    - wherein, in communicating with the second server in the second Internet domain, the first server does not provide the IP address of the client computer to the second server.
  - 6. The article of manufacture of claim 1, wherein the method further comprises:
    - receiving a cookie from the second server in the second Internet domain along with the retrieved web page; and
      
      blocking the cookie from being sent along with the retrieved web page to the client computer.
  - 7. The article of manufacture of claim 1, wherein the method further comprises:
    - receiving preference information from the client computer indicating which types of cookies are allowed to be passed to the client computer;
      
      receiving a particular cookie from the second server in the second Internet domain along with the retrieved web page; and
      
      blocking the particular cookie from being sent along with the retrieved web page to the client computer in response to determining that the preference information indicates that the particular cookie is not allowed to be passed to the client computer.
  - 8. The article of manufacture of claim 1, wherein the method further comprises:
    - receiving from the client computer a notification that a user of the client computer is finished web browsing; and
      
      in response to receiving the notification, transmitting instructions to the client computer to cause the client computer to perform one or more of;
      
      deleting stored cookies;
      
      deleting file history.
  - 9. The article of manufacture of claim 1, wherein the method further comprises:
    - establishing a digital identity of a user of the client computer;
      
      receiving a cookie from the second server in the second Internet domain along with the retrieved web page; and
      
      storing the cookie in a database at the first server in association with the digital identity of the user.
  - 10. The article of manufacture of claim 1,wherein said receiving the request from the client computer comprises receiving the request in an encrypted form via a secure communication protocol;
    - wherein the method further comprises decrypting the request in accordance with the secure communication protocol in response to receiving the request.
  - 11. The article of manufacture of claim 10,wherein the secure communication protocol is a Secure Sockets Layer (SSL) protocol.
  - 12. The article of manufacture of claim 1,wherein, in the URL, the encrypted address of the web page is separated from the unencrypted form of the first address by a forward slash character.

13. A server computer system comprising:
- a first server in a first Internet domain, wherein the first server includes;
  
  one or more processors; and
  
  memory storing program instructions;
  
  wherein the program instructions are executable by the one or more processors to implement;
  
  the first server receiving a request originating from a client computer for a web page in a second Internet domain that is different from the first Internet domain, wherein the request includes a URL that includes an encrypted address of the web page in the second Internet domain appended after an unencrypted form of a first address hosted by the first server;
  
  the first server decrypting the encrypted address of the web page;
  
  in response to said decrypting, the first server communicating with a second server in the second Internet domain to retrieve the web page from the second Internet domain; and
  
  the first server sending the retrieved web page to the client computer.
- View Dependent Claims (14, 15, 16)
- - 14. The server computer system of claim 13,wherein the retrieved web page includes one or more links pointing to the second Internet domain;
    - wherein the program instructions are further executable by the one or more processors to implement;
      
      before sending the retrieved web page to the client computer, the first server modifying the retrieved web page by modifying the one or more links to point to the first Internet domain instead of the second Internet domain.
  - 15. The server computer system of claim 13,wherein the retrieved web page includes scripting code operable to direct requests from the client computer to one or more additional Internet domains other than the first Internet domain;
    - wherein the program instructions are further executable by the one or more processors to implement;
      
      before sending the retrieved web page to the client computer, the first server modifying the retrieved web page by modifying the scripting code to direct requests to the first Internet domain instead of the one or more additional Internet domains.
  - 16. The server computer system of claim 13, wherein the program instructions are further executable by the one or more processors to implement:
    - the first server receiving a cookie from the second server in the second Internet domain along with the retrieved web page; and
      
      the first server blocking the cookie from being sent along with the retrieved web page to the client computer.

17. A method comprising:
- a first server in a first Internet domain receiving a request originating from a client computer for a web page in a second Internet domain that is different from the first Internet domain, wherein the request includes a URL that includes an encrypted address of the web page in the second Internet domain appended after an unencrypted form of a first address hosted by the first server;
  
  the first server decrypting the encrypted address of the web page;
  
  in response to said decrypting, the first server communicating with a second server in the second Internet domain to retrieve the web page from the second Internet domain; and
  
  the first server sending the retrieved web page to the client computer.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17,wherein the retrieved web page includes one or more links pointing to the second Internet domain;
    - wherein the method further comprises;
      
      before sending the retrieved web page to the client computer, the first server modifying the retrieved web page by modifying the one or more links to point to the first Internet domain instead of the second Internet domain.
  - 19. The method of claim 17,wherein the retrieved web page includes scripting code operable to direct requests from the client computer to one or more additional Internet domains other than the first Internet domain;
    - wherein the method further comprises;
      
      before sending the retrieved web page to the client computer, the first server modifying the retrieved web page by modifying the scripting code to direct requests to the first Internet domain instead of the one or more additional Internet domains.
  - 20. The method of claim 17, further comprising:
    - the first server receiving a cookie from the second server in the second Internet domain along with the retrieved web page; and
      
      the first server blocking the cookie from being sent along with the retrieved web page to the client computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Chun, Jon A, Hsu, Stephen Dao Hui, Hormuzdiar, James Noshir
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Tran; Tongoc

Application Number

US12/395,561
Publication Number

US 20090199000A1
Time in Patent Office

998 Days
Field of Search

713/162, 713/150, 713/153, 713/155, 713/160, 713/169, 705/74, 705/78
US Class Current

713/162
CPC Class Codes

G06Q 20/0855   involving a third party

G06Q 20/383   Anonymous user system

H04L 63/0281   Proxies

H04L 63/0407   wherein the identity of one...

H04L 63/0428   wherein the data content is...

H04L 67/01   Protocols

Method and apparatus for encrypted communications to a secure server

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for encrypted communications to a secure server

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links