Enforcing communication security for selected resources

US 8,195,818 B2
Filed: 06/22/2009
Issued: 06/05/2012
Est. Priority Date: 06/22/2009
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform a process that identifies and provides selected secure resources, the process comprising:

receiving a first request over a non-secure socket from a client computer;

determining whether a resource listed within a web page that is requested in the first request by the client computer requires a secure connection based on a type of the resource that is requested;

when the resource requires the secure connection, sending a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“

HTTPS”

) scheme and a Location directive;

receiving a second request from the client computer for the resource over the secure socket; and

providing the requested resource to the client over the secure socket.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure resource enforcer is configured to identify and provide selected secure resources. The secure resource enforcer includes a determining module configured to determine whether a resource of a web page that is requested in a first request by a client computer requires a secure connection based on a type of the resource that is requested. The secure resource enforcer also includes a redirecting module configured to redirect the client computer to a secure socket for the resource when the resource requires the secure connection. The secure resource enforcer further includes a receiving module configured to receive a second request from the client for the resource over the secure socket and a secure resource providing module configured to provide the requested resource to the client over the secure socket.

19 Citations

View as Search Results

14 Claims

1. A non-transitory computer readable medium having instructions stored thereon that, when executed by a processor, cause the processor to perform a process that identifies and provides selected secure resources, the process comprising:
- receiving a first request over a non-secure socket from a client computer;
  
  determining whether a resource listed within a web page that is requested in the first request by the client computer requires a secure connection based on a type of the resource that is requested;
  
  when the resource requires the secure connection, sending a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
  
  HTTPS”
  
  ) scheme and a Location directive;
  
  receiving a second request from the client computer for the resource over the secure socket; and
  
  providing the requested resource to the client over the secure socket.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer readable medium of claim 1, wherein there is no indication in the web page that the resource is to be obtained via a secure communication.
  - 3. The computer readable medium of claim 1, wherein the web page comprises a HyperText Transfer Protocol (“
    - HTML”
      
      ) file and the requested resource is designated in the HTML file.
  - 4. The computer readable medium of claim 1, the process further comprising:
    - controlling the processor to listen on the secure socket and to enable Secure sockets Layer (“
      
      SSL”
      
      ) on the secure socket.
  - 5. The computer readable medium of claim 1, wherein resources that are to be provided via a secure connection are designated by a secure command of a virtual host configuration file of an application server.
  - 6. The computer readable medium of claim 5, wherein the secure command of the virtual host configuration file of the application server is set by a web administrator.

7. An apparatus, comprising:
- a processor; and
  
  memory comprising a secure resource enforcer configured to identify and provide selected secure resources, the secure resource enforcer comprisinga receiving module configured to receive a first request over a non-secure socket from a client computer;
  
  a determining module configured to determine whether a resource listed within a web page that is requested in the first request by the client computer requires a secure connection based on a type of the resource that is requested;
  
  a redirecting module configured, when the resource requires the secure connection, to send a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
  
  HTTPS”
  
  ) scheme and a Location directive;
  
  a receiving module configured to receive a second request from the client computer for the resource over the secure socket; and
  
  a secure resource providing module configured to provide the requested resource to the client over the secure socket.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The apparatus of claim 7, wherein there is no indication in the web page that the resource is to be obtained via a secure communication.
  - 9. The apparatus of claim 7, wherein resources that are to be provided via a secure connection are designated by a secure command of a virtual host configuration file of an application server.
  - 10. The apparatus of claim 7, wherein the web page comprises a HyperText Transfer Protocol (“
    - HTML”
      
      ) file and the requested resource is designated in the HTML file.
  - 11. The apparatus of claim 7, wherein the processor is configured to listen on the secure socket and to enable Secure sockets Layer (“
    - SSL”
      
      ) on the secure socket.

12. A computer-implemented method that identifies and provides selected secure resources, comprising:
- receiving a first request from a client computer for a resource listed within a single HTML web file over a non-secure socket;
  
  determining whether the resource listed within the web file requires a secure connection based on a type of the resource that the client computer requested;
  
  when the resource requires the secure connection,sending a redirect to the client computer with respect to the resource, the redirect causing the client computer to send a second request over a secure socket using a HyperText Transfer Protocol Secure (“
  
  HTTPS”
  
  ) scheme and a Location directive,receiving a second request from the client computer for the resource over the secure socket, andproviding the requested resource to the client computer over the secure socket; and
  
  when the resource does not require the secure connection, providing the resource to the client computer over the non-secure socket.
- View Dependent Claims (13, 14)
- - 13. The computer-implemented method of claim 12, wherein there is no indication in the web page that the resource is to be obtained via a secure communication.
  - 14. The computer-implemented method of claim 12, wherein resources that are to be provided via a secure connection are designated by a secure command of a virtual host configuration file of an application server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Srinivasan, Suresh, Shukla, Amitabh
Primary Examiner(s)
Neurauter, George C

Application Number

US12/489,007
Publication Number

US 20100325294A1
Time in Patent Office

1,079 Days
Field of Search

709/203, 709/219, 709/229, 726/30
US Class Current

709/229
CPC Class Codes

H04L 63/168 above the transport layer

Enforcing communication security for selected resources

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Enforcing communication security for selected resources

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links