Method and system for establishing the identity of an originator of computer transactions
First Claim
1. A method of identifying the originator of a message transmitted between a client and a server system, said method comprising the steps of:
- modifying a message to be transmitted during a session between a client and a server system to include a session identification flag and a session identifier corresponding to an originator of the session on the server system and allowing the originator of the session to be uniquely identified among originators of sessions on the server system;
transmitting the message between the client and the server system;
checking the transmitted message for the session identification flag;
determining, in response to matching the session identification flag with a predefined value, that a valid session identifier has been included as a new portion of the transmitted message during the modification, the new portion available for extraction at a pre-established location within the transmitted message; and
extracting the session identifier of the transmitted message at the pre-established location to determine the originator of the message,wherein if the appended session identifier in the transmitted message is not valid, processing the transmitted communication packet according to one or more predetermined rules for transmitted packets without valid session identifiers.
9 Assignments
0 Petitions
Accused Products
Abstract
A method of identifying the originator of a message transmitted between a client and a server system is provided. The method includes modifying a message to be transmitted between a client and a server system to include a session identification flag and/or a session identifier 500 (e.g., at an end of the message). The method optionally includes one or more of the steps of re-computing a control portion of the message to reflect the inclusion of the session identification flag and the session identifier 502, transmitting the message between the client and the server system 504, and checking the transmitted message for the session identification flag 506, reading the session identifier of the transmitted message to determine the originator of the message 508, removing the session identification flag and/or the session identifier from the transmitted message 510, and re-computing the control portion of the message to reflect the removal of the session identification flag and/or the session identifier 512.
-
Citations
20 Claims
-
1. A method of identifying the originator of a message transmitted between a client and a server system, said method comprising the steps of:
-
modifying a message to be transmitted during a session between a client and a server system to include a session identification flag and a session identifier corresponding to an originator of the session on the server system and allowing the originator of the session to be uniquely identified among originators of sessions on the server system; transmitting the message between the client and the server system; checking the transmitted message for the session identification flag; determining, in response to matching the session identification flag with a predefined value, that a valid session identifier has been included as a new portion of the transmitted message during the modification, the new portion available for extraction at a pre-established location within the transmitted message; and extracting the session identifier of the transmitted message at the pre-established location to determine the originator of the message, wherein if the appended session identifier in the transmitted message is not valid, processing the transmitted communication packet according to one or more predetermined rules for transmitted packets without valid session identifiers. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method of identifying the originator of a communication packet transmitted between a client and a server in a client/server system, said method comprising the steps of:
-
appending a session identifier and a security tag to the communication packet, the session identifier uniquely identifying the client in the client/server system; determining, in response to matching the security tag with a predefined value, that a valid session identifier has been appended to form a new portion of the communication packet, the session identifier available for extraction at a pre-established location within the communication packet ; and extracting the session identifier from the pre-established location to determine the originator of the transmitted communication packet, wherein if the session identifier in the transmitted message is not valid, processing the transmitted communication packet according to one or more predetermined rules for transmitted packets without valid session identifiers. - View Dependent Claims (7, 8, 9, 10, 11, 12)
-
-
13. A computer system for identifying the originator of a message, comprising
a server; - and
a client operationally connected to the server, the client and server being configured to transmit one or more messages there between during a session, each of the messages to be transmitted being modified by one of the client or the server to include a session identification flag and a session identifier. the client and server being further configured such that; the modified message is transmitted to the remaining one of the client and the server; the session identification flag of the transmitted message is checked by the remaining one of the client and the server to validate the session identifier; the remaining one of the client and the server determines, in response to matching the session identification flag with a predefined value, that a valid session identifier has been included as a new portion of the transmitted message during the modification, the new portion available for extraction at a pre-established location within the transmitted message; and the session identifier of the transmitted message is extracted from the pre-established location to determine the originator of the transmitted message, the session identifier corresponding to an originator of a session on the server system and allowing the originator of the session to be uniquely identified among originators of sessions on the server system, wherein if the session identifier in the transmitted message is not valid, processing the transmitted communication packet according to one or more predetermined rules for transmitted packets without valid session identifiers. - View Dependent Claims (14, 15, 16, 17, 18)
- and
-
19. A non-transitory computer readable storage medium including computer program instructions which cause a computer system including at least a client and a server to implement a method of identifying the originator of a message transmitted between the client and the server, said method comprising the steps of:
-
modifying a message to be transmitted during a session between the client and the server to include a session identification flag and a session identifier, the session identifier being assigned corresponding to the originator of the session on the server system and allowing the originator of the session to be uniquely identified among originators of sessions on the server system; re-computing a control portion of the message to reflect the inclusion of the session identification flag and the session identifier; transmitting the message between the client and the server; checking the transmitted message for the session identification flag; determining, in response to matching the session identification flag with a predefined value, that a valid session identifier has been included as a new portion of the transmitted message during the modification, the new portion available for extraction at a pre-established location within the transmitted message; extracting the session identifier of the transmitted message from the pre-established location to determine the originator of the message; removing the session identification flag and the session identifier from the transmitted message; and re-computing the control portion of the message to reflect the removal of the session identification flag and the session identifier.
-
-
20. A method of identifying the originator of a message transmitted between a client and a server, comprising:
-
modifying, by a processor, a message to be transmitted during a session between a client and a server to include a session identification flag and a session identifier, the session identifier being assigned corresponding to the originator of the session on the server system and allowing the originator of the session to be uniquely identified among originators of sessions on the server system; re-computing, by the processor, a control portion of the message to reflect the inclusion of the session identification flag and the session identifier; transmitting the message between the client and the server; checking the transmitted message for the session identification flag; determining, in response to matching the session identification flag with a predefined value, that a valid session identifier has been included as a new portion of the transmitted message during the modification, the new portion available for extraction at a pre-established location within the transmitted message; extracting the session identifier of the transmitted message from the pre-established location to determine the originator of the message; removing the session identification flag and the session identifier from the transmitted message; and re-computing, by the processor, the control portion of the message to reflect the removal of the session identification flag and the session identifier.
-
Specification