Secure data exchange based on request destination

US 8,751,790 B2
Filed: 09/14/2012
Issued: 06/10/2014
Est. Priority Date: 06/01/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method comprising:

identifying a data request from a client application;

extracting, using at least one processor, a destination web site address from the data request;

based on capabilities of the destination web site, encrypting information based on a predetermined encryption method; and

sending the data request and the encrypted information directly to a web server associated with the web site address.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A data transfer method performed at a proxy server includes intercepting a data request from a client computer that is directed to a target server, encrypting profile information, augmenting the data request by adding the encrypted profile information to the data request, and sending the augmented data request to the target server. A data transfer method that is performed at an information server includes receiving a data request from a proxy server, extracting profile information added to the data request by the proxy server, using the extracted profile information to generate a response, and sending the response to the proxy server.

Citations

23 Claims

1. A method comprising:
- identifying a data request from a client application;
  
  extracting, using at least one processor, a destination web site address from the data request;
  
  based on capabilities of the destination web site, encrypting information based on a predetermined encryption method; and
  
  sending the data request and the encrypted information directly to a web server associated with the web site address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as recited in claim 1, further comprising querying a database to determine the capabilities of the destination web site.
  - 3. The method as recited in claim 2, further comprising:
    - identifying a first key based on the destination web site; and
      
      encrypting the information using the first key.
  - 4. The method as recited in claim 3, further comprising sending a second encrypted key to the web server along with the data request and the encrypted information.
  - 5. The method as recited in claim 2, further comprising sending a request to the web server for a key file.
  - 6. The method as recited in claim 5, further comprising:
    - receiving a first key from the web server; and
      
      using the first key to encrypt the information.
  - 7. The method as recited in claim 6, further comprising caching the first key subject to a time-to-live value.
  - 8. The method as recited in claim 1, wherein the information comprises profile information associated with a user of the client device.
  - 9. The method as recited in claim 1, wherein the client application comprises web browser.
  - 10. The method as recited in claim 1, further comprising receiving the request from a client device.

11. A system comprising:
- a non-transitory storage medium storing information associated with a user of a client application; and
  
  at least one processor programmed to;
  
  identify a data request from the client application;
  
  extract a destination web site address from the data request;
  
  encrypt the information associated with the user based on capabilities of the destination web site; and
  
  send the data request and the encrypted information directly to a web server associated with the web site address.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. The system as recited in claim 11, wherein the at least one processor is further programmed to query a database to determine the capabilities of the destination web site.
  - 13. The system as recited in claim 12, wherein the at least one processor is further programmed to:
    - identify a first key based on the destination web site; and
      
      encrypt the information using the first key.
  - 14. The system as recited in claim 13, wherein the at least one processor is further programmed to send a second encrypted key to the web server along with the data request and the encrypted information.
  - 15. The system as recited in claim 12, wherein the at least one processor is further programmed to send a key request to the web server.
  - 16. The system as recited in claim 15, wherein the at least one processor is further programmed to:
    - receive a key from the web server; and
      
      use the key to encrypt the information.
  - 17. The system as recited in claim 16, wherein the at least one processor is further programmed to cache the key subject to a time-to-live value.
  - 18. The system as recited in claim 11, wherein the information comprises profile information associated with a user of the client device.

19. A method comprising:
- identifying a data request from a client application;
  
  extracting, using at least one processor, a destination web site address from the data request;
  
  if the destination web site is capable of processing encrypted information;
  
  encrypting information based on a predetermined encryption method; and
  
  sending the data request and the encrypted information directly to a web server associated with the web site address; and
  
  if the destination web site is incapable of processing encrypted information;
  
  sending the data request without the encrypted information directly to the web server associated with the web site address.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The method as recited in claim 19, further comprising receiving the data request from a client device.
  - 21. The method as recited in claim 19, further comprising:
    - identifying a first key based on the destination web site; and
      
      encrypting the information using the first key.
  - 22. The method as recited in claim 21, further comprising sending a second encrypted key to the web server along with the data request and the encrypted information.
  - 23. The system as recited in claim 19, wherein the information comprises profile information associated with a user of the client device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Original Assignee
Meta Platforms, Inc. (f/k/a Facebook, Inc.)
Inventors
Harada, Larry T., Dolecki, Mark A., Purdum, Christopher S, Hendren, C. Hudson III
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
Nobahar, Abdulhakim

Application Number

US13/616,620
Publication Number

US 20130073693A1
Time in Patent Office

634 Days
Field of Search
US Class Current

713/153
CPC Class Codes

G06Q 20/3821   Electronic credentials

H04L 61/5007   Internet protocol [IP] addr...

H04L 63/0281   Proxies

H04L 63/04   for providing a confidentia...

H04L 63/0428   wherein the data content is...

H04L 63/0471   applying encryption by an i...

H04L 63/08   for authentication of entit...

H04L 67/02   based on web technology, e....

H04L 67/561   Adding application-function...

H04L 67/568   Storing data temporarily at...

Secure data exchange based on request destination

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Secure data exchange based on request destination

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links