Secure HTML components for building client-side user interface

US 8,839,126 B1
Filed: 06/17/2009
Issued: 09/16/2014
Est. Priority Date: 06/17/2009
Status: Active Grant

First Claim

Patent Images

1. A method performed by a server device, the method comprising:

receiving, at the server device, a request from a browser operating on a client, the request including data to identify the client and respective versions associated with components of an application provided through the browser, the client being associated with a private key;

determining, by the server device and based on the request, that an updated version of a component, of the plurality of components, is available;

determining, by the server device and based on the request, that the client has most recent versions of other components, of the plurality of components of the application, that differ from the component;

retrieving, by the server device, data associated with the updated version of the component, the retrieving of the data including;

comparing the version of the component, associated with the client, with the updated version of the component to produce comparison results,selecting, based on the comparison results, one of a plurality of data files, each of the plurality of data files being associated with upgrading a respective different version of the component to the updated version of the component, andretrieving the selected data file, other data files of the plurality of data files not being retrieved;

signing, by the server device, the data associated with the updated version of the component, with a signature, the signature being based on the data included in the request, the signature enabling the browser to verify the data associated with the updated version using the private key; and

providing, by the server device, the signed data associated with the updated version of the component to the client, data associated with the other components not being provided to the client device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method performed by a server device includes receiving a request from a client, the request including data to identify a component of a graphical user interface (GUI) application; and determining that an updated version of the component is available. The method also includes retrieving, from a memory associated with the server device, the updated version of the component and providing the updated version of the component to the client.

25 Citations

View as Search Results

22 Claims

1. A method performed by a server device, the method comprising:
- receiving, at the server device, a request from a browser operating on a client, the request including data to identify the client and respective versions associated with components of an application provided through the browser, the client being associated with a private key;
  
  determining, by the server device and based on the request, that an updated version of a component, of the plurality of components, is available;
  
  determining, by the server device and based on the request, that the client has most recent versions of other components, of the plurality of components of the application, that differ from the component;
  
  retrieving, by the server device, data associated with the updated version of the component, the retrieving of the data including;
  
  comparing the version of the component, associated with the client, with the updated version of the component to produce comparison results,selecting, based on the comparison results, one of a plurality of data files, each of the plurality of data files being associated with upgrading a respective different version of the component to the updated version of the component, andretrieving the selected data file, other data files of the plurality of data files not being retrieved;
  
  signing, by the server device, the data associated with the updated version of the component, with a signature, the signature being based on the data included in the request, the signature enabling the browser to verify the data associated with the updated version using the private key; and
  
  providing, by the server device, the signed data associated with the updated version of the component to the client, data associated with the other components not being provided to the client device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, where the request further includes additional data that includes one or more of:
    - respective identifiers associated with the components;
      
      respective version indicators of the components;
      
      a version indicator of the application;
      
      orinformation identifying a location associated with the client,the selecting of the data file, from the plurality of data files, being further based on the additional data.
  - 3. The method of claim 1, where the component includes binary code, and where the data associated with the updated version of the component includes at least one of:
    - mark-up language code;
      
      orscript language code.
  - 4. The method of claim 3, where the data associated with the updated version of the component includes the mark-up language code, andwhere the mark-up language code includes hypertext markup language (HTML).
  - 5. The method of claim 3, where the data associated with the updated version of the component includes the script language code, andwhere the script language code includes JavaScript code.
  - 6. The method of claim 1, where providing the signed data associated with the updated version of the component includes:
    - sending the signed data associated with the updated version of the component to the client using hypertext transfer protocol secure (HTTPS).
  - 7. The method of claim 1,where determining that the updated version of the component is available includes:
    - comparing the version, associated with the component of the application, to information in a directory of component updates, anddetermining, based on the comparison, that the updated version of the component is available.
  - 8. The method of claim 1, where retrieving the data associated with the updated version of the component includes:
    - selecting, based on the data in the request, a component database from a plurality of component databases; and
      
      retrieving the updated version of the component from the selected component database.
  - 9. The method of claim 1, where:
    - the data associated with the updated version of the component includes hypertext markup language (HTML), andthe signature is included as an HTML comment in the data associated with the updated version of the component.

10. A system, comprising:
- a memory to store a plurality of instructions; and
  
  a processor to execute instructions in the memory to;
  
  receive a request from a browser operating on a client, the request including data identifying a plurality of components for an application installed on the client, the client being associated with a private key,determine, based on the request, that an updated version of a particular component, of the plurality of components, is available,determine, based on the request, that the client has most recent versions of other components, of the plurality of components of the application, that differ from the component,retrieve data associated with the updated version of the particular component, the processor, when retrieving of the data, being further to;
  
  compare the version of the component, associated with the client, with the updated version of the component to produce comparison results,select, based on the comparison results, one of a plurality of data files, each of the plurality of data files being associated with upgrading a respective different version of the component to the updated version of the component, andretrieve the selected data file, other data files of the plurality of data files not being retrieved,append a cryptographic signature to the data associated with the updated version of the particular component, the cryptographic signature enabling the browser to verify the data associated with the updated version using the private key, andprovide, to the client, the signed data associated with the updated version of the particular component with the cryptographic signature without providing, to the client, data associated with the other components.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10, where the request further includes additional data that includes one or more of:
    - respective identifiers of the plurality of components;
      
      respective version indicator of the plurality of components;
      
      a unique identifier for the application;
      
      ora version indicator of the application,the processor being further to select the data file, from the plurality of data files, based on the additional data.
  - 12. The system of claim 10, where the data associated with the updated version of the particular component includes one or more of:
    - mark-up language code;
      
      script language code;
      
      style sheet language code;
      
      an image;
      
      ora plain text configuration file.
  - 13. The system of claim 10, where, when providing the data associated with the updated version of the particular component to the client, the processor executes instructions in the memory to:
    - send the signed data associated with the updated version of the particular component to the client using hypertext transfer protocol secure (HTTPS).
  - 14. The system of claim 10, where, when determining that the updated version of the particular component is available, the processor executes instructions in the memory to:
    - compare the data in the request with a directory of component updates to identify that the updated version of the particular component is available.
  - 15. The system of claim 10, where, when retrieving the data associated with the updated version of the particular component, the processor executes instructions in the memory to:
    - select, from a plurality of component databases, a component database that includes the updated version of the particular component; and
      
      retrieve the data associated with the updated version of the particular component from the selected component database.

16. A method performed by a server device, the method comprising:
- receiving, by the server device, a request from a client, the request including data identifying a plurality of components of an application rendered from binary code by the client, the client being associated with a private key;
  
  retrieving, by the server device and based on the request, data associated with an updated version of a component, of the plurality of components, the data associated with the updated version of the component including mark-up language code that can be rendered at the client to incorporate the updated version of the component into the application, the retrieving of the data including;
  
  comparing the version of the component, associated with the client, with the updated version of the component to produce comparison results,selecting, based on the comparison results, one of a plurality of data files, each of the plurality of data files being associated with upgrading a respective different version of the component to the updated version of the component, andretrieving the selected data file, other data files of the plurality of data files not being retrieved;
  
  signing, by the server device, the data associated with the updated version of the component with a signature, the signature being based on the data included in the request, the signature enabling the client to verify the data associated with the updated version using the private key; and
  
  sending, by the server device, the signed data associated with the updated version of the component, along with the signature, to the client, data associated with the other components not being sent to the client.
- View Dependent Claims (17, 18)
- - 17. The method of claim 16, further comprising:
    - comparing, by the server device, the data, to identify the version of the component of the application, with a directory of component updates; and
      
      determining, by the server device, whether the data associated with the updated version of the component is stored in a memory associated with the server device based on a result of the comparing.
  - 18. The method of claim 16, further comprising:
    - sending, by the server device, the data associated with the updated version of the component to the client using hypertext transfer protocol secure (HTTPS).

19. A non-transitory memory device comprising:
- one or more instructions which, when executed by a processor, cause the processor to receive a request from a browser operating on a client, the request including data identifying a plurality of components of an application associated with the browser, the client being associated with a private key;
  
  one or more instructions which, when executed by the processor, cause the processor to determine that an updated version of a particular component, of the plurality of components, is available;
  
  one or more instructions which, when executed by the processor, cause the processor to determine, based on the request, that the client has most recent versions of other components, of the plurality of components of the application, that differ from the component;
  
  one or more instructions which, when executed by the processor, cause the processor to retrieve data associated with the updated version of the particular component, the one or more instructions to retrieve the data including;
  
  one or more instructions to compare the version of the component, associated with the client, with the updated version of the component to produce comparison results,one or more instructions to select, based on the comparison results, one of a plurality of data files, each of the plurality of data files being associated with upgrading a respective different version of the component to the updated version of the component, andone or more instructions to retrieve only the selected data file;
  
  one or more instructions which, when executed by the processor, cause the processor to append a cryptographic signature to data associated with the updated version of the particular component, the cryptographic signature enabling the browser to verify data associated with the updated version using the private key; and
  
  one or more instructions which, when executed by the processor, cause the processor to provide, to the client, the data associated with the updated version of the particular component with the cryptographic signature, data associated with the other components not being provided to the client.
- View Dependent Claims (20, 21, 22)
- - 20. The non-transitory memory device of claim 19, where the request further includes additional data that include one or more of:
    - information identifying a location of the client;
      
      an identifier of the particular component;
      
      a version indicator of the particular component;
      
      a unique identifier for the application; and
      
      a version indicator of the application, andthe one or more instructions to select the data file further include;
      
      one or more instructions to select the data file, from the plurality of data files, further based on the additional data.
  - 21. The non-transitory memory device of claim 19, where the data associated with the updated version of the particular component further includes one or more of:
    - script language code;
      
      style sheet language code;
      
      an image;
      
      ora plain text configuration file.
  - 22. The non-transitory memory device of claim 19, where the one or more instructions to determine that an updated version of the particular component is available include:
    - one or more instructions to compare the data in the request with a directory of component updates to identify the particular component of the application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google Inc. (Alphabet Inc.)
Inventors
Tang, Na, Zhang, Ying, Hornung, Zelidrag, Sekhon, Yash
Primary Examiner(s)
Abdul-Ali, Omar
Assistant Examiner(s)
BHARGAVA, ANIL K

Application Number

US12/486,298
Time in Patent Office

1,917 Days
Field of Search

715/764
US Class Current

715/764
CPC Class Codes

G06F 21/51   at application loading time...

G06F 8/658   Incremental updates; Differ...

G06F 9/451   Execution arrangements for ...

Secure HTML components for building client-side user interface

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Secure HTML components for building client-side user interface

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links