Method and apparatus for cookie anonymization and rejection
First Claim
1. A computer-implemented method comprising:
- receiving a cookie included in a data stream transmitted from a source device intended for a destination device by an intercepting device other than the source device and the destination device, not otherwise required for transmission of the data stream from the source device to the destination device and collocated with the source device in a network at a location in a data path between the source device and the destination device before the data stream leaves the network;
performing a lexical analysis of the cookie included in the data stream to determine state information associated with the cookie;
inspecting context and content of the cookie included in the data stream;
creating a cookie fingerprint based on the context and the content of the cookie included in the data stream;
determining whether the context and the content of the cookie included in the data stream requires transformation of the state information associated with the cookie according to a determination of whether the cookie fingerprint matches a target allowance according to a policy;
performing a transformation on the state information associated with the cookie according to the determination to generate a transformed cookie as part of a transformed data stream; and
forwarding the transformed data stream out of the network toward the destination device.
9 Assignments
0 Petitions
Accused Products
Abstract
Example embodiments of the present invention provide a method, an apparatus and a computer program product for cookie anonymization and rejection. The method includes receiving a cookie included in a data stream transmitted from a source intended for a destination. A lexical analysis of the cookie included in the data stream is then performed to determine state information associated with the cookie. The state information associated with the cookie then may be forwarded to the destination according to the lexical analysis. Example embodiments of the present invention specifically targets cookies and beacons that flow through a system, and historically track cookie and beacon traffic in order to perform drill-down inspection on the contents. This inspection allows for detection of sensitive information such as credit cards, location, and any other personal info, as well as the potential presence of malware which is performing unusual behavior within the private system.
355 Citations
19 Claims
-
1. A computer-implemented method comprising:
-
receiving a cookie included in a data stream transmitted from a source device intended for a destination device by an intercepting device other than the source device and the destination device, not otherwise required for transmission of the data stream from the source device to the destination device and collocated with the source device in a network at a location in a data path between the source device and the destination device before the data stream leaves the network; performing a lexical analysis of the cookie included in the data stream to determine state information associated with the cookie; inspecting context and content of the cookie included in the data stream; creating a cookie fingerprint based on the context and the content of the cookie included in the data stream; determining whether the context and the content of the cookie included in the data stream requires transformation of the state information associated with the cookie according to a determination of whether the cookie fingerprint matches a target allowance according to a policy; performing a transformation on the state information associated with the cookie according to the determination to generate a transformed cookie as part of a transformed data stream; and forwarding the transformed data stream out of the network toward the destination device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus comprising:
-
a receiver configured to receive a cookie included in a data stream transmitted from a source device intended for a destination device, the apparatus comprising an intercepting device other than the source device and the destination device, not otherwise required for transmission of the data stream from the source device to the destination device and collocated with the source device in a network at a location in a data path between the source device and the destination device before the data stream leaves the network; a lexical analysis engine configured to perform a lexical analysis of the cookie included in the data stream to determine state information associated with the cookie; an inspection module configured to inspect context and content of the cookie included in the data stream and create a cookie fingerprint based on the context and the content of the cookie included in the data stream; an analysis module configured to determine whether the context and the content of the cookie included in the data stream requires transformation of the state information associated with the cookie according to a determination of whether the cookie fingerprint matches a target allowance according to a policy; a transformation module configured to perform a transformation on the state information associated with the cookie according to the determination to generate a transformed cookie as part of a transformed data stream; and a dispatcher configured to forward the transformed data stream out of the network toward the destination device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product including a non-transitory computer-readable storage medium encoded with computer-program code that, when executed on a processor of a computer, causes the computer to perform a lexical analysis of a cookie included in a data stream to determine state information associated with the cookie, the computer program product comprising:
-
computer program code for receiving the cookie included in the data stream transmitted from a source device intended for a destination device, the computer comprising an intercepting device other than the source device and the destination device, not otherwise required for transmission of the data stream from the source device to the destination device and collocated with the source device in a network at a location in a data path between the source device and the destination device before the data stream leaves the network; computer program code for performing a lexical analysis of the cookie included in the data stream to determine state information associated with the cookie; computer program code for inspecting context and content of the cookie included in the data stream; computer program code for creating a cookie fingerprint based on the context and the content of the cookie included in the data stream; computer program code for determining whether the context and the content of the cookie included in the data stream requires transformation of the state information associated with the cookie according to a determination of whether the cookie fingerprint matches a target allowance according to a policy; computer program code for performing a transformation on the state information associated with the cookie according to the determination to generate a transformed cookie as part of a transformed data stream; and computer program code forwarding the transformed data stream out of the network toward the destination device.
-
Specification