Systems and methods for intercepting, processing, and protecting user data through web application pattern detection
First Claim
Patent Images
1. A processor implemented method on a client device, the method comprising:
- receiving web application resources associated with a web application;
modifying the web application resources by adding methods at least some of which pertain to processing of user data of the web application; and
executing the modified web application resources on the client device;
wherein at least one added method that pertains to the processing of user data implements a security feature by intercepting user data without modifying control data for the web application, and replacing the user data with replacement data for the purpose of communicating with an external server, such that the external server is exposed to the replacement data but not the user data;
wherein the user data represents data entered by a user and control data is data specific to the web application that is necessary for its operation.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods of intercepting user data of a web application are provided. After web application resources are obtained for execution on a client device, methods that process user data of the web application are added to create modified web application resources. Certain runtime application calls are intercepted. This can be achieved by modifying the actual code to replace calls to certain functions with calls to the added methods, or by using overloading. The data processing may add data security functionality.
-
Citations
29 Claims
-
1. A processor implemented method on a client device, the method comprising:
-
receiving web application resources associated with a web application; modifying the web application resources by adding methods at least some of which pertain to processing of user data of the web application; and executing the modified web application resources on the client device; wherein at least one added method that pertains to the processing of user data implements a security feature by intercepting user data without modifying control data for the web application, and replacing the user data with replacement data for the purpose of communicating with an external server, such that the external server is exposed to the replacement data but not the user data; wherein the user data represents data entered by a user and control data is data specific to the web application that is necessary for its operation. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A processor implemented method of processing data on a client device, the method comprising:
-
i) in respect of outgoing user data; a) tokenizing the data to produce tokenized data and returning the tokenized data; b) transmitted the tokenized data in place of the outgoing user data;
such that an external server is exposed to the replacement data but not the user data;c) encrypting the user data using a public key of a public and private key pair to produce encrypted user data; d) creating a mapping between the encrypted user data and the tokenized data; the security feature processes incoming data by; ii) in respect of incoming data; e) extracting tokenized data; f) demapping the tokenized data to obtain corresponding encrypted data; g) decrypting the encrypted data using a private key of the public and private key pair to produce cleartext data; h) returning cleartext data; wherein the user data represents data entered by a user, the tokenizing being performed without relying on any external server or proxy. - View Dependent Claims (21, 22, 23)
-
-
24. A non-transitory computer readable storage medium having computer executable instructions stored thereon that when executed by a client device cause the computer to perform a method comprising:
-
receiving web application resources associated with a web application; modifying the web application resources by adding methods at least some of which pertain to processing of user data of the web application; and executing the modified web application resources on the client device; wherein at least one added method that pertains to the processing of user data implements a security feature by intercepting user data without modifying control data for the web application, and replacing the user data with replacement data for the purpose of communicating with an external server, such that the external server is exposed to the replacement data but not the user data; wherein the user data represents data entered by a user and control data is data specific to the web application that is necessary for its operation.
-
-
25. A system comprising:
-
a processor; memory; at least one user interface; an application runtime with user data interception and processing for execution by the processor configured to receive web application resources executable on the application runtime, and modify the web application resources by adding methods at least some of which pertain to processing of user data, and to execute the modified web application resources on the client device; wherein at least one added method that pertains to the processing of user data implements a security feature by intercepting user data without modifying control data for the web application, and replacing the user data with replacement data for the purpose of communicating with an external server, such that the external server is exposed to the replacement data but not the user data; wherein the user data represents data entered by a user and control data is data specific to the web application that is necessary for its operation. - View Dependent Claims (26, 27, 28, 29)
-
Specification