Defenses against use of tainted cache
First Claim
1. A method of using a browser cache when accessing a first server node by way of at least two different networks, the method comprising:
- storing, in a cache accessible by a browser, an object received in connection with content received from a website, the object received via a first network;
generating data associated with the object, the data being indicative of attributes of the first network;
maintaining the data indicative of the attributes of the first network associated with the object;
determining that the data indicative of attributes of the first network meets at least one condition for using the object to interact with content via a second network; and
using the object to interact with content accessed over the second network based at least in part on the determination.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems, methods, and computer readable media are described for validating objects stored in a web cache. In one embodiment, a computing device caches objects received while accessing networked content over a network. The computing device generates a description of conditions associated with the caching of the objects. When the computing device accesses networked content via a second network, the computing device or a remote server connected thereto utilizes the description to determine whether an object in the cache is trusted or untrusted. The server manages a policy that defines rules for making the determination. The policy can be generated based on descriptions received from a plurality of devices.
-
Citations
28 Claims
-
1. A method of using a browser cache when accessing a first server node by way of at least two different networks, the method comprising:
-
storing, in a cache accessible by a browser, an object received in connection with content received from a website, the object received via a first network; generating data associated with the object, the data being indicative of attributes of the first network; maintaining the data indicative of the attributes of the first network associated with the object; determining that the data indicative of attributes of the first network meets at least one condition for using the object to interact with content via a second network; and using the object to interact with content accessed over the second network based at least in part on the determination. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer-readable storage medium bearing instructions for using cached objects that, upon execution on a computing node, cause the computing node to at least:
-
cache data associated with a first network; associate with the cached data information related to the first network; and determine whether the cached data can be used over a second network, the determination being based at least in part on the associated information and a policy for using cached data over the second network. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. A computing device for using a cache, the computing device comprising:
a memory bearing instructions that, upon execution on the computing device, cause the computing device to at least; connect to a network-based resource over a first network; download at least one object associated with accessing network-based content from the network-based resource; associate information related to the at least one object with information related to the first network; and determine whether to reuse the at least one object when accessing network-based content over a second network, the determining being based at least in part on the associated information and a requirement related to the second network. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
22. A computing node comprising:
-
a memory bearing instructions that, upon execution on the computing node, cause the computing node to at least; receive, from a client device, information associated with an object in a cache of the client device, the information being indicative of a network over which the object was obtained; determine whether the object is authorized to be used to access network-based content based at least in part on the information indicative of the network over which the object was obtained; and provide a response based at least in part on the determination to the client device. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification