Method and system for secure requesting of an object via a communications network
First Claim
1. A method for requesting an object (O) by means of a client system (C), which is coupled to a server system (S) via a communications network (30) operatively, the method comprising:
- a server means (40) of the server system generating (S2) an electronic document (10) and transmitting the electronic document to the client system (C),inserting, at the server means, a text fragment into the electronic document during generation of the electronic document, wherein, during a client-sided execution, the electronic document effects a transmission of a request message from the client system to the server means (40), wherein the text fragment comprises a first parameter and a second parameter,assigning the combination of the first parameter and the second parameter to a validity interval, wherein the validity interval and the assignment of the validity interval to the parameter combination are stored in a storage means (50) of the server system, and wherein the validity interval indicates a time period during which corresponding request messages are valid,receiving via the communications network, at the server means (40) the request message from the electronic document (10) displayed at the client system, whereinthe first parameter identifies a user (U) of the client system and the second parameter identifies the requested object,evaluating, at the server means, the parameters of the received request message, wherein data for the first parameter assigned to the user and data for the second parameter assigned to the object are determined, wherein the respective data are stored in the storage means (50), andafter a successful evaluation, providing the requested object (O) for transmission (SE) to the user (U), andafter a successful evaluation of the received request message, determining a time frame for the combination of the first parameter and the second parameter, wherein the time frame is stored in the storage means (50), wherein the stored time frame is assigned to the combination of the first parameter and the second parameter, anddetermining during evaluation of the received request message whether the same request message is received within the time frame multiple times.
1 Assignment
0 Petitions
Accused Products
Abstract
A method for requesting an object by means of a client system, which is coupled to a server system operatively via a communications network is provided, wherein a server means of the server system receives via the communications network a request message from an electronic document displayed at a client system, the request message comprises at least a first parameter, which identifies a user of the client system, and a second parameter, which identifies the requested object, the server means evaluates the parameters of the received request message, wherein data for the first parameter assigned to the user and data for the second parameter assigned to the object are determined, wherein the respective data are stored in a storage means of the server system, and after a successful evaluation, the requested object is provided for transmission to the user.
10 Citations
14 Claims
-
1. A method for requesting an object (O) by means of a client system (C), which is coupled to a server system (S) via a communications network (30) operatively, the method comprising:
-
a server means (40) of the server system generating (S2) an electronic document (10) and transmitting the electronic document to the client system (C), inserting, at the server means, a text fragment into the electronic document during generation of the electronic document, wherein, during a client-sided execution, the electronic document effects a transmission of a request message from the client system to the server means (40), wherein the text fragment comprises a first parameter and a second parameter, assigning the combination of the first parameter and the second parameter to a validity interval, wherein the validity interval and the assignment of the validity interval to the parameter combination are stored in a storage means (50) of the server system, and wherein the validity interval indicates a time period during which corresponding request messages are valid, receiving via the communications network, at the server means (40) the request message from the electronic document (10) displayed at the client system, wherein the first parameter identifies a user (U) of the client system and the second parameter identifies the requested object, evaluating, at the server means, the parameters of the received request message, wherein data for the first parameter assigned to the user and data for the second parameter assigned to the object are determined, wherein the respective data are stored in the storage means (50), and after a successful evaluation, providing the requested object (O) for transmission (SE) to the user (U), and after a successful evaluation of the received request message, determining a time frame for the combination of the first parameter and the second parameter, wherein the time frame is stored in the storage means (50), wherein the stored time frame is assigned to the combination of the first parameter and the second parameter, and determining during evaluation of the received request message whether the same request message is received within the time frame multiple times.
-
-
2. The method of claim 1, wherein the request message comprises a third parameter.
-
3. The method of claim 2, wherein the third parameter comprises the value of the first parameter and the value of the second parameter in encoded form.
-
4. The method of claim 2, wherein a hash value is formed from a combination of the first parameter and the second parameter, which forms the third parameter, and wherein the text fragment comprises the third parameter.
-
5. The method of claim 4, wherein the hash value is formed from a combination of the first parameter, the second parameter, and a secret, wherein the secret is not transmitted to the client system.
-
6. The method of claim 1, wherein the secret comprises a changing state value, preferably.
-
7. The method of claim 4, wherein the hash value and/or a secret are/is stored in the storage means (50), and wherein the stored hash value and/or the stored secret are/is assigned to the combination of the first parameter and the second parameter, and wherein the secret is not transmitted to the client system.
-
8. The method of claim 4, wherein the evaluation of the request message comprises determining whether the hash value received with the request message is identical to an independently generated hash value assigned to the combination of first parameter and second parameter, or which is formed from the combination of the first parameter, the second parameter, and a secret, wherein the secret is not transmitted to the client system.
-
9. The method of claim 2, wherein the server means (40) generates a key, wherein the text fragment comprises the key as the third parameter, wherein the key is stored in the storage means (50), and wherein the stored key is assigned to the combination of first parameter and second parameter.
-
10. The method of claim 1 wherein the evaluation of the request message comprises determining whether the third parameter received with the request message is identical to a key assigned to the combination of the first parameter and the second parameter.
-
11. The method of claim 7, wherein the hash value, the secret and/or a key respectively are a one-time-hash value, a one-time-secret, and a one-time-key, wherein the evaluation of the request message comprises deleting the hash value, the secret and/or the key assigned to the combination of first parameter and second parameter.
-
12. The method of claim 1, wherein, if a new request message is received during the time frame, the server means (40) generates a confirmation message and transmits it to the client system (C), wherein the user (U) of the client system is requested by the confirmation message to confirm the new request of the object (O).
-
13. The method of claim 1, wherein the electronic document (10) comprises at least one of a website, an electronic newsletter, and an electronic message (e-mail).
-
14. The method of claim 1, wherein after a failed evaluation, the server means (40) generates an error message, and transmits it to the client system for display at the client system (C).
Specification