Security for WAP servers

  • US 7,472,413 B1
  • Filed: 08/11/2004
  • Issued: 12/30/2008
  • Est. Priority Date: 08/11/2003
  • Status: Active Grant
First Claim
Patent Images

1. A method of managing a communication over a network, comprising:

  • generating an application model based on interactions with an application over the network;

    intercepting a request to the application from a client to the application residing on a server over the network;

    comparing the request to the application model;

    if the request is compliant with the application model, forwarding the request to the application;

    receiving a response to the request;

    examining the response for state data, including at least a hidden field value within the response;

    storing the hidden field value;

    generating an encrypted state token associated with the stored hidden field value;

    inserting the encrypted state token into the response, wherein the encrypted state token and response is sent to the client within a hidden form field of the response, if the response includes a form;

    within a query string of the response, if the response includes a link;

    or within a Uniform Resource Locator (URL) path within the response, if the response includes a URL; and

    allowing a subsequent request from the client to be forwarded to the application if the subsequent request includes the encrypted state token.

View all claims

    Thank you for your feedback