Method and apparatus for managing internet transactions

US 7,698,286 B2
Filed: 12/29/2006
Issued: 04/13/2010
Est. Priority Date: 09/22/1995
Status: Expired due to Fees

First Claim

Patent Images

1. A method for handling a web page, comprising:

receiving from a client a returned page containing a request;

activating one or more objects associated with said returned page;

processing said returned page using said one or more objects; and

verifying said request and wherein verifying said request comprises;

obtaining a first verification string associated with said request;

retrieving a session associated with said client;

retrieving a session key from said session;

generating a second verification string using said session key and a subset of information contained in said request; and

comparing said first verification string with said second verification string;

wherein each of at least a subset of the one or more objects stores data, includes one or more methods to manipulate data, or both.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The object-oriented approach used by the present invention provides the ability to develop and manage Internet transactions. Local applications can be accessed using any workstation connected to the Internet regardless of the workstation'"'"'s configuration. Some or all of a Web page can be generated dynamically using input received in a returned page, generated at runtime, or retrieved from an external data source (e.g., database or electronic mail system). When the Web page definition is rendered, the information contained in template(s), declaration file(s), and object(s) are used to generate standard definitions. State information is maintained across transactions. Using state information, virtual applications, sessions, transactions, and pages can be implemented. Self-contained modules, or components, provide the ability to share implementations and create multi-content documents. Event objects can be used to assist in event handling management.

27 Citations

View as Search Results

30 Claims

1. A method for handling a web page, comprising:
- receiving from a client a returned page containing a request;
  
  activating one or more objects associated with said returned page;
  
  processing said returned page using said one or more objects; and
  
  verifying said request and wherein verifying said request comprises;
  
  obtaining a first verification string associated with said request;
  
  retrieving a session associated with said client;
  
  retrieving a session key from said session;
  
  generating a second verification string using said session key and a subset of information contained in said request; and
  
  comparing said first verification string with said second verification string;
  
  wherein each of at least a subset of the one or more objects stores data, includes one or more methods to manipulate data, or both.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. A method as recited in claim 1, further comprising retrieving a session identifier from information associated with said request.
  - 3. A method as recited in claim 2, further comprising determining that said session identifier is valid.
  - 4. A method as recited in claim 2, further comprising determining that said session identifier is not valid and raising an error.
  - 5. A method as recited in claim 2, wherein retrieving a session comprises retrieving a session having said session identifier.
  - 6. A method as recited in claim 1, wherein information associated with said request comprises one or more of:
    - an application name, a page path, a session identifier, a transaction identifier, a sender identifier, a digital signature, form data, and state information.
  - 7. A method as recited in claim 1, wherein said first verification string comprises a digital signature.
  - 8. A method as recited in claim 7, wherein said digital signature is generated using one or more of:
    - a page path, a session identifier, a previous transaction identifier, and a sender identifier.
  - 9. A method as recited in claim 7, wherein said digital signature is generated using knowledge of said session key.
  - 10. A method as recited in claim 1, wherein the second verification string is generated by encrypting values used to generate the second verification string using an encryption algorithm.
  - 11. A method as recited in claim 1, wherein comparing said first verification string with said second verification string comprises comparing at least a portion of said second verification string with said first verification string.
  - 12. A method as recited in claim 1, further comprising concluding that said request is valid if said first verification string and said second verification string match.
  - 13. A method as recited in claim 1, further comprising concluding that said request is not valid if said first verification string and said second verification string do not match and raising an error.
  - 14. A new method as recited in claim 1, wherein said request is managed by request object.
  - 15. A method as recited in claim 1, further comprising:
    - determining whether a response is needed to said returned page; and
      
      performing the following when a response is needed;
      
      identifying response page;
      
      activating one or more objects associated with said response page;
      
      generating said response page; and
      
      transmitting said response page to said client.
  - 16. A method as recited in claim 15, wherein activating one or more objects associated with said response page comprises:
    - activating one or more control objects for managing the generation of said response page;
      
      activating a response object for managing information about said response page; and
      
      activating one or more context objects for maintaining state information.
  - 17. A method as recited in claim 1, further comprising:
    - determining a response web page to said returned page;
      
      creating a page object for said response web page; and
      
      invoking a script associated with said response web page.

18. A system for handling a web page, comprising:
- a processor configured to;
  
  receive from a client a returned page containing a request;
  
  activate one or more object associated with said returned page;
  
  process said returned page using said one or more objects; and
  
  verify said request and wherein to verify said request comprises to;
  
  obtain a first verification string associated with said request;
  
  retrieve a session associated with said client;
  
  retrieve a session key from said session;
  
  generate a second verification string using said session key and a subset of information contained in said request; and
  
  compare said first verification string with said second verification string;
  
  wherein each of at least a subset of the one or more objects stores data, includes one or more methods to manipulate data, or both; and
  
  a memory coupled to the processor and configured to provide the processor with instructions.
- View Dependent Claims (19, 20, 21, 22, 23, 24)
- - 19. A system as recited in claim 18, wherein information associated with said request comprises one or more of:
    - an application name, a page path, a session identifier, a transaction identifier, a sender identifier, a digital signature, form data, and state information.
  - 20. A system as recited in claim 18, wherein said first verification string comprises a digital signature.
  - 21. A system as recited in claim 18, wherein the processor is further configured to conclude that said request is valid if said first verification string and said second verification string match.
  - 22. A system as recited in claim 18, wherein said request is managed by a request object.
  - 23. A system as recited in claim 18, wherein the processor is further configured to:
    - determine whether a response is needed to said returned page; and
      
      perform the following when a response is needed;
      
      identify a response page;
      
      activate one or more objects associated with said response page;
      
      generate said response page; and
      
      transmit said response page to said client.
  - 24. A system as recited in claim 18, wherein the processor is further configured to:
    - determine a response web page to said returned page;
      
      create a page object for said response web page; and
      
      invoke a script associated with said response web page.

25. A computer program product for handling a web page, the computer program product being embodied in a computer readable storage medium and comprising computer instructions for:
- receiving from a client a returned page containing a request;
  
  activating one or more objects associated with said returned page;
  
  processing said returned page using said one or more objects; and
  
  verifying said request and wherein verifying said request comprises;
  
  obtaining a first verification string associated with said request;
  
  retrieving a session associated with said client;
  
  retrieving a session key from said session;
  
  generating a second verification string using said session key and a subset of information contained in said request; and
  
  comparing said first verification string with said second verification string;
  
  wherein each of at least a subset of the one or more objects stores data, includes one or more methods to manipulate data, or both.
- View Dependent Claims (26, 27, 28, 29, 30)
- - 26. A computer program product as recited in claim 25, wherein information associated with said request comprises one or more of:
    - an application name, a page path, a session identifier, a transaction identifier, a sender identifier, a digital signature, form data, and state information.
  - 27. A computer program product as recited in claim 25, wherein said first verification string comprises a digital signature.
  - 28. A computer program product as recited in claim 25, wherein said request is managed by a request object.
  - 29. A computer program product as recited in claim 25, further comprising computer instructions for:
    - determining whether a response is needed to said returned page; and
      
      performing the following when a response is needed;
      
      identifying a response page;
      
      activating one or more objects associated with said response page;
      
      generating said response page; and
      
      transmitting said response page to said client.
  - 30. A computer program product as recited in claim 25, further comprising computer instructions for:
    - determining a response web page to said returned page;
      
      creating a page object for said response web page; and
      
      invoking a script associated with said response web page.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Next Software Incorporated (Apple Inc.)
Original Assignee
Next Software Incorporated (Apple Inc.)
Inventors
Ong, Bruce, D'Harcourt, Charles, Popp, Nicolas
Primary Examiner(s)
Tung; Kee M
Assistant Examiner(s)
CRAWFORD, JACINTA M

Application Number

US11/647,795
Publication Number

US 20070113193A1
Time in Patent Office

1,201 Days
Field of Search

707/1, 707/100, 707/101, 707/102, 707/103.R, 707/103.X, 707/103.Y, 707/103.Z, 715/234
US Class Current

707/607
CPC Class Codes

G06F 16/958   Organisation or management ...

G06F 16/972   Access to data in other rep...

H04L 67/02   based on web technology, e....

H04L 67/14   Session management for real...

H04L 67/142   Managing session states for...

H04L 67/2895   Intermediate processing fun...

H04L 67/56   Provisioning of proxy servi...

H04L 67/5683   Storage of data provided by...

Method and apparatus for managing internet transactions

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

30 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for managing internet transactions

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

30 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others