Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Trusted services broker for web page fine-grained security labeling

a technology of trust services and web pages, applied in the field of computer networks, can solve the problems of not being able to access others, not being able to support native web server security, and not being able to guarantee the security of web pages

Inactive Publication Date: 2001-08-09
LEIDOS INNOVATIONS TECH INC
View PDF0 Cites 53 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0019] It is another object of the invention to provide the service by limiting installation of invention items to web server machines, avoiding the need to install anything on web browser clients.
[0021] It is yet another object of the invention to provide a convenient arrangement for changing credentials, viewing and changing of fine-grained labels, changing of passwords and ensuring a logout function.
[0022] It is another further object of the invention to enhance known web server functions by supporting user authentication through CGI scripts, to map MAC and DAC credentials to users, embed security labels within HTML files and provide for changes of password, labels, credentials, MAC ranges and / or DAC role lists.

Problems solved by technology

Such systems can employ firewalls, virtual private network technology, or other technologies to limit access to computing resources to some subset of users, and thus completely deny access to others.
Such capabilities are not supported by native web server security.
Strictly speaking, even this is not necessarily true, if a user alters the cookie value as stored in the disk cookie file.
In fact, cookie names and values can never be used as the basis for providing security features, unless they are utterly hidden from users, to prevent cookie inspection or alteration.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Trusted services broker for web page fine-grained security labeling
  • Trusted services broker for web page fine-grained security labeling
  • Trusted services broker for web page fine-grained security labeling

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0038] Referring now to the drawings, and more particularly to FIG. 1, there is shown a high-level schematic diagram of the architecture 10 of a network system such as is found in internet, intranet and extranet applications. This portion of the system architecture will also be found in FIGS. 4, 9 and 13 which are illustrative of the architecture of the invention and operations performed therein in accordance with the invention. Accordingly, the architecture of FIG. 1 will also be common to the architecture of a portion of the invention but, in regard to the invention, the content of data routed therethrough will be characteristically different from that commonly used in the art. Further, FIG. 1 is arranged to facilitate an understanding of the invention and the compatibility of the invention with currently known systems. Accordingly, no portion of FIG. 1 is admitted to be prior art as to the present invention beyond the description of the operation of known systems which immediatel...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

Arbitrarily fine-grained limitation of access to information stored in a resource of a data processor network is provided in a manner compatible with existing network browsers by mapping user identity and credentials with randomly assigned security cookie information which thus serves as a surrogate credential accompanying each user request during a session. Labels are imbedded within HTML files / text which may embody any desired security policy, including mandatory access control (MAC) arrangements which are not available through native browser functions. Data is retrieved in response to a user request which includes a security cookie from a location in the resource which is not directly accessible through use of a URL; the location being stored in a configuration file which is hidden from users. The retrieved data is then filtered in accordance with labels provided for each page and / or embedded in the text and used to build a response which may include hypertext links or other user interfaces for transmission to the user. Provision is made for viewing or changing of labels, credentials and passwords.

Description

[0001] 1. Field of the Invention[0002] The present invention generally relates to computer networks including shared resources and, more particularly, to computer networks selectively providing access to information to a plurality of users through a web browser / server interface in accordance with user credentials.[0003] 2. Description of the Prior Art[0004] With the growing familiarity and ubiquity of the Internet and World Wide Web for exchange of information, similarly styled and functioning information exchange systems are being provided on more or less private intranet (e.g. within a business or organization) and extranet (among a select group of cooperating businesses or organizations) network systems for exchange of data among, for example, employees of an organization or company connected thereto. The familiarity of users with internet browsers enhances their efficiency and comfort with using systems which operate similarly and provide similar interfaces in intranet and extra...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(United States)
IPC IPC(8): G06F1/00G06F17/30G06F21/00
CPCG06F17/30861G06F21/6227G06F2211/009G06F2221/2113G06F16/95
Inventor LUCKENBAUGH, GARY L.STOAKES, FORREST E.
Owner LEIDOS INNOVATIONS TECH INC
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products