Invention Grant
US08646053B2 Controlling access of a client system to an access protected remote resource
失效
控制客户端系统对访问受保护的远程资源的访问
- Patent Title: Controlling access of a client system to an access protected remote resource
- Patent Title (中): 控制客户端系统对访问受保护的远程资源的访问
-
Application No.: US12967956Application Date: 2010-12-14
-
Publication No.: US08646053B2Publication Date: 2014-02-04
- Inventor: Stephan Laertz , Peter Fischer , Carsten Leue , Thomas Schaeck
- Applicant: Stephan Laertz , Peter Fischer , Carsten Leue , Thomas Schaeck
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Carey, Rodriguez, Greenberg & O'Keefe
- Agent Steven Greenberg, Esq.
- Priority: DE04100885 20040304
- Main IPC: G06F7/04
- IPC: G06F7/04
Abstract:
The present invention provides a security module for Web application, especially a portal application, using a rewriter proxy. The security module ensures that the rewritten URIs are appended by an authentication identifier for determining whether the rewritten URI has not been changed. Preferably, the authentication identifier can be generated by applying a secure hash algorithm and/or secret key to the original URIs of the remote resource or the entire rewritten URIs. When a client activates those URIs, a request is sent to the rewriter proxy. Before a connection to the access protected remote resource is established, the security module validates whether the URIs contained in the user client request have been changed by the user.
Public/Granted literature
- US20110145898A1 CONTROLLING ACCESS OF A CLIENT SYSTEM TO AN ACCESS PROTECTED REMOTE RESOURCE Public/Granted day:2011-06-16
Information query
