公开(公告)号：US07865931B1

公开(公告)日：2011-01-04

申请号：US10303357

申请日：2002-11-25

Applicant: Andrew Stone ,  Brett Cooper ,  Christopher Miller ,  Timothy Daniel McCarthy ,  Clifford Randall Cannon

Inventor： Andrew Stone ,  Brett Cooper ,  Christopher Miller ,  Timothy Daniel McCarthy ,  Clifford Randall Cannon

IPC: G06F17/00

CPC classification number: H04L63/102 ,  G06F21/31 ,  G06F21/6218 ,  G06F2221/2115 ,  H04L63/0263

Abstract: The invention provides a system that includes: a web server, an application server, and a data server all connected to each other. The system is intended to protect web based applications. A web server receives a request and transmits it as a message to the application server. When the application server receives the request, the application server extracts attributes of this request. The application server uses an authorization engine to determine if each attribute of the request is authorized by accessing the data server to compare each attribute of the request with at least one rule from a rules store. The rules store resides on the data server. If the attributes of the request meet the rules in the rules store, then the request is executed by the application server.

Abstract translation: 本发明提供了一种系统，其包括：彼此连接的web服务器，应用服务器和数据服务器。 该系统旨在保护基于Web的应用程序。 Web服务器接收请求并将其作为消息发送到应用服务器。 当应用服务器收到请求时，应用服务器提取该请求的属性。 应用程序服务器使用授权引擎来确定请求的每个属性是否通过访问数据服务器进行授权，以将请求的每个属性与规则存储中的至少一个规则进行比较。 规则存储位于数据服务器上。 如果请求的属性符合规则存储中的规则，则请求由应用程序服务器执行。