WO2002019610A2 - Method and system for dynamic encryption of a web-page - Google Patents

Method and system for dynamic encryption of a web-page Download PDF

Info

Publication number
WO2002019610A2
WO2002019610A2 PCT/GB2001/003906 GB0103906W WO0219610A2 WO 2002019610 A2 WO2002019610 A2 WO 2002019610A2 GB 0103906 W GB0103906 W GB 0103906W WO 0219610 A2 WO0219610 A2 WO 0219610A2
Authority
WO
WIPO (PCT)
Prior art keywords
page
web
encryption
variables
key
Prior art date
Application number
PCT/GB2001/003906
Other languages
French (fr)
Other versions
WO2002019610A3 (en
Inventor
Graham Kennedy Twaddle
Original Assignee
Sherwood International Group Limited
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from GB0021522A external-priority patent/GB0021522D0/en
Priority claimed from GB0021998A external-priority patent/GB0021998D0/en
Application filed by Sherwood International Group Limited filed Critical Sherwood International Group Limited
Priority to AU2001284220A priority Critical patent/AU2001284220A1/en
Publication of WO2002019610A2 publication Critical patent/WO2002019610A2/en
Publication of WO2002019610A3 publication Critical patent/WO2002019610A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A web page from a website (106) may contain content which is to be restricted to the user. This restriction is protected using predetermined markers. Dynamic encryption is used to restrict viewing of the protected content of a web-page, for this is protected content to be viewed, decryption is performed. Encryption and decryption may only be performed in the encryption and decryption module (120). This module (120) detects the predetermined markers to determine the location of the restricted content and addresses an appropriate encryption key from key store (122). The encryption key is used to encrypt the data between the predetermined markers. A decryption key is used to decrypt the encrypted data between the predetermined markers, once the web page has been received by an encryption and decryption module after being transmitted over the internet (100).

Description

METHOD AND SYSTEM FOR DYNAMIC ENCRYPTION OF A WEB-PAGE
The present invention relates to the transmission of web-pages over the Internet, and in particular to the dynamic encryption of at least part of a web-page prior to transmission over the Internet by a web-server, and the subsequent dynamic decryption of the encrypted page content once the page has been received back from a remote user.
Operation of the Internet, and in particular that part of the Internet known as the World Wide Web is well known in the art. In particular, in order for a remote user to access a World Wide Web-page over the Internet, the user must use application software known as a browser, which generates a page request which is transmitted over the Internet to a web server upon which a web site, being page source code in a mark up language such as, for example, HTML or XML, is stored. The web server processes the page request, retrieves the requested page from the stored web site, and transmits the page source code back over the Internet to the user's browser whereupon the information contained in the source code can be interpreted in the browser and graphically displayed on a screen. Various mark up languages are known in the art which can be used to describe a web-page content, several of the more commonly known being, hypertext mark up language (HTML), extensible mark up language (XML), and wireless mark up language (WML). Mark up language code usually comprises a series of "tags" which operate in pairs, web-page content being expressed between two pairs of tags. The particular tag-pair instructs the browser as to how the content between the two tags is to be displayed.
XML is of particular interest as it allows two or more users to define tags to describe custom operations to be performed on the web-page content between a pair of tags. When a user defined tag-pair is encountered in a web-page source code, the browser can execute an executable script which may operate on the web-page content located between the pair of tags in the source code. Usually, the meaning of the user defined tag will have had to have been agreed between two or more users in advance, in order for their respective browsers to be able to interpret the tag correctly. XML allows user defined tags to be defined which can allow almost any operation to be performed on the data between the start tag and the end tag.
The continued growth in Internet usage has also meant that the World Wide Web is increasingly being used for business transactions, and in particular for banking, insurance and other financial services transactions, as well as in other industries. In order to process such business transactions it is frequently required that a record of the 'state' of a particular user transaction must be kept. The present invention improves upon the above by providing for the storage of other system data variables in addition to a state indicator on a web page to be transmitted to the user. In particular, within the present invention in order to allow for further online transaction processing (OLTP) operations, other data relating to the state of the back-end computer system which is managing the transaction or relating to other system specific information is also stored on the web page. Examples of such data are for example, an application session ID, a user transaction ID, usernames and passwords, etc. Unfortunately, if the user has free access to such data when displayed in a web browser or viewed as source code then it may be possible for the user to change the values of the system data variables and corrupt the back-end system processing. Therefore, in order to prevent this the present invention provides for the dynamic encryption of such system variables within the web-page source code upon transmission of the page to a user, and for decryption of the variables upon receipt of a page containing such variables back from the user.
In some cases it may be necessary for the remote user to review the encrypted content. The present invention adapts to this condition by decrypting variables upon receipt of a page from the web server. In order to prevent data being made available to unknown sources over the internet, the present invention provides for dynamic encryption of system variables within the web-page source code upon transmission of the page to the web server, and for decryption of the variables upon receipt of a page containing such variables back from the user.
In view of the above, from a first aspect the present invention provides a method of storing system variables on a web-page to be transmitted to a remote user, the method comprising the steps of:- inserting one or more system variables into a web-page at one-or more locations in the page; and encrypting the inserted system variables to thereby render the one or more variables indecipherable to the remote user.
In a preferred embodiment, the inserting step further includes the steps of inserting a first pre-determined marker in front of each inserted system variable or consecutive group of variables; and inserting a second predetermined marker after each inserted system variable or consecutive group of variables.
In the preferred embodiment, the encryption step further comprises the steps of:- detecting the first predetermined marker in front of each system variable or consecutive group of variables; detecting the second predetermined marker behind each system variable or consecutive group of variables; and encrypting said web-page content between said first predetermined marker and said second predetermined marker.
In the preferred embodiment, said first and second predetermined markers are XML tags.
The encryption of the one or more system variables may be performed using a fixed pre-determined encryption key which is changed only infrequently, if at all, or by a varying key which changes over time. Where a varying key is used, the key made br changed on a per page transmitted basis, on a time-variant basis, or on any other basis.
In addition, from a second aspect, the present invention also provides a method of retrieving system variables stored on a web-page received from a remote user, the method comprising the steps of:- detecting one or more encrypted system variables stored on a received web-page at one-or more locations in the page; and decrypting the detected system variables to thereby render the one or more variables decipherable. In a preferred embodiment, the encryption and decryption may be carried out at the user end by the web browser if possible.
In a preferred embodiment, the decrypting step preferably comprises the steps of: detecting a predetermined marker located at the start of the encrypted content; detecting a second predetermined marker located at the end of the encrypted content; and decrypting the content between the first predetermined marker and the second predetermined marker.
Furthermore, from yet another aspect the present invention also provides a system for encryption and decryption of at least part of a web-page, the system comprising: means for inserting one or more system variables into a web-page to be transmitted at one-or more locations in the page; means for detecting one or more encrypted system variables stored on a received web-page at one-or more locations in the page; key storage means arranged to store one or more keys to be used for encryption and decryption; and encryption and decryption means arranged to encrypt or decrypt respectively the system variables as appropriate with at least one of the keys stored in the key storage means.
Preferably, the key storage means contains a plurality of keys, and a different key is used for each transmitted web-page. Alternatively, the key storage means is arranged to generate a key which is used for encryption or decryption which may change on a time variant basis.
Further features and advantages of the present invention will become apparent from the following description of a preferred embodiment thereof, presented by way of example only, and with reference to the accompanying drawings, wherein:
Figure 1 is a system architecture block diagram illustrating the operation of the present invention;
. Figure 2 is a system architecture block diagram illustrating a further possible operation of the present invention; Figure 3 is a system block diagram of the system of the present invention;
Figure 4 is a flow diagram illustrating the method and operation of the system of the present invention.
An embodiment of the present invention will now be described with reference to Figures 1, 2, 3 and 4
Referring first to Figure 1, here a user is provided with a browser application program 102 which is arranged to request pages of a website 106 from a web server 104 over the Internet 100. The user browser 102 is a conventional web browser application which is not modified in any way, and which is arranged to request and receive web-pages from the Internet 100 for display to the user.
The web server 104 is provided to service user requests for web- pages stored in the form of XML code on a website storage means 106. The web server is provided with one or more computer readable storage mediums (not shown)on which are stored the web server's operating system program files, system data, and all other executable and non-executable program and data files for controlling the operation of the web server. Such a one or more storage mediums may take the form of any known storage medium, and in particular optical discs, magnetic discs, and magneto-optical discs. The web server 104 is also provided with an encryption and decryption module 120 which is arranged to receive web-pages from the web-site storage means and process them prior to transmission onto the Internet 100, and a key store 122 arranged to store encryption and decryption keys. The encryption and decryption module 120 is further arranged to decrypt the relevant parts of received pages prior to storage on the website 106.
The operation of the system of the present invention as depicted in Figure 1 can be summarised as follows. Suppose the user wishes to request a web-page from the website 106, then the user browser 110 generates a page request which is transmitted by the Internet 100 to the web server 104, which accesses the website 106 to retrieve the web-page. In order to allow for state storage for the purposes of on-line transaction processing by the back-end system, or for other back-end system house-keeping functions, the web server 104 is arranged to insert system variables relating to the OLTP state, or to any other back-end system function or for any other purpose, into the web-page in a convenient place, and the web page containing the system variable is passed to the encryption and decryption module 120.
The encryption and decryption module receives the web-page containing the system variables and accesses the key store to retrieve the appropriate encryption key, which is then used to encrypt the system variable information stored on the web page. The web page containing the encrypted system variable information is then transmitted to the user web browser 102 over the Internet 100. Upon receipt of the web-page containing the encrypted data at the user web browser 102, the web browser displays that part of the web-page source code which is in clear-text, but is unable to display the encrypted part containing the system variables. In addition, if the user attempts to view the web-page source code, then although the user will be able to view the clear-text source code in the normal manner, that part of the source code containing the system variables which have been encrypted will appear to the user as random or garbled symbols.
It is a frequent occurrence (and in particular during OLTP procedures) that the user will enter information onto the web page for processing by the back-end system, and the user browser 102 transmits the entire page with the user-entered information back to the web server 104. Upon receipt of the page at the web-server 104 the received page is first passed to the encryption and decryption module 120, which operates to scan the page to determine the presence of any encrypted system variables, and to subsequently decrypted any detected encrypted system variables using the appropriate decryption key to the encryption key which was used to encrypt the page. The decrypted system variables can then be used by logic in the web server and/or back-end system to perform any required tasks. Envisaged tasks are, for example, house-keeping or performance tracking tasks performed by the webserver, recordal of transaction state for use in any back-end system, security purposes, etc.
It should be noted that the system variables may be inserted almost anywhere in the web-page, but should be inserted in such a place and manner that the user web browser is able to display the page to the user. Furthermore, preferably the browser should be able to display the page without the presence of the encrypted system variables being apparent to the user. In order to effect this, it is envisaged that the system variables would be in stored in any one of or a combination of: an HTML comment (or equivalent in any other mark-up language); an HTML hidden field (or equivalent in any other mark-up language); or as an encrypted value in a cookie. Furthermore it will be appreciated by the man skilled in the art that the system variables could also be stored in other places on the page or in associated files, all of which variants are also intended to be encompassed within the present invention.
Turning now to the actual encryption and decryption of the system variables, the same identical encryption and decryption keys can be used all the time for transmission of web-pages to any and every user.
Alternatively, however, where the web-site is such that a user must register in advance with the site in order to access the site, preferably a different encryption key is stored in the key store 122 in the web server for each user registered with the website. In a first embodiment, the same key can be used for every transmission to and from the web server from and to a particular user, and this has the advantage that implementation complexity is reduced.
In another alternative embodiment to the above, a rolling key is envisaged, such that a different encryption key is used to encrypt and decrypt the web-page content over time. In particular, the encryption key used to encrypt or decrypt the content may be time variant, in that a particular ' encryption and decryption key is only valid for a certain time frame on a certain date, such as, for example, for instance 15 minutes at a time. Here, the key store in the web server must have a means of synchronising to which key is valid at any particular time, in order for the web server to be able to encrypt and decrypt the pages successfully.
Here, a relatively simple solution will be to use to keys which index into the system clock of the computer running the web server applications. Provided that the time frame in which the keys are valid is long enough, then few problems should arise. Where a page is received back from a user after a particular time frame has expired (i.e. such that the page was encrypted using the last key, rather than the present key), the key store can be arranged to allow the last key to be used for decryption purposes (but not encryption) for a sellable amount of time after a key change has taken place, in order to allow such pages to be decrypted.
As another alternative embodiment, the encrypted and decrypted key may be changed on a per page basis, to provide a system commonly known as a "one time pad". Here, a large number of keys are stored in the key-store, and the web server uses one of the prearranged keys per web-page transmitted to the user. In order to operate such a "one time pad" system successfully, the web server must keep a respective count of the number of pages transmitted and received respectively in order to know which one time pad is the current pad for a current page.
An alternative system is now described with reference to Figure 2. This alternative system is used when encryption and decryption is necessary at the user end.
Figure 2 is similar to Figure 1 except for a few different properties of the user browser 102. The user browser 102 comprises a conventional browser function 110, and is further provided with an encryption and decryption module 120, and an encryption and decryption key store 122. The encryption and decryption module 120 is arranged to receive web-pages from the internet 100 and to process them prior to passing the received pages to the standard browser 110.
Further details of the encryption and decryption module will now be described with reference to Figure 3. These details are applicable to the system architectures shown in Figure 1 and Figure 2.
In Figure 3, the encryption or decryption module 120 preferably comprises an input parser 240 arranged to receive web-page source code over the Internet 100 from the user, and to analyse the received source code to determine the existence and subsequent location of any encrypted system variables which have been inserted into the web-page source code by the webserver prior to transmission of the page to the user. A decryption module 210 is further provided which is arranged to receive output from the input parser 240, and to receive a decryption key from the key store 122. The decryption module 210 decrypts that web-page content which has been determined by the input parser 240 to be encrypted and outputs the decrypted content from the encryption and decryption module 120. , Similarly, an output parser 230 is also provided which is arranged to receive web-page source code to be transmitted, and to analyse the source code to determine the existence and subsequent location of any inserted system variables. Any located system variables are then passed to an encryption module 220 which is further arranged to access the encrypted key from the key store 122. The encryption module 220 then encrypts the content to be encrypted using the key received from the key store 122 and outputs the encrypted content from the encryption and decryption module 120.
Both the input parser 240 and the output parser 230 are further arranged simply to output that web-page source code which does not contain any inserted system variables, that is that source code which does not require encryption or decryption respectively.
The operation of a further embodiment of the present invention will now be described with respect to Figure 4. The further embodiment incorporates all of the previously described elements, but differs in how the system variables are inserted into the web page.
In the further embodiment, instead of merely inserting the system variables into the web page, the web server inserts the variables into the page delimited at the start and end by a pair of predefined mark-up language tags, such as <encrypt_start>, to indicate the start of the variables, and <encrypt_erιd>, to indicate the end of the variables. The encryption and decryption module 120 provided in the web server 104 detects the predetermined tags, to determine the location of the inserted system variables, and accesses an appropriate encryption key from the key store 122. The encryption key is then used to encrypt ' the data between the <encrypt_start> and <encrypt_end> tags and then the web-page containing the encrypted data is the transmitted over the Internet 100.
The operation of the encryption and decryption module as described above will now be described in detail with respect to Figure 4. The operation is applicable to the system architectures shown in Figure 1 and Figure 2.
Figure 4 is a flow diagram illustrating how the system variables inserted into the web-page may be encrypted. It will be apparent to the intended reader skilled in the art that the same process flow can be used to control both the encryption and decryption operation. However, for the sake of clarity the following description will concentrate on encrypting at least part of the web-page, such as would be performed by the web server when transmitting a page on the Internet. It will be apparent to the intended reader how the following operation can also be applied to the subsequent decryption of the page.
Assume that the web server 104 has received a page request from the browser 102, and has accessed the requested page from the website 106, and inserted the system variables into the page where required and delimited by <encrypt_start> and <encrypt_end> tags . Therefore, at step
301 the web server 104 passes the web-page source code containing the system variables delimited by the tags to the encryption and decryption module 120. At step 302, a counter n which is used to keep a count of the lines of the web- page source code is initialised to a value 1, in order to allow processing to start at the top line of the web-page source code. Therefore, at this stage, the output parser 230 has received the web-page source code and begins to process from the first line n. At step 303, therefore, line n is analysed to determine the content thereof, and an evaluation is performed at step 304 to determine if line n is an <encrypt_start> tag. If it is determined that line n is not an <encrypt_start> tag then the output parser 230 outputs line n at step 305 from the encryption and decryption module for transmission of the line onto the Internet. An evaluation is then performed at step 306 to determine whether the end of the web-page source code has been reached, and if not the line counter n is incremented at step 307, and processing returns to the parsing step 303. If it is determined at step 304 that line n is an
<encrypt_start> tag, then processing proceeds to step 308, wherein encrypt module 320 retrieves the encryption key from the key store 122 at step 308. The line counter n is incremented by 1 at step 309, and the output parser 230 analyses line n to determine the content thereof at step 310. An evaluation is then performed at step 311 to evaluate whether the determined content is an <encrypt_end> tag and if not line n (which will contain one or more system variables) is passed to the encryption module 220 for encryption using the encryption key retrieved from the key store at step 313. The encrypted line n is then output from the encryption module 220 at step 314. Following output of the encrypted line n, an evaluation is made to determine whether the end of the web-page . source code file has been reached at step 215, and if not then processing returns to step 309 wherein the line counter n is incremented and steps 310, 311, 313, 314 and 315 are repeated in turn until either the end of the web-page source code is reached, in which case processing ends, or until the <encrypt_end> tag is reached at step 311. If it is determined that line n is an <encrypt_end> tag, then the line counter n is incremented at step 312, and an end of file evaluation is performed at step 316. If the end of file evaluation is positive then processing ends, and if not processing returns to step 303. From step 303 processing continues in the same loop manner as described above until all of the web-page source code has been processed.
From the above-described operation it should be apparent that a web-page source code may contain one or more pairs of <encrypt_s tart> and <encrypt_end> tags such that the web-page may contain more than one portion of encrypted source code interlaced with clear text source code.
As mentioned previously, the above-described operation as shown in Figure 3 is almost identical for a decryption operation, with the change that at step 313 instead of an encryption operation being performed, a decryption operation is instead performed on the encrypted line. In this respect, the line n analysis performed at steps 303 and 310 is performed in the decryption mode by the input parser 240, and the decryption at step 313 performed by the decryption module 210.
Instead of providing separate input and output parsers 230 and 240 respectively, as shown in Figure 2, it will be appreciated that a common parser could be used to analyse both the received source code, and the source code to be transmitted.
In any of the above described embodiments it will be appreciated that the actual encryption and decryption algorithms to be used by encryption and decryption modules 220 and 210 respectively may be any known encryption and decryption algorithms known in the art which will provide an adequate level of protection. In the further embodiment described with respect to Figure 3 it will be appreciated that the <encrypt_start> and <encrypt_end> tags are used to initiate the execution of the encryption and decryption algorithms which are stored in script form in the user browser and the web server.
In the further embodiment, in order to allow the user to define the- <encrypt_start> and <encrypt_end> tags the web-page source code is preferably written in extensible mark-up language (XML).

Claims

CLAIMS:
1. A method of storing system variables on a web-page to be transmitted to a remote user, the method comprising the steps of:- inserting one or more system variable into a web-page at on eor more locations in the page; and encrypting the inserted system variables to thereby render the one or more variables in decipherable to the remote user.
2. A method according to Claim 1, wherein the inserting step further includes the steps of inserting a first pre-determined marker in front of each inserted system variable or consecutive group of variables; and inserting a second predetermined marker after each inserted system variable or consecutive group of variables.
3. A method according to Claim 1 or 2, wherein the encryption step further comprises the steps of:- detecting the first predetermined marker in front of each system variable or consecutive group of variables; detecting the second predetermined marker behind each system variable or consecutive group of variables; and encrypting said web-page content between said first predetermined marker and said second predetermined marker.
4. A method according to Claim 2 or 3, wherein said first and second predetermined markers are XML tags.
5. A method according to any one of the preceding claims, wherein the encryption step is performed using a fixed predetermined encryption key.
6. A method according to any one of Claims 1 to 4, wherein the exemption key is changeable.
7. A method according to Claim 6, wherein the encryption key is changeable on a per page transmitted basis.
8. A method according to Claim 6, wherein the encryption key is changeable with time.
9. A method of retrieving system variables stored on a web-page received from a remote user, the method comprising the steps of:- detecting one or more encrypted system variables stored on a received web-page at one or more locations in the page; and decrypting the detected system variables to thereby render the one or more variables decipherable.
10. A method according to Claim 9, wherein the decrypting step comprises the steps of : detecting a predetermined marker located at the start of the encrypted content; detecting a second predetermined marker located at the end of the encrypted content; and decrypting the content between the first predetermined marker and second predetermined marker.
11. A method according to Claims 2, 3 and 10, wherein the encryption and decryption is carried out at the user end by the web browser.
12. A system for encryption and decryption of at least part of a web- page, the system comprising:
. means for inserting one or more system variables into a web-page to be transmitted at one or more locations in the page; means for detecting one or more encrypted system variables stored on a received web-page at one or more locations in the page; key storage means arranged to store one or more keys to be used for encryption and decryption; and encryption and decryption means arranged to encrypt or decrypt respectively the system variables as appropriate with at least one of the keys stored in the key storage means.
13. A method according to Claim 12, wherein the key storage means contains a plurality of keys.
14. A method according to Claim 12, wherein a different key is used for each transmitted web-page.
15. A method according to Claim 12, wherein the key storage means is arranged to generate a key which is used for encryption or decryption.
16. A method according to Claim 15 wherein the generated key changes with time.
PCT/GB2001/003906 2000-09-01 2001-08-31 Method and system for dynamic encryption of a web-page WO2002019610A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001284220A AU2001284220A1 (en) 2000-09-01 2001-08-31 Method and system for dynamic encryption of a web-page

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
GB0021522.8 2000-09-01
GB0021522A GB0021522D0 (en) 2000-09-01 2000-09-01 Method and system for dynamic encryption of a web page
GB0021998A GB0021998D0 (en) 2000-09-07 2000-09-07 Method and system for dynamic encryption of a web-page
GB0021998.0 2000-09-07

Publications (2)

Publication Number Publication Date
WO2002019610A2 true WO2002019610A2 (en) 2002-03-07
WO2002019610A3 WO2002019610A3 (en) 2002-05-16

Family

ID=26244948

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/003906 WO2002019610A2 (en) 2000-09-01 2001-08-31 Method and system for dynamic encryption of a web-page

Country Status (2)

Country Link
AU (1) AU2001284220A1 (en)
WO (1) WO2002019610A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080301654A1 (en) * 2005-12-22 2008-12-04 Fujitsu Limited Program processing apparatus, program processing method and computer readable information recording medium
WO2009006759A1 (en) * 2007-07-11 2009-01-15 Essence Technology Solution, Inc. An immediate, bidirection and interactive communication method provided by website
US20130074191A1 (en) * 2011-09-20 2013-03-21 Ehud Ben-Reuven Method for controlling content uploaded to a public content site
WO2015157735A3 (en) * 2014-04-10 2015-12-03 OTP Technologies, Inc. Content encryption and decryption

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1014646A2 (en) * 1998-12-22 2000-06-28 Citibank, N.A. Systems and methods for distributing information to a diverse plurality of devices
WO2000048110A2 (en) * 1999-02-11 2000-08-17 Ezlogin.Com, Inc. Personalized access to web sites

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1014646A2 (en) * 1998-12-22 2000-06-28 Citibank, N.A. Systems and methods for distributing information to a diverse plurality of devices
WO2000048110A2 (en) * 1999-02-11 2000-08-17 Ezlogin.Com, Inc. Personalized access to web sites

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080301654A1 (en) * 2005-12-22 2008-12-04 Fujitsu Limited Program processing apparatus, program processing method and computer readable information recording medium
WO2009006759A1 (en) * 2007-07-11 2009-01-15 Essence Technology Solution, Inc. An immediate, bidirection and interactive communication method provided by website
US20130074191A1 (en) * 2011-09-20 2013-03-21 Ehud Ben-Reuven Method for controlling content uploaded to a public content site
WO2015157735A3 (en) * 2014-04-10 2015-12-03 OTP Technologies, Inc. Content encryption and decryption
US9621526B2 (en) 2014-04-10 2017-04-11 OTP Technologies, Inc. Content encryption and decryption

Also Published As

Publication number Publication date
WO2002019610A3 (en) 2002-05-16
AU2001284220A1 (en) 2002-03-13

Similar Documents

Publication Publication Date Title
US10956901B2 (en) Methods, apparatus and computer program products for securely accessing account data
EP0913789B1 (en) Pre-paid links to networks servers
CN100486243C (en) Secure session management authentication method and system for WEB sites
EP1299786B1 (en) Web site authentication using a digital hallmark
US8041127B2 (en) Method and system for obscuring and securing financial data in an online banking application
US8542823B1 (en) Partial file encryption
US7293293B2 (en) Apparatus and method for detecting illegitimate change of web resources
US20080148070A1 (en) Secure database access through partial encryption
US20080313469A1 (en) Stateless methods for resource hiding and access control support based on uri encryption
US20040012567A1 (en) Secure input device
US20040125077A1 (en) Remote control for secure transactions
KR101555083B1 (en) Data providing device, system, server device, program, and method
JPH1069514A (en) Financial transaction processing system
WO2008030363A9 (en) Contextual visual challenge image for user verification
US20090083545A1 (en) Search reporting apparatus, method and system
US9208489B2 (en) System for secure web-prompt processing on point sale devices
US20130262864A1 (en) Method and system for supporting secure documents
CN111683098B (en) Anti-crawler method and device, electronic equipment and storage medium
WO2002019610A2 (en) Method and system for dynamic encryption of a web-page
CN109343971B (en) Browser data transmission method and device based on cache technology
KR101980432B1 (en) Apparatus and method for managing personal information
KR100283082B1 (en) Access Statistics Method by User Group using Image Insertion Method in Web Documents
US20040267870A1 (en) Method of single sign-on emphasizing privacy and minimal user maintenance
JP2007199813A (en) Log collecting system and log collecting method
KR100341419B1 (en) A method for controlling standard SSL security on the internet browser

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP