ATE514274T1 - Sicherheitsfilterung für eine internetanwendung - Google Patents
Sicherheitsfilterung für eine internetanwendungInfo
- Publication number
- ATE514274T1 ATE514274T1 AT08159796T AT08159796T ATE514274T1 AT E514274 T1 ATE514274 T1 AT E514274T1 AT 08159796 T AT08159796 T AT 08159796T AT 08159796 T AT08159796 T AT 08159796T AT E514274 T1 ATE514274 T1 AT E514274T1
- Authority
- AT
- Austria
- Prior art keywords
- security
- tokens
- input data
- description language
- security service
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0245—Filtering by information in the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/168—Implementing security features at a particular protocol layer above the transport layer
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer And Data Communications (AREA)
- Information Transfer Between Computers (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| EP08159796A EP2144420B1 (de) | 2008-07-07 | 2008-07-07 | Sicherheitsfilterung für eine Internetanwendung |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| ATE514274T1 true ATE514274T1 (de) | 2011-07-15 |
Family
ID=40032578
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| AT08159796T ATE514274T1 (de) | 2008-07-07 | 2008-07-07 | Sicherheitsfilterung für eine internetanwendung |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US20100332837A1 (de) |
| EP (1) | EP2144420B1 (de) |
| AT (1) | ATE514274T1 (de) |
| WO (1) | WO2010003261A1 (de) |
Families Citing this family (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7162035B1 (en) | 2000-05-24 | 2007-01-09 | Tracer Detection Technology Corp. | Authentication method and system |
| US8171567B1 (en) | 2002-09-04 | 2012-05-01 | Tracer Detection Technology Corp. | Authentication method and system |
| US7966553B2 (en) * | 2007-06-07 | 2011-06-21 | Microsoft Corporation | Accessible content reputation lookup |
| US7995196B1 (en) | 2008-04-23 | 2011-08-09 | Tracer Detection Technology Corp. | Authentication method and system |
| US8656303B2 (en) * | 2009-02-17 | 2014-02-18 | Larry J. Hughes, JR. | Method and system for certifying webforms |
| US8862699B2 (en) * | 2009-12-14 | 2014-10-14 | Microsoft Corporation | Reputation based redirection service |
| US20110307940A1 (en) * | 2010-06-09 | 2011-12-15 | Joseph Wong | Integrated web application security framework |
| US9350705B2 (en) * | 2010-06-25 | 2016-05-24 | Salesforce.Com, Inc. | Methods and systems for providing a token-based application firewall correlation |
| US9407603B2 (en) * | 2010-06-25 | 2016-08-02 | Salesforce.Com, Inc. | Methods and systems for providing context-based outbound processing application firewalls |
| US9336379B2 (en) | 2010-08-19 | 2016-05-10 | Microsoft Technology Licensing, Llc | Reputation-based safe access user experience |
| US8667565B2 (en) * | 2011-02-18 | 2014-03-04 | Microsoft Corporation | Security restructuring for web media |
| US9467424B2 (en) | 2011-10-07 | 2016-10-11 | Salesforce.Com, Inc. | Methods and systems for proxying data |
| US9430640B2 (en) | 2012-09-28 | 2016-08-30 | Intel Corporation | Cloud-assisted method and service for application security verification |
| US8918837B2 (en) * | 2012-12-28 | 2014-12-23 | Intel Corporation | Web application container for client-level runtime control |
| US20140259145A1 (en) * | 2013-03-08 | 2014-09-11 | Barracuda Networks, Inc. | Light Weight Profiling Apparatus Distinguishes Layer 7 (HTTP) Distributed Denial of Service Attackers From Genuine Clients |
| US9854026B1 (en) | 2014-06-30 | 2017-12-26 | Emc Corporation | Service to invoke companion applications |
| US9356969B2 (en) | 2014-09-23 | 2016-05-31 | Intel Corporation | Technologies for multi-factor security analysis and runtime control |
| US10693901B1 (en) * | 2015-10-28 | 2020-06-23 | Jpmorgan Chase Bank, N.A. | Techniques for application security |
| CN106789981A (zh) * | 2016-12-07 | 2017-05-31 | 北京奇虎科技有限公司 | 基于waf的流量控制方法、装置及系统 |
| US10805269B2 (en) * | 2017-02-17 | 2020-10-13 | Royal Bank Of Canada | Web application firewall |
| CN108052452A (zh) * | 2017-12-29 | 2018-05-18 | 北京酷我科技有限公司 | 一种日志验收的可视优化方法 |
| CN111416813A (zh) * | 2020-03-16 | 2020-07-14 | 山东浪潮通软信息科技有限公司 | 一种基于反向代理服务的数据过滤系统及实现方法 |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6915454B1 (en) | 2001-06-12 | 2005-07-05 | Microsoft Corporation | Web controls validation |
| US7565687B2 (en) | 2002-02-08 | 2009-07-21 | International Business Machines Corporation | Transmission control system, server, terminal station, transmission control method, program and storage medium |
| US7472413B1 (en) * | 2003-08-11 | 2008-12-30 | F5 Networks, Inc. | Security for WAP servers |
| US20060288220A1 (en) * | 2005-05-02 | 2006-12-21 | Whitehat Security, Inc. | In-line website securing system with HTML processor and link verification |
| US9178705B2 (en) * | 2007-04-13 | 2015-11-03 | International Business Machines Corporation | Method and system for stateless validation |
-
2008
- 2008-07-07 AT AT08159796T patent/ATE514274T1/de not_active IP Right Cessation
- 2008-07-07 EP EP08159796A patent/EP2144420B1/de active Active
-
2009
- 2009-06-29 WO PCT/CH2009/000224 patent/WO2010003261A1/en active Application Filing
-
2010
- 2010-02-09 US US12/703,148 patent/US20100332837A1/en not_active Abandoned
Also Published As
| Publication number | Publication date |
|---|---|
| US20100332837A1 (en) | 2010-12-30 |
| WO2010003261A1 (en) | 2010-01-14 |
| EP2144420A1 (de) | 2010-01-13 |
| EP2144420B1 (de) | 2011-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| ATE514274T1 (de) | Sicherheitsfilterung für eine internetanwendung | |
| CN107209830B (zh) | 用于识别并抵抗网络攻击的方法 | |
| US11886619B2 (en) | Apparatus and method for securing web application server source code | |
| US9369475B2 (en) | System and method for securing a third party communication with a hosting web page | |
| Stuttard et al. | The web application hacker's handbook: Finding and exploiting security flaws | |
| CN103957436B (zh) | 一种基于ott业务的视频防盗链方法 | |
| Vallina et al. | Tales from the porn: A comprehensive privacy analysis of the web porn ecosystem | |
| US9294479B1 (en) | Client-side authentication | |
| US20120204250A1 (en) | Securing Unrusted Content For Collaborative Documents | |
| CN103179134A (zh) | 基于Cookie的单点登录方法、系统及其应用服务器 | |
| JP2006268849A (ja) | ブラウザの表示においてドメインをハイライトするためのシステムおよび方法 | |
| Yusof et al. | Preventing persistent Cross-Site Scripting (XSS) attack by applying pattern filtering approach | |
| GB2484879A (en) | Method and apparatus for security validation of input data | |
| Shrivastava et al. | XSS vulnerability assessment and prevention in web application | |
| Chaudhary et al. | Auditing defense against XSS worms in online social network-based web applications | |
| US8996715B2 (en) | Application firewall validation bypass for impromptu components | |
| Lekies et al. | A tale of the weaknesses of current client-side XSS filtering | |
| Sun et al. | Polict: Flexible policy in certificate transparency enabling lightweight self-monitor | |
| Kimak et al. | An investigation into possible attacks on HTML5 indexedDB and their prevention | |
| Chu et al. | An investigation of hotlinking and its countermeasures | |
| Uma et al. | Improved cross site scripting filter for input validation against attacks in web services | |
| Cao et al. | Poster: a path-cutting approach to blocking XSS worms in social web networks | |
| Onishi et al. | Security and Performance | |
| Braganza | Cross-site scripting–an alternative view | |
| Yamazaki et al. | Xilara: An XSS filter based on HTML template restoration |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| RER | Ceased as to paragraph 5 lit. 3 law introducing patent treaties |