AU2002213141A1 - User impersonation by a proxy server - Google Patents

User impersonation by a proxy server

Info

Publication number
AU2002213141A1
AU2002213141A1 AU2002213141A AU1314102A AU2002213141A1 AU 2002213141 A1 AU2002213141 A1 AU 2002213141A1 AU 2002213141 A AU2002213141 A AU 2002213141A AU 1314102 A AU1314102 A AU 1314102A AU 2002213141 A1 AU2002213141 A1 AU 2002213141A1
Authority
AU
Australia
Prior art keywords
user
proxy
http request
personal information
proxy server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
AU2002213141A
Inventor
Yaniv Gvily
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SAP Portals Israel Ltd
Original Assignee
SAP Portals Israel Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SAP Portals Israel Ltd filed Critical SAP Portals Israel Ltd
Publication of AU2002213141A1 publication Critical patent/AU2002213141A1/en
Abandoned legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0281Proxies
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/10Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
    • G06Q20/108Remote banking, e.g. home banking
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/02Banking, e.g. interest calculation or account maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/563Data redirection of data network streams
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/564Enhancement of application control based on intercepted application data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/59Providing operational support to end devices by off-loading in the network or by emulation, e.g. when they are unavailable
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/102Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measure for e-commerce
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/2871Implementation details of single intermediate entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/567Integrating service provisioning from a plurality of service providers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Strategic Management (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Development Economics (AREA)
  • Technology Law (AREA)
  • Software Systems (AREA)
  • Marketing (AREA)
  • Information Transfer Between Computers (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

A user is connected to the Internet by a proxy server that impersonates the user. Websites are accessed by sending an HTTP request to the proxy server. The HTTP request is encoded with characters that are understood by the proxy as requiring that the HTTP request be intercepted and either an identified script be executed or data within the request be extracted. The impersonating proxy automatically carries out the steps that would otherwise be carried out by the user when performing a transaction at a website. In one example, a user checks a bank website for a balance inquiry. A first HTTP request includes a script identifier. The proxy retrieves and executes the identified script, which in turn causes a an HTTP response to be sent to the user's browser for personal information (e.g., user name and password). That personal information is extracted from a second HTTP request returned to the proxy, and the proxy accesses the bank website, enters the personal information, retrieves the account balance, and provides it to the user.
AU2002213141A 2000-10-12 2001-10-10 User impersonation by a proxy server Abandoned AU2002213141A1 (en)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US24060200P 2000-10-12 2000-10-12
US60240602 2000-10-12
US09973572 2001-10-09
US09/973,572 US7370015B2 (en) 2000-10-12 2001-10-09 User impersonation by a proxy server
PCT/US2001/031882 WO2002031674A1 (en) 2000-10-12 2001-10-10 User impersonation by a proxy server

Publications (1)

Publication Number Publication Date
AU2002213141A1 true AU2002213141A1 (en) 2002-04-22

Family

ID=26933533

Family Applications (1)

Application Number Title Priority Date Filing Date
AU2002213141A Abandoned AU2002213141A1 (en) 2000-10-12 2001-10-10 User impersonation by a proxy server

Country Status (5)

Country Link
US (1) US7370015B2 (en)
EP (1) EP1334434B1 (en)
AT (1) ATE535876T1 (en)
AU (1) AU2002213141A1 (en)
WO (1) WO2002031674A1 (en)

Families Citing this family (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030037131A1 (en) * 2001-08-17 2003-02-20 International Business Machines Corporation User information coordination across multiple domains
US20030126248A1 (en) * 2001-12-28 2003-07-03 Chambers Paul S. Method to automatically configure network routing device
US20030182424A1 (en) * 2002-03-22 2003-09-25 Steve Odendahl Scriptable proxy server
JP2003281021A (en) * 2002-03-25 2003-10-03 Alps System Integration Co Ltd Url information sharing system using proxy cache or proxy log
US7499983B2 (en) 2002-05-06 2009-03-03 Micron Technology, Inc. Web dispatch service
US7203720B2 (en) * 2002-11-27 2007-04-10 Bea Systems, Inc. Web server hit multiplier and redirector
US8364747B2 (en) * 2002-12-17 2013-01-29 International Business Machines Corporation Client/server request handling
US20140143852A1 (en) * 2008-08-21 2014-05-22 Ntrepid Corporation Secure network privacy system
US20050037787A1 (en) * 2003-06-27 2005-02-17 Rosett-Wireless Corporation Wireless intelligent portable-server system (WIPSS)
US20050228891A1 (en) * 2004-04-09 2005-10-13 Fuji Xerox Co., Ltd. Parameter processing apparatus and parameter setting method for same
GB0420409D0 (en) * 2004-09-14 2004-10-20 Waterleaf Ltd Online commercial transaction system and method of operation thereof
US7587456B2 (en) * 2004-12-28 2009-09-08 Taiwan Semiconductor Manufacturing Co., Ltd. Operation system and method of workflow integrated with a mail platform and web applications
US20070073878A1 (en) * 2005-09-23 2007-03-29 Qurio Holdings, Inc. System and method for lowering proxy bandwidth utilization
JPWO2007088785A1 (en) * 2006-01-31 2009-06-25 ヒューレット−パッカード デベロップメント カンパニー エル.ピー. Personal information leakage prevention device and method
US7764701B1 (en) 2006-02-22 2010-07-27 Qurio Holdings, Inc. Methods, systems, and products for classifying peer systems
US7779004B1 (en) 2006-02-22 2010-08-17 Qurio Holdings, Inc. Methods, systems, and products for characterizing target systems
US8782393B1 (en) 2006-03-23 2014-07-15 F5 Networks, Inc. Accessing SSL connection data by a third-party
JP4867482B2 (en) * 2006-06-06 2012-02-01 富士ゼロックス株式会社 Control program and communication system
US8041784B1 (en) 2006-06-27 2011-10-18 Qurio Holdings, Inc. Redundant hybrid P2P content sharing
CN101102189B (en) * 2006-07-05 2011-06-22 华为技术有限公司 A gateway system and method for implementing multi-media access
US7873988B1 (en) 2006-09-06 2011-01-18 Qurio Holdings, Inc. System and method for rights propagation and license management in conjunction with distribution of digital content in a social network
US20080072053A1 (en) * 2006-09-15 2008-03-20 Halim Budi S Web-based authentication system and method
US7801971B1 (en) 2006-09-26 2010-09-21 Qurio Holdings, Inc. Systems and methods for discovering, creating, using, and managing social network circuits
US7925592B1 (en) 2006-09-27 2011-04-12 Qurio Holdings, Inc. System and method of using a proxy server to manage lazy content distribution in a social network
US8554827B2 (en) 2006-09-29 2013-10-08 Qurio Holdings, Inc. Virtual peer for a content sharing system
US7782866B1 (en) 2006-09-29 2010-08-24 Qurio Holdings, Inc. Virtual peer in a peer-to-peer network
US8838773B1 (en) * 2006-09-29 2014-09-16 Trend Micro Incorporated Detecting anonymized data traffic
US20080141141A1 (en) * 2006-12-07 2008-06-12 Moore Dennis B Widget runtime engine for enterprise widgets
US20080215998A1 (en) * 2006-12-07 2008-09-04 Moore Dennis B Widget launcher and briefcase
US8117555B2 (en) * 2006-12-07 2012-02-14 Sap Ag Cooperating widgets
US8424058B2 (en) * 2006-12-07 2013-04-16 Sap Ag Security proxying for end-user applications
US7886334B1 (en) 2006-12-11 2011-02-08 Qurio Holdings, Inc. System and method for social network trust assessment
US7730216B1 (en) 2006-12-14 2010-06-01 Qurio Holdings, Inc. System and method of sharing content among multiple social network nodes using an aggregation node
US20080307037A1 (en) * 2007-06-07 2008-12-11 Yahoo! Inc. Client Notification Mechanism Over HTTP
US8266687B2 (en) * 2009-03-27 2012-09-11 Sophos Plc Discovery of the use of anonymizing proxies by analysis of HTTP cookies
US8700892B2 (en) 2010-03-19 2014-04-15 F5 Networks, Inc. Proxy SSL authentication in split SSL for client-side proxy agent resources with content insertion
US20110252117A1 (en) * 2010-04-12 2011-10-13 Swee Huat Sng Devices and Methods for Redirecting a Browser to Access Computer Resource Behind a Network Firewall
US20120117456A1 (en) * 2010-11-05 2012-05-10 Nokia Corporation Method and apparatus for automated interfaces
US20120131645A1 (en) * 2010-11-18 2012-05-24 Harm Michael W User Scriptable Server Initiated User Interface Creation
US20120158200A1 (en) * 2010-12-17 2012-06-21 Greenvolts, Inc Integrated performance monitoring for a concentrated photovoltaic (cpv) system
US9350763B1 (en) * 2012-04-17 2016-05-24 Amazon Technologies, Inc. HTTP tunnelling over websockets
US8838715B2 (en) * 2012-05-25 2014-09-16 Sap Ag Providing client system support
US9436911B2 (en) 2012-10-19 2016-09-06 Pearson Education, Inc. Neural networking system and methods
US8984650B2 (en) 2012-10-19 2015-03-17 Pearson Education, Inc. Privacy server for protecting personally identifiable information
US20160042198A1 (en) 2012-10-19 2016-02-11 Pearson Education, Inc. Deidentified access of content
US9338134B2 (en) * 2013-03-27 2016-05-10 Fortinet, Inc. Firewall policy management
US9948610B2 (en) 2014-08-29 2018-04-17 Citrix Systems, Inc. Method and apparatus for accessing third-party resources
WO2017058519A1 (en) * 2015-09-28 2017-04-06 Arris Enterprises Llc Domain name system response spoofing at customer premise equipment device
US9509684B1 (en) * 2015-10-14 2016-11-29 FullArmor Corporation System and method for resource access with identity impersonation
US9762563B2 (en) 2015-10-14 2017-09-12 FullArmor Corporation Resource access system and method
US10467551B2 (en) 2017-06-12 2019-11-05 Ford Motor Company Portable privacy management
IT202000006343A1 (en) 2020-03-25 2021-09-25 Cleafy Spa Method for monitoring and protecting access to an online service
IT202000006265A1 (en) * 2020-03-25 2021-09-25 Cleafy Spa Method for monitoring and protecting access to an online service
CN114268475A (en) * 2021-12-13 2022-04-01 北京知道创宇信息技术股份有限公司 Malicious script intercepting method, system, server and computer readable storage medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5586260A (en) * 1993-02-12 1996-12-17 Digital Equipment Corporation Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms
US20010034686A1 (en) * 1997-12-10 2001-10-25 Eder Jeff Scott Method of and system for defining and measuring the real options of a commercial enterprise
US5991810A (en) * 1997-08-01 1999-11-23 Novell, Inc. User name authentication for gateway clients accessing a proxy cache server
US6092196A (en) * 1997-11-25 2000-07-18 Nortel Networks Limited HTTP distributed remote user authentication system
US6233577B1 (en) * 1998-02-17 2001-05-15 Phone.Com, Inc. Centralized certificate management system for two-way interactive communication devices in data networks
US6182142B1 (en) * 1998-07-10 2001-01-30 Encommerce, Inc. Distributed access management of information resources
US7613640B2 (en) * 2001-08-29 2009-11-03 Ebs Group Limited Electronic trading system

Also Published As

Publication number Publication date
EP1334434A4 (en) 2005-07-06
EP1334434B1 (en) 2011-11-30
WO2002031674A1 (en) 2002-04-18
US20020046170A1 (en) 2002-04-18
ATE535876T1 (en) 2011-12-15
US7370015B2 (en) 2008-05-06
EP1334434A1 (en) 2003-08-13

Similar Documents

Publication Publication Date Title
AU2002213141A1 (en) User impersonation by a proxy server
JP3407277B2 (en) Communication method, recording medium, and web server
US6865680B1 (en) Method and apparatus enabling automatic login for wireless internet-capable devices
US7421730B2 (en) Maintaining authentication states for resources accessed in a stateless environment
US8448241B1 (en) Browser extension for checking website susceptibility to cross site scripting
CN102868719B (en) A kind of Network Access Method based on buffer memory and server
US9674295B2 (en) Methods for establishing and using a transaction-specific, browser-specific debit card
US7251827B1 (en) In-line sign in
US20060179315A1 (en) System and method for preventing fraud of certification information, and recording medium storing program for preventing fraud of certification information
US7421731B2 (en) Transparent authentication using an authentication server
EP2447878A1 (en) Web based remote malware detection
AU2003238031A1 (en) Method and system for user-determined authentication and single-sign-on in a federated environment
US20100049790A1 (en) Virtual Identity System and Method for Web Services
WO2004015567A3 (en) Validation framework for validating input in a markup language page on a client computer
CA2499807A1 (en) Serving content-relevant advertisements with client-side device support
JP2005321970A (en) Computer system
WO2006131897A1 (en) A system and method for using a secure storage device to provide login credentials to a remotre service over a network
CN107016074B (en) Webpage loading method and device
KR101812002B1 (en) Method and system for authenticating service
KR20060102484A (en) System and method for highlighting a domain in a browser display
CN108200040A (en) Mobile client exempts from method, system, browser and the mobile terminal of close login
CN102546165A (en) Dynamic uniform resource locator (URL) generator, generation method, dynamic-URL-based authentication system and method
US8234402B2 (en) Method and apparatus for request routing
US20050198149A1 (en) Instant messaging HTTP gateway
JPH11102318A (en) System and method for safe and scalable data base transaction by network