SI24434A - A system of granting web trust seals with the detection of attacks by redirecting of ip address - Google Patents

A system of granting web trust seals with the detection of attacks by redirecting of ip address Download PDF

Info

Publication number
SI24434A
SI24434A SI201300194A SI201300194A SI24434A SI 24434 A SI24434 A SI 24434A SI 201300194 A SI201300194 A SI 201300194A SI 201300194 A SI201300194 A SI 201300194A SI 24434 A SI24434 A SI 24434A
Authority
SI
Slovenia
Prior art keywords
certificate
address
token
server
recipient
Prior art date
Application number
SI201300194A
Other languages
Slovenian (sl)
Inventor
Lipičnik Aleš
ArtiÄŤek Jure
Klasinc David
Original Assignee
Connet D.O.O.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Connet D.O.O. filed Critical Connet D.O.O.
Priority to SI201300194A priority Critical patent/SI24434A/en
Priority to PCT/SI2014/000036 priority patent/WO2015009247A1/en
Publication of SI24434A publication Critical patent/SI24434A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1483Countermeasures against malicious traffic service impersonation, e.g. phishing, pharming or web spoofing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Abstract

Sistem podeljevanja spletnih pečatov zaupanja z detekcijo napadov s preusmeritvijo IP naslova omogoča pridobitev dodatne varnosti obiskovalcem spletnih strani. Spletni pečati z detekcijo, napadov z preusmeritvijo IP naslova (pharming) rešujejo problem odkrivanja napada na spletno mesto s tehnikami pharming, IP spoofing , DNS spoofing, ki v bistvu potvarjajo IP naslov spletnega mesta na določeni spletni domeni npr. 'www.moja domena.si'. Napadalec v takem primeru postavi kopijo spletnega mesta na drugem IP naslovu in z preusmeritvijo doseže, da zahteve za prikaz spletnih strani prispejo na lažni steznik. Izum omogoča, da je obiskovalec takšne spletne strani takoj obveščen o nepravilnosti/napadu in sicer tako, da je spletni pečat prikazan kot nepreverjen, ali pa v celoti izgine, ker ga je napadalec odstranil.The system of granting web seals of trust by detecting attacks by redirecting the IP address makes it possible to gain additional security for website visitors. Web-based seals with detection, phishing attacks redress the problem of detecting an attack on the site with pharming, IP spoofing, DNS spoofing, which essentially spit out the IP address of a site on a particular web domain, e.g. 'www.moja domena.si'. In such a case, the attacker will place a copy of the site on another IP address, and with the redirection, the requests for the display of web pages arrive at the false corset. The invention allows the visitor of such a website to be immediately informed of an irregularity / attack by means of an online seal being displayed as unverified, or completely disappears because the attacker has removed it.

Description

SISTEM PODELJEVANJA SPLETNIH PEČATOV ZAUPANJA Z DETEKCIJO NAPADOV S PREUSMERITVIJO IP NASLOVACONFIDENTIAL WEB DISTRIBUTION SYSTEM WITH IP DETECTION

Izum posega na področje varnosti uporabe interneta z vidika končnega uporabnika - obiskovalca spletnih strani.The invention encroaches on the security of Internet usage from the perspective of the end user - the visitor of the web pages.

Predemet zaupanj a zaupanj a izkazujejo izuma je sistem podeljevanja spletnih in postopek preverjanja verodostojnosti na spletnih straneh, s katerimi se podeljeni certifikati zaupanja.The object of the trust trusts of the invention is the online awarding system and the process of verifying the credibility of the websites that grant the trust certificates.

pečatov pečatov običajnoseals seals usually

Obiskovalci spletnih strani A so vse pogosteje žrtve spletnih prevar. Velik del spletnih prevar uporablja lažne spletne strani, ki so kopija originalnih strani kakšnega ponudnika. Za zaščito in ugotavljanje avtentičnosti spletnih strani je na voljo več ponudnikov t.i. izdajateljev certifikatov zaupanja B, ki s podelitvijo certifikata jamčijo verodostojnost strani oz. spletnega mesta v celoti. Prejemnik takšnega certifikata C na svojih straneh objavi pečat, najpogosteje v obliki sličice E. Ker je sličice pečatov zelo enostavno kopirati, se pri tehnološko naprednejših izdajateljih le-te servirajo iz strežnika izdajatelja in vsebujejo povezavo nazaj na strežnik izdajatelja. Preko takšne povezave lahko obiskovalec s klikom na pečat preveri avtentičnost pečata in strani v celoti.Visitors to Website A are increasingly becoming victims of online fraud. A large proportion of online scams use fake websites that are a copy of the original pages of some provider. Several providers are available to protect and authenticate websites. the issuers of trust certificates B, which by granting the certificate guarantee the authenticity of the site or. of the site as a whole. The recipient of such a C certificate places a stamp on its pages, most often in the form of a thumbnail E. Since the thumbnails of the seals are very easy to copy, they are served by technologically advanced publishers from the publisher's server and include a link back to the publisher's server. Through such a link, the visitor can click on the seal to verify the authenticity of the seal and the page as a whole.

Naprednejši sistemi zmorejo preveriti ime spletnega mesta (domene) iz katere prihaja zahteva za prikaz pečata. Na ta način lahko sistem certificiranj a v precej primerih zazna kopiranje spletnih mest s pečatom, ker se pečat pač zahteva iz napačnega strežnika.More advanced systems can verify the name of the site (domain) from which the request to display the seal comes from. In this way, the certification system can, in many cases, detect the copying of websites with a seal, because the seal is required from the wrong server.

Bolj napredne vrste napadov pa ohranijo ime strežnika na kopiji in potvorijo IP naslov strežnika tako, da kaže na lažno • · · spletno stran. V takem primeru osnovna detekcija imena strežnika odpove. Tovrstne napade na spletna mesta zasledimo pod imeni 'pharming', 'DNS spoofing', 'IP spoofing'.More advanced attack types, however, keep the server name on the copy and fake the server IP address by pointing to a false • · · web page. In this case, the basic detection of the server name fails. These kinds of attacks on the websites are called 'pharming', 'DNS spoofing', 'IP spoofing'.

Patenti ki obravnavajo področje detekcije 'pharming', 'DNS spoofing', 'IP spoofing' napadov je kar precej, vendar nobeden ne posega na področje detekcije preko storitve izdajanja certifikatov na spletu.There are quite a few patents covering the field of detection of 'pharming', 'DNS spoofing', 'IP spoofing' attacks, but none interfere with detection through the online certification service.

Patent US 2008/0060054 Al obravnava detekcijo pharming napada na osnovi poizvedbe preko dveh različnih infrastruktur izhajajoč iz delovne postaje odjemalca. Predlagani patent ugotavljanje pravilnosti IP naslova začne z zahtevo iz strežnika, ki je potencialno napaden, s čimer je metoda bistveno drugačna.US Patent 2008/0060054 Al addresses query-based pharming attack detection across two different infrastructures based on a client workstation. The proposed patent determines the correctness of the IP address with a request from a potentially attacked server, making the method significantly different.

Patent US 2008/0055928 Al obravnava detekcij na osnovi t.i. 'belega seznama' (white pripadajočih veljavnih IP naslovov. Tudi uporablja t.i. 'beli seznam', vendar je nekoliko drugačna.US Patent 2008/0055928 Al deals with detections based on i.i. 'whitelist' (the white of the applicable IP addresses. It also uses the so-called 'whitelist', but is slightly different.

o pharming napada list) domen in pričujoči sistem uporaba le tegaabout pharming attack list) domains and this system use it

Patent US 2009/0208020 Al obravnava detekcijo pharming napada preko programske opreme na strani odjemalca - t.i. password managerj a.US Patent 2009/0208020 Al deals with detection of pharming attack via client-side software - i.e. password managerj a.

S sistemom in postopkom po izumu, lahko sistem certificiranj a zazna tudi tovrstne napade in ustrezno ukrepa, npr. obvesti obiskovalca o nepreverjenem pečatu zaupanja z ustrezno spremembo pečata.With the system and process of the invention, the certification system can also detect such attacks and take appropriate action, e.g. informs the visitor of the unverified seal of trust by changing the seal accordingly.

Obiskovalec spletne strani s tem pridobi dodatno varnost. Tako zaščitena spletna stran bo vedno izkazovala stanje 'nepreverjeno', tudi v primerih, ko je bil obiskovalčev računalnik 'okužen' z virusom, ki preusmerja IP naslov določene domene.This gives the website visitor additional security. A secure site like this will always show an 'unverified' status, even in cases where the visitor's computer has been 'infected' with a virus that redirects the IP address of a particular domain.

Podobne rešitve prijavitelju niso poznane.Similar solutions to the applicant are unknown.

Izum je možno aplicirati v kateremkoli sistemu certificiranj a spletnih mest, ki izpolnjuje naslednje pogoje;The invention can be applied to any site certification system that meets the following conditions;

- v sistemu nastopajo tri entitete: izdajatelj certifikata B, prejemnik certifikata C in obiskovalec A spletne strani prejemnika certifikata C;- there are three entities in the system: the issuer of the certificate B, the recipient of the certificate C and the visitor A of the website of the recipient of the C certificate;

- izdajatelj certifikata B razpolaga s tehnologijo (spletni strežnik in spletna aplikacija), ki preverja zahtevke spletnega brskalnika obiskovalca A za prikaz pečata D. Pri tem ni nujno, da je pečat ravno slika, kar je najpogostejša oblika. Pečat je lahko tudi zvočni ali drugačen zapis, ki ga lahko človek zazna in prepozna;- Certificate B has technology (web server and web application) that verifies visitor A's web browser requests to display seal D. In this case, the seal does not have to be a straight image, which is the most common form. A seal can also be an audio or other record that can be detected and recognized by a person;

- prejemnik certifikata C ima spletno mesto na katerem je objavil pečat po navodilih la izdajatelja certifikata B;- the recipient of Certificate C has a website on which he has posted the seal following the instructions of the issuer of Certificate B;

- prikaz pečata se zahteva s strežnika izdajatelja certifikata B, ki tudi preverja upravičenost zahteve za prikaz.- the display of the seal is requested from the server of the issuer of certificate B, which also checks the eligibility of the request for display.

Izum ponazarjajo naslednje slike:The invention is illustrated by the following figures:

Slika 1: shematski prikaz sistema certificiranj a spletnih mest s certifikati zaupanja, ki vključuje nastopajoče entitete in podatkovne transakcije.Figure 1: Schematic illustration of a certification system for trusted sites that includes emerging entities and data transactions.

Slika 2: diagram poteka preverjanja verodostojnosti pečata zaupanja z vključeno detekcijo pravilnosti IP naslova spletnega mesta prejemnika certifikata C.Figure 2: Diagram of the authentication seal of a trust seal with the IP address authentication of the C certificate recipient website included.

Slika 3: simbolični prikaz pečata zaupanja.Figure 3: A symbolic representation of the trust seal.

Ogled internetnih strani se začne z zahtevo za ogled strani 2a, ki jo sproži obiskovalec A na svoji delovni postaji s pomočjo spletnega brskalnika.Web browsing begins with a request to view Page 2a initiated by visitor A on his workstation using a web browser.

Strežnik zahtevane strani odgovori z vsebino spletne strani 2b. V kolikor je zahtevana stran v lasti prejemnika certifikata C in opremljena s pečatom po navodilih la izdajatelja certifikata B, brskalnik obiskovalca A nadaljuje z zahtevo za prikaz pečata 2c na strežnik izdajatelja certifikata B. Strežnik izdajatelja certifikata B odgovori z vsebino pečata 2d, ki jo brskalnik obiskovalca A nato prikaže oziroma predvaja.The server of the requested page responds with the content of website 2b. To the extent that the requested page is owned by the C certificate recipient and is stamped as instructed by the certificate issuer B, visitor A's browser proceeds to request that the certificate 2c be displayed on the certificate issuer's server B. Visitor A then shows or plays.

Neodvisno od zgornjega postopka mora, v skladu z izumom, prejemnik certfikata zaupanja C na spletno mesto namestiti tudi programsko kodo, ki od strežnika izdajatelja certifikata B periodično zahteva lb podatkovni žeton T. Izdajatelj certifikata B na to zahtevo pošlje odgovor lc z veljavnim podatkovnim žetonom T, ki se shrani lokalno na strežnikuNotwithstanding the above procedure, in accordance with the invention, the recipient of a C Certificate of Trust must also install a code on the website that periodically requests the lb data token from the server of the certificate B. The certificate issuer B sends a response lc with a valid data token T to this request. , which is stored locally on the server

prejmnika of the recipient certifikata C certificate C . Če zahteva . If requested lb ni lb there isn't bila prepoznana kot was recognized as veljavna, valid, izdaj atelj betray the atelier certifikata certificate B v B v odgovoru lc vrne replies lc returns neveljaven/prazen žeton invalid / empty token T. Т. Prej emnik Previously certifikata certificate C v nadaljevanju C below podatkovni žeton T data token T

uporabi za pošiljanje obiskovalcem, ki zahtevajo ogled spletne strani 2a. Podatkovni žeton T se skupaj z zahtevano vsebino spletne strani 2b pošlje npr.v obliki t.i. 'piškotka' (cookie) ali na drug ustrezen način.used to send to visitors requesting to view website 2a. The T data token, together with the required content of webpage 2b, is sent, e.g. 'cookie' or other appropriate means.

Ko je spletna stran v celoti prikazana v brskalniku obiskovalca A, lahko brskalnik začne preverjati avtentičnost pečata in posledično celotne strani, da se obiskovalec A zaščiti pred morebitnimi zlorabami. V ta namen pošlje zahtevo za prikaz pečata 2c izdajatelju certifikata B. Zahtevi za prikaz pečata 2c je dodan tudi podatkovni žeton T, ki je bil sprejet hkrati z vsebino spletne strani 2b od prejemnika certifikata C. Izdajatelj certifikata B na osnovi takšne zahteve lahko preveri, ali je zahteva prišla za pravo domeno, pa tudi ali je ta domena na pravem IP naslovu.Once the website is fully displayed in visitor A's browser, the browser can begin authenticating the seal and, consequently, of the entire page, to protect visitor A from possible misuse. To this end, it sends a request for the display of seal 2c to the issuer of certificate B. The request for the display of seal 2c is also added to the data token T, which was accepted at the same time as the contents of website 2b from the recipient of certificate C. On the basis of such a request, the issuer of the certificate B may verify, whether the request came for the right domain, as well as whether that domain is at the right IP address.

Po preverjanju, ki ga ponazarja Slika 2, izdajatelj certifikata B vrne pečat zaupanja v obliki, ki ustreza rezultatu preverjanja, torej 'preverjeno' D ali 'nepreverjeno' E, kot to v eni različici simbolično prikazuje slika 3.Following the verification illustrated in Figure 2, the certificate issuer B returns the trust seal in the form corresponding to the verification result, ie 'verified' D or 'unverified' E, as shown in Figure 3 in one version.

Preverjanje poteka v treh korakih. Naprej se preveri ali je žeton T sploh prisoten v zahtevi za prikaz pečata 2c. V naslednjem koraku se preveri ali je žeton T veljaven, kar se ugotavlja iz pričakovane oblike zapisa žetona T in vsebine zapisa. Veljavnost žetona T je časovno omejena, kar je zapisano tudi v vsebini žetona.The verification is done in three steps. Next, it is verified that the token T is present at all in the request to display seal 2c. The next step is to verify that the token T is valid, which is determined from the expected format of the token T and the contents of the record. The validity of the token T is limited in time, which is also written in the token content.

V zadnjem koraku se preveri še veljavnost IP naslova strežnika prejemnka certifikata C. Del vsebine žetona T so tudi:The final step is to verify the validity of the IP address of the C certificate server. Part of the contents of the T token are also:

- enoznačna oznaka prejemnka certifikata C,- the unique designation of the recipient of the C certificate,

- enoznačna oznaka domene za katero je certifikat veljaven,- a unique domain code for which the certificate is valid,

- IP naslov strežnika prejemnka certifikata C, s katerega je bila podana zahteva lb za žeton T.- The IP address of the C certificate recipient server from which the lb request for the T token was submitted.

IP naslov iz žetona T se primerja z veljavnimi IP naslovi domene na kateri prejemnik certifikata C prikazuje svoje spletne strani. Seznam veljavnih IP naslovov (white-list) prijavi prejemnik certifikata C.The IP address from the T token is compared to the valid IP addresses of the domain where the C certificate recipient displays their web pages. The list of valid IP addresses (white-list) is reported by the C certificate recipient.

Da bi sistem zaščite deloval mora izdajatelj certifikata B izpolniti nekaj predpogojev:In order for the security system to work, the issuer of Certificate B must meet the following prerequisites:

- izdajatelj certifikatov B zaupanja mora razpolagati z ustreznim strežnikom, programsko opremo in podatkovno bazo 3, ki omogoča opisane transakcije;- the B Certification Authority must have an appropriate server, software and database 3 to facilitate the transactions described;

- izdajatelj certifikatov B mora v podatkovno bazo 3 registrirati/ zapisati prejemnika certifikata C, njegove spletne domene, ki naj bodo zaščitene in seznam veljavnih IP naslovov za posamezno domeno (white-list);- Certificate B must register / record in Database 3 the recipient of the C certificate, its online domains to be protected, and a list of valid IP addresses for each domain (white-list);

- prejemnik certifikata C mora na domeno, ki ji pripada certifikat zaupanja namestiti program pečata in program za osveževanje žetona T, izdajatelja certifikata B.- the recipient of the C certificate must install on the domain to which the trust certificate belongs the seal and refresh program token T issued by the certificate B.

skladno z navodili laaccording to the instructions of la

Claims (6)

PATENTNI ZAHTEVKIPATENT APPLICATIONS 1. Sistem podeljevanja spletnih pečatov zaupanja z detekcijo napadov s preusmeritvijo IP naslova za varno uporabo interneta obiskovalca spletnih strani značilen po tem, da vključuj e:1. A web based trust sealing system with attack detection by IP address redirection for secure internet site visitor use, characterized in that it includes e: izdajatelja certifikatov (B), ki razpolaga z infrastrukturo, ki vsebuje najmanj računalniški strežnik z ustrezno programsko opremo, podatkovno bazo (3) in internetno povezavo, pri čemer se v bazo podatkov (3) vpiše prejemnike certifikatov (C), njihove spletne domene in veljavne IP naslove teh domen;the certification authority (B), which has at least one computer server with appropriate software, a database (3) and an Internet connection, registering the certificate recipients (C), their online domains, and valid IP addresses of these domains; prejemnika certifikatov (C) , ki razpolaga s spletno domeno nameščeno na strežnik, na katerem ima delujoče spletno mesto z eno ali več spletnimi stranmi, pri čemer se na spletno mesto namesti pečat po navodilih (la) izdajatelja certifikata (B) in programska koda, ki od strežnika izdajatelja certifikata (B) periodično zahteva (lb) podatkovni žeton (T).a certificate recipient (C) who has a web domain installed on a server on which a website with one or more web pages is running, affixing a stamp according to the instructions (la) of the certificate issuer (B) and the program code, which periodically requests (lb) a data token (T) from the certificate server (B). obiskovalca certifikata informacijo prej emnikathe visitor of the certificate is the information of the former emitter Postopek preverjanja verodostojnosti pečatov zaupanja na spletni strani prejemnika (C) značilen po tem, da se skupaj z zahtevo (The process of verifying the authenticity of a trust seal on the recipient's website (C), characterized in that, together with the request ( 2c) za prikaz pečata iz delovne naprave (A) spletne strani pošlje izdajatelju (B) tudi podatkovni žeton (T), ki nosi o veljavnem IP naslovu spletnega mesta certifikatov (C), na osnovi katerega izdajatelj certifikatov (B) ugotovi veljavnost zahteve (2c) .2c) to display the stamp from the work device (A) of the website also sends to the issuer (B) a data token (T) bearing the valid IP address of the certificate website (C), on the basis of which the issuer of the certificate (B) determines the validity of the request ( 2c). 3. Postopek po zahtevku 2, značilen po tem, da se podatkovni žeton (T) prenese v delovno napravo obiskovalca (A) spletne strani hkrati z vsebino spletne strani (2b).Method according to claim 2, characterized in that the data token (T) is transferred to the visitor's work device (A) at the same time as the content of the website (2b). 4. Postopek po zahtevku 2, značilen po tem, da se podatkovni žeton (T) periodično prenese iz strežnika izdajatelja certifikata (B) v strežnik prejemnika certifikata (C) s pomočjo programske kode, ki od strežnika izdajatelja certifikata (B) periodično zahteva (ib) podatkovni žeton (T) .Method according to claim 2, characterized in that the data token (T) is periodically transferred from the certificate issuer server (B) to the certificate recipient server (C) by means of a program code that periodically requests from the certificate issuer server (B) ( ib) data token (T). 5. Postopek po predhodnih zahtevkih, značilen po tem, da se najprej preveri ali je žeton (T) sploh prisoten v zahtevi za prikaz pečata (2c); v naslednjem koraku se preveri ali je žeton (T) veljaven, kar se ugotavlja iz pričakovane oblike zapisa žetona (T) in vsebine zapisa; v zadnjem koraku se preveri še veljavnost IP naslova strežnika prejemnika certifikata (C), pri čemer se IP naslov iz žetona (T) primerja z veljavnimi IP naslovi domene na kateri prejemnik certifikata (C) prikazuje svoje spletne strani.A method according to the preceding claims, characterized in that it is first verified that the token (T) is present at all in the request to display the seal (2c); the next step is to verify that the token (T) is valid, which is determined from the expected token format (T) and the contents of the record; in the last step, the validity of the IP address of the certificate recipient server (C) is also checked, comparing the IP address from the token (T) with the valid IP addresses of the domain where the certificate recipient (C) displays its web pages. 6. Postopek po predhodnih zahtevkih, značilen po tem, da je del vsebine žetona (T) enoznačna oznaka prejemnka certifikata (C), enoznačna oznaka domene za katero je certifikat veljaven in IP naslov strežnika prejemnka certifikata (C) , s katerega je bila podana zahteva (ib) za podatkovni žeton (T).A method according to the preceding claims, characterized in that part of the token content (T) is a unique certificate recipient code (C), a unique domain code for which the certificate is valid and the IP address of the certificate recipient server (C) from which it was given request (ib) for data token (T).
SI201300194A 2013-07-17 2013-07-17 A system of granting web trust seals with the detection of attacks by redirecting of ip address SI24434A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
SI201300194A SI24434A (en) 2013-07-17 2013-07-17 A system of granting web trust seals with the detection of attacks by redirecting of ip address
PCT/SI2014/000036 WO2015009247A1 (en) 2013-07-17 2014-06-10 System for granting web trust seals with detection of ip-address redirection attacks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SI201300194A SI24434A (en) 2013-07-17 2013-07-17 A system of granting web trust seals with the detection of attacks by redirecting of ip address

Publications (1)

Publication Number Publication Date
SI24434A true SI24434A (en) 2015-01-30

Family

ID=51492420

Family Applications (1)

Application Number Title Priority Date Filing Date
SI201300194A SI24434A (en) 2013-07-17 2013-07-17 A system of granting web trust seals with the detection of attacks by redirecting of ip address

Country Status (2)

Country Link
SI (1) SI24434A (en)
WO (1) WO2015009247A1 (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11295301B1 (en) * 2017-12-15 2022-04-05 Worldpay, Llc Systems and methods for electronic certification of e-commerce security badges
CN110995848B (en) * 2019-12-10 2022-09-06 京东科技信息技术有限公司 Service management method, device, system, electronic equipment and storage medium
US11032270B1 (en) 2020-04-07 2021-06-08 Cyberark Software Ltd. Secure provisioning and validation of access tokens in network environments
EP3687139B1 (en) * 2020-04-07 2023-09-06 CyberArk Software Ltd. Secure provisioning and validation of access tokens in network environments

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090043765A1 (en) * 2004-08-20 2009-02-12 Rhoderick John Kennedy Pugh Server authentication
JP4245014B2 (en) 2006-08-09 2009-03-25 ソニー株式会社 Backlight device, light source device, lens, electronic device and light guide plate
US20080060054A1 (en) 2006-09-05 2008-03-06 Srivastava Manoj K Method and system for dns-based anti-pharming
US8397279B2 (en) * 2006-09-07 2013-03-12 Fazal Raheman Method and system of network integrity via digital authorization (NIDA) for enhanced internet security
US20090208020A1 (en) 2008-02-15 2009-08-20 Amiram Grynberg Methods for Protecting from Pharming and Spyware Using an Enhanced Password Manager
SI23779A (en) * 2011-06-28 2012-12-31 Connet D.O.O. Web seals with the signature of the website's visitor

Also Published As

Publication number Publication date
WO2015009247A1 (en) 2015-01-22

Similar Documents

Publication Publication Date Title
Li et al. Analysing the Security of Google’s implementation of OpenID Connect
US8843516B2 (en) Internet security
US9241004B1 (en) Alteration of web documents for protection against web-injection attacks
Johns et al. RequestRodeo: Client side protection against session riding
EP3095225B1 (en) Redirect to inspection proxy using single-sign-on bootstrapping
Richer Oauth 2.0 token introspection
JP5598828B2 (en) Software signing certificate reputation model
US20050268100A1 (en) System and method for authenticating entities to users
Mao et al. Defeating cross-site request forgery attacks with browser-enforced authenticity protection
US8667294B2 (en) Apparatus and method for preventing falsification of client screen
Boniface et al. Security analysis of subject access request procedures: How to authenticate data subjects safely when they request for their data
US8904521B2 (en) Client-side prevention of cross-site request forgeries
JP2022545627A (en) Decentralized data authentication
US9521138B2 (en) System for domain control validation
US9178888B2 (en) Method for domain control validation
US20070061734A1 (en) Method for establishing trust online
CN102355469A (en) Method for displaying credibility certification for website in address bar of browser
SI24434A (en) A system of granting web trust seals with the detection of attacks by redirecting of ip address
CN102255894A (en) Website information verification method, system and resolution server
TWI397297B (en) Method and system for enabling access to a web service provider through login based badges embedded in a third party site
KR100956452B1 (en) A method for protecting from phishing attack
US20090094456A1 (en) Method for protection against adulteration of web pages
JP6444344B2 (en) Authentication server, mediation server, and advertisement distribution server
SI23779A (en) Web seals with the signature of the website's visitor
CN105635322B (en) A kind of Verification System and authentication method based on image signatures verifying number of website real

Legal Events

Date Code Title Description
OO00 Grant of patent

Effective date: 20150209

KO00 Lapse of patent

Effective date: 20180320