WO2002077793A1 - Defining content zones - Google Patents

Defining content zones Download PDF

Info

Publication number
WO2002077793A1
WO2002077793A1 PCT/US2001/009628 US0109628W WO02077793A1 WO 2002077793 A1 WO2002077793 A1 WO 2002077793A1 US 0109628 W US0109628 W US 0109628W WO 02077793 A1 WO02077793 A1 WO 02077793A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
certification
zone
rule
target
Prior art date
Application number
PCT/US2001/009628
Other languages
French (fr)
Inventor
Christopher M. Coulthard
Scott C. Mcleod
Peter D. Norman
Kevin Willoughby
Original Assignee
Geo Trust, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Geo Trust, Inc. filed Critical Geo Trust, Inc.
Priority to PCT/US2001/009628 priority Critical patent/WO2002077793A1/en
Publication of WO2002077793A1 publication Critical patent/WO2002077793A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2115Third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Definitions

  • the present invention is related to organizing computer-generated content, such as Web pages, into zones based on a set of predefined rules .
  • U.S. Patent Application No. 09/248,370 describes a certification system that incorporates digital signatures into Web pages, and that maintains a record associating each Web page with a corresponding digital signature. To certify a Web page, the system compares the digital signature of a displayed Web page to that maintained in the record. If the two match, the Web page is certified; otherwise it is not.
  • Java JAR is example of a certification system that uses lists and digital signatures. Briefly, Java JAR is directed to ensuring the integrity of information in "composite" files; that is, files which contain multiple components, each of which has its own guarantee of integrity.
  • Web page 1 of Figure 1 which may include image element 2, image element 4, and image element 5.
  • the Java JAR system confirms that the content is intact by comparing the content with a hash code generated therefrom by the sender and encrypted with a key to guarantee its authenticity.
  • systems like those above go a long way toward increasing the reliability of computer-generated content such as Web pages, there is still room for improvement.
  • conventional certification systems are limited to providing one level of certification (i.e., "certified"). Using such systems, it is not possible to provide varying degrees of certification for different- Web pages, etc.
  • the invention is a system that enables a user to define "content zones" for holding specific computer- generated content.
  • Each content zone is defined by user- specified rules for that zone. Accordingly, by specifying particular rules, it is possible to define zones which contain any one or more types of content .
  • certified Web pages as an example, using the present invention it is possible to certify the contents of Web pages at one of a plurality of certification levels. For example, three levels of certification may be provided: "high” indicating that a page contains information that is highly reliable, “medium” indicating that the page contains information that is less reliable, and “low” indicating that the page contains information that is still less reliable.
  • a Web site may be organized into a "products for saie" zone, an "unsupported tools” zone, and a "personal opinion” zone.
  • all Web pages in the "products for sale” zone may have a "high” certification level
  • all Web pages in the "unsupported tools” zone may have a "medium” certification level
  • all Web pages in the "personal opinion” zone may have a "low” certification level.
  • the invention is a system that organizes computer-generated content (e.g., Web pages) into plural content zones.
  • the system stores at least one rule defining which content may be included in a target content zone, and determines whether selected content complies with the at least one rule.
  • the system then associates the selected content with the target content zone in a case that the selected content complies with the at least one rule.
  • the selected content comprises a Web page.
  • the at least one rule defines a specific level of certification required for the target content zone, the determining comprises determining a level of certification of the selected content, and the associating comprises associating selected content having the specific level of certification with the target content zone .
  • the at least one rule defines a specific type of content that may be included in the target content zone, the determining comprises determining a type of the selected content, and the associating comprises associating selected content having the specific type with the target content zone.
  • the associating comprises incorporating, into a manifest for complying content, a rule indicating that the complying content is part of the target content zone.
  • the associating comprises incorporating, into rules defining which content may be included in the target content zone, rules indicating that complying content is part of the target content zone.
  • Figure 1 shows a composite Web page.
  • FIG. 2 shows a network system on which the certification process may be implemented.
  • Figure 3 shows the graphical user interface of a Web browser that may be used with the certification process.
  • Figure 4 shows a dynamic Web page that can be certified by the certification process.
  • Figure 5 shows process steps for certifying a dynamic Web page.
  • Figure 6 shows an example of a manifest used by the certification process to certify a dynamic Web page.
  • Figure 7 shows a Web page that can be used to initiate certification of individual static elements of a dynamic Web page.
  • Figure 8 shows the process of certifying individual static elements of a dynamic Web page.
  • Figure 9 shows a client retrieving a dynamic Web page from a Web server.
  • Figure 10 shows providing user input to a Web server.
  • Figure 11 shows requesting certification of a dynamic Web page.
  • Figure 12 shows process steps for certifying the content of dynamic Web pages and other dynamically-generated content .
  • Figure 13 shows issuing a certification message relating to a certification of a dynamic Web page.
  • Figure 14 shows a certificate that may be issued for certified Web pages.
  • Figure 15 shows process steps for organizing Web pages (or other content) into zones.
  • Figure 16 shows an example of a manifest used to organize content into zones.
  • Figure 17 is an abstract view of Web pages on a Web site organized into zones.
  • the following description of the preferred embodiments of the invention relates to Web pages. It is noted up front, however, that the invention is not limited to use with Web pages. Rather, all aspects of the invention can be used with any computer-generated content including, but not limited to, rows in a database, an entire database, computer-generated queries, documents, and the like.
  • the present invention is preferably implemented using a client-server architecture, such as that shown in Figure 2. This architecture includes client 6, certification server 7, and Web server 9 connected via network 10.
  • Network 10 may comprise any type of network or communications medium, including, but not limited to, one or more of the following: the Internet, a local area network ("LAN”), a wide area network (“WAN”), a wireless (e.g., ATM) network, a logical network within a single computer, some other form of programmatic communication such as interprocess communications or dynamic link libraries, or any combination thereof.
  • LAN local area network
  • WAN wide area network
  • wireless e.g., ATM
  • logical network within a single computer
  • programmatic communication such as interprocess communications or dynamic link libraries, or any combination thereof.
  • Client 6 is preferably a personal computer (“PC") or similar data processing device.
  • Client 6 includes network interface 11 for interfacing to network 10, display screen 12 for displaying information to a user, keyboard 14 for inputting text and user commands, mouse 15 for positioning a cursor on display screen 12 and for inputting user commands, disk drive 16 for reading from and writing to floppy disks installed therein, and CD-ROM drive 17 for accessing data stored on CD-ROM.
  • PC personal computer
  • Close-up view 18 shows the internal structure of client 6.
  • Client 6 includes memory 19 which is a computer- readable medium, such as a computer hard disk, for storing information.
  • memory 19 stores operating system 20, applications 21, and data 22.
  • MicrosoftTM Windows98TM is a one operating system that may be used with the invention; however, the invention is not limited to use therewith.
  • Applications 21 include Web browser 24, among others .
  • An example of a Web browser that may be used with the invention is NetscapeTM NavigatorTM.
  • Web browser 24 displays a graphical user interface ("GUI") to a user, through which the user may access information via the Internet (e.g., Web sites, individual Web pages, etc.).
  • GUI graphical user interface
  • Client 6 also includes display interface 26, keyboard interface 27, mouse interface 29, disk drive interface 30, CD-ROM drive interface 31, computer bus 32, RAM 34, and processor 35.
  • Processor 35 preferably comprises a microprocessor or the like for executing applications, such as those noted above, out of RAM 34. Such applications, including browser 24, may be stored in memory 19 as noted above or, alternatively, on a floppy disk in disk drive 16 or CD-ROM in CD-ROM drive 17.
  • processor 35 accesses applications and data stored on floppy disk via disk drive interface 30 and accesses applications and data stored on CD-ROM via CD-ROM interface 31.
  • Web server 9 may comprise a computer having features similar to client 6 for providing remote access to the Web site of an organization.
  • Web server 9 is connected to other computers (not shown) in the organization via LAN 36 (or network 10) .
  • Web server 9 is also connected to certification server 7 via network 10 or other medium.
  • Web server likewise includes a processor 23 and a memory 28, among other things, as shown in close-up view 13.
  • Assembly engine 25 Stored in this memory is assembly engine 25 and Web page elements 33.
  • Assembly engine 25 is a program that is executed by processor 23 to assemble Web pages. More specifically, a single Web page may be composed of a plurality of static and dynamic elements, such as images, applets, text, sound, other Web pages, etc.
  • assembly engine 25 retrieves those elements (e.g., from memory 28) and combines them in a predetermined manner so as to form the Web page.
  • Representative examples of commercially-available assembly engines that may be used in connection with the present invention include ATG Dynamo, Servlets, JSP and ASP
  • Certification server 7 likewise preferably comprises a computer having features similar to client 6. As shown in close-up view 38, certification server 7 includes, among other things, memory 39 for storing both applications and certification information 48 which includes the manifests described below. Memory 39 may include one or more memory devices, such as a computer hard disk, redundant array of inexpensive disks (“RAID”), optical disk drive, and the like. Processor 40 is also included on certification server 7 so as to execute applications stored in memory 39 and to provide the resulting output to the network.
  • RAID redundant array of inexpensive disks
  • Certification engine 41 comprises computer-executable code that runs on certification server 7 to certify Web pages and other dynamic pages based on their content and/or certification information stored in their elements. Certification engine 41 also organizes sets of Web pages into plural zones based on their levels of certification, the type of information contained therein, or the like, as described in more detail below.
  • certification server 7 and Web server 9 may be one in the same; however, since this is not a requirement, the more general case of separate Web and certification servers is depicted in Figure 2.
  • the invention may also be implemented, in its entirety, on a single computer. That is, the functions of client 6, certification server 7 and Web server 9 (or its equivalent) may be implemented on a single computer. Dynamic Content Certification
  • FIGS 4 to 14 depict the operation of certification engine 41 in the context of certifying dynamically-generated (or simply "dynamic") Web pages. At this point, it is repeated that although this embodiment of the invention is described with respect to Web pages, the invention is not limited to use with Web pages and can be used to certify any computer-generated content.
  • a Web page is dynamic if any of its contents is specified generically or generated prograrnmatically or by query or in any other situation where the content is not specified uniquely and immutably a priori. That is, many Web pages are composites, meaning that they are composed of plural elements such as images, applets, text, sound, etc. Each individual element may be static if all of its components are specified uniquely and immutably a priori; however, the Web page itself is still dynamic if the specification of the elements within the page are not so specified. It is also possible for the elements themselves to be dynamic because of their components or because they are programs or queries.
  • Figure 4 shows a hypothetical Web page 42 displayed by browser 24.
  • Web page 42 "builds" an automobile based on user-selected features such as model, year, color, stereo, etc. That is, Web server 9 stores, in a manifest for Web page 42, plural alternatives for text element 43 and image elements 44 and 45.
  • a user selects which features 46 are to be included in the automobile, and a program or applet resident on Web page 43 determines which of the text and images stored on Web server 9 should be displayed as elements 43, 44 and 45 based on the selected features.
  • Browser 24 then transmits this information to Web server 9, where assembly engine 25 retrieves the appropriate text and images from memory 28 (or, more generally, any database on which they reside) and assembles them into Web page 42.
  • Figure 5 shows process steps for certifying a dynamic Web page. Though the process steps of Figure 5 are directed to certification of a Web page, once armed with the disclosure herein, one of ordinary skill in the art could easily use these steps to certify any type of computer- generated dynamic content .
  • the process of Figure 5 begins in step S501 by defining a manifest for the Web page.
  • the manifest is generally defined by the administrator of the Web site on which the Web page resides and provided to certification server 7 where it is indexed to the URL of the Web page and stored in memory.
  • the manifest includes a set of rules that specify information to be included on the Web page.
  • the set of rules includes alternatives for information that may be included on the Web page, though they may specify required information as well .
  • An example of a manifest 47 for Web page 42 is shown in Figure 6.
  • manifest 47 includes a rule 49 requiring display of an automobile image, which defines alternatives 54 (e.g., an image of a convertible, an image of a 4-wheel drive vehicle, etc.). It also includes a rule 55 requiring validation of the certification results. This may be done in accordance with a program or applet on the Web page .
  • Certification information for the rules is provided in step S502 (which may be performed before or after step S501) .
  • step S502 confirms that each alternative element (e.g., image, applet, etc.) that could be included on the Web page is certified. For Web page 42, this means confirming that each image element 44 and 45, and any other information that Web page 42 may include, is certified.
  • the certification of static elements in step S502 is performed by certification engine 41 in accordance with the process described in U.S. Patent Application No. 09/248,370. A brief description of this process is as follows .
  • FIG 7 shows a password protected Web page 57 for requesting certification of an element.
  • an element such as an image
  • the certification control that receives the element prepares and transmits a certification request to certification server 7 specifying the content of the element and the certification desired.
  • a certification request 61 includes content 62 of the element submitted for certification, together with other information 64 such as the certification desired (e.g., site-wide certification, legal department certification, etc.), the author (s) of the element, and a uniform resource locator ("URL") that specifies a Web page on which the element is to be located.
  • the certification desired e.g., site-wide certification, legal department certification, etc.
  • URL uniform resource locator
  • Certification server 7 processes the received certification requests by distributing content 62 to those in an organization that could potentially provide approval for certification. For example, certification server 7 may distribute the content to all members of the organization's legal department when a request is made for legal department certification. Workflow software, E-mail daemons, and other techniques, executing on computers other than the certification server, can alternatively be used to distribute the content for certification.
  • Certification message 66 can include the content and the other information included in the certification request. This message can also include information 67 that describes the individual transmitting the certification message, the type of certification granted (e.g., an individual may have the capacity to certify content for both the marketing and legal departments of the organization), and a level of approval (e.g., "for internal use only” or "for publication on the Internet") . Additionally, the certification message may include a digital signature 68 belonging to the individual submitting the certification message and information to confirm the digital signature (e.g., X.509), or it may include information used by other authentication techniques.
  • a digital signature 68 belonging to the individual submitting the certification message and information to confirm the digital signature (e.g., X.509), or it may include information used by other authentication techniques.
  • Certification engine 41 processes received certification messages in accordance with certifying instructions. These instructions may be embedded in certification engine 41 or retrieved thereby. In one embodiment of the invention, these certifying instructions authenticate a certification message to ensure that an individual claiming to have approved the submitted content was, in fact, the one who produced certification message 66. After authentication, the certifying instructions can determine whether certification message 66 satisfies the criteria for the certification requested. For example, the certifying instructions can determine whether certification message 66, alone or in combination with previously-received certification messages, is sufficient to obtain legal department certification. If the received certification message 66 does not satisfy the requisite certification criteria, the certifying instructions can store the received certification and await further certification messages. The process may store a hash for submitted content awaiting further certification to ensure that subsequent certification is for the same content as the certification already received. The process can also attempt to certify any links or other objects referenced by the content .
  • the certifying instructions determine verification information from the certified content or other information provided.
  • verification information includes data that identifies the certified content such as a URL, compressed or uncompressed portions of the content, and/or an assigned identification number.
  • the verification information may also include one or more hash keys (e.g., an MD5 hash and an SHA hash) .
  • a hash key is produced by a one-way function and typically requires little storage space (e.g., 160-bits) , and is nearly guaranteed to be unique for given content.
  • the certifying instructions can produce a digital signature (e.g., a W3C DSig (Digital Signature Group) compliant signature) for content 62.
  • This digital signature can include computed hash, the content's URL, or any other verification or certification information (not shown) .
  • the certifying instructions determine whether content 62 can be dynamically modified to include the digital signature. For example, HTML and XML permit dynamic insertion of digital signatures into the content (e.g., as header information or as a newly defined tag) . Inclusion of the digital signature in content 62 ensures that the digital signature travels with the content.
  • step S503 processing proceeds to step S503.
  • any page even an initial page, may be subject to the certification process of the present invention.
  • steps S503 and S504 are not necessary, since any attempt to retrieve a page may start at step S505. Nevertheless, for illustration's sake, steps S503 and S504 are included in the process.
  • step S503 a user logs onto client 6, executes browser 24, and requests a Web page from Web server 9.
  • Web server 9 transmits a Web page, such as that shown in Figure 4, to client 6. There, the Web page is displayed.
  • This process is depicted graphically in Figure 9. At this point, it is noted that the invention does not require a user to have an initial page into which to put initial information. Any interaction with the user supplies at least authentication information and perhaps information from "cookies".
  • step S504 the user inputs information into the Web page.
  • the user may select options for building an automobile.
  • Browser 24 transmits these user-selected options (i.e., the user input) to Web server 9, as shown in Figure 10.
  • assembly engine 25 determines which elements (e.g., images, text, applets, sound, etc.) are to be included on the Web page.
  • Assembly engine 25 then retrieves the appropriate elements from memory 28 (or any other database on which they reside) , and assembles the Web page therefrom. Certification of the Web page may take place before, during or after this process.
  • each element on the Web page may be certified prior to assembly, as described above with respect to Figure 8 and in U.S. Patent Application No. 09/248,370.
  • each element may be certified as part of the Web page on an ad hoc basis, i.e., during assembly.
  • certification may take place following assembly of the Web page.
  • pre-assembly rules 90 control certification prior to assembly
  • during-asse bly rules 91 control certification during assembly
  • post-assembly rules 92 control certification post assembly.
  • each of these includes prologue rules, body rules, and epilogue rules, which can specify an order of execution for the rules .
  • assembly engine 25 extracts identification and certification information from each element of the Web page. For example, it extracts the URL of the Web page, the digital signature and/or content of each element (e.g., elements 43, 44 and 45 in Figure 4) in the Web page, an identification number of each element, etc.
  • step S507 assembly engine 25 issues a request to certification server 7.
  • the request can be encrypted for security purposes, and includes the information extracted in step S506, together with a request for certification of the Web page .
  • step S508 determines whether the Web page is certified, meaning that the information contained therein is valid.
  • the certi ication process is performed in certification server 7 by certification engine 41.
  • the Web server and certi ication server functions may be implemented on the same computer, in which case the certification process would take place on that single computer.
  • FIG 12 depicts the certification process.
  • certification server 7 receives the request for certification from assembly engine 25 on Web server 9. Based on this request, and the information contained therein, certification engine 41 determines whether the information in the Web page complies with the set of rules stored therefor. To this end, certification engine 41 determines whether each of the elements that make up the Web page corresponds to at least one of the alternatives contained in the manifest for that Web page. This is done in step S1202, e.g., by comparing an assigned identification number or hash for each element to those contained in the manifest .
  • step S1203 certification engine 41 also determines whether that element is certified. This is done, e.g., by comparing one or more of the digital signature, content, etc. for that element to corresponding verification information therefor. If there is a match, then that individual element is considered certified. Alternatively, certification information can be included in the manifest, in which case the manifest can be consulted to determine whether each element is certified.
  • step S1204 certification engine 41 also determines whether that element is certified.
  • Each such element includes a manifest, and a requisite rule or rules are executed for that element. The results of these executions are certified by subsequent rules to see what form of certification is required for the entire Web page. This process is similar to that described above .
  • step S1204 if the Web page complies with the manifest stored on certification server 7, i.e., if each of its elements complies with a rule on the manifest and is certified, then the entire Web page is considered certified. Otherwise, it is not.
  • the certification of the entire page depends upon the epilogue rules working on the certification results of the prologue and the body. In the absence of any explicit global certification rules, rules from a zone or site manifest (described below) may be used.
  • the invention provides for several different levels of certification. For example, three such levels may be provided, including “high” (or “platinum”) indicating that the information is highly reliable, “medium” (or “gold”) indicating a relatively lower degree of reliability, and “low” (“silver” or “bronze”) indicating a still lower degree of reliability. Though only three levels of certification are described here, the invention is not limited to three. Rather, any number of certification levels may be used.
  • the level of certification for each alternative in a Web page manifest is preferably stored in the rule for that alternative.
  • step S509 certification engine 41 may extract a level of certification (not shown) for each element in the Web page using the manifest.
  • a level of certification for the entire Web page can be determined.
  • the level of certification of the entire Web page will correspond to the lowest level of certification of an element on that Web page.
  • other methods of determining the certification level of the entire Web page may also be used with the invention.
  • step S510 certification engine 41 issues a message 74 to assembly engine 25.
  • the message indicates that the Web page has been certified.
  • the message may also include a certificate that is transmitted to the user and displayed along with the Web page, as shown in Figure 13.
  • An example of such a certificate 78 is shown in Figure 14. Where more than one level of certification is provided, the message and/or certificate may also indicate the level of certification for the Web page.
  • step S508 in a case that the Web page has not been certified, message 74 is still output by certification engine 41 in step S511. This time, however, the message indicates that the Web page has not been certified.
  • the message may then be transmitted from Web server 9 to client 6 and/or to the Web site administrator. In a case that the message is provided to the site administrator, it may include instructions indicating exactly which portions of the Web page were not certified and why.
  • this message indicating that the Web page is not certified may be transmitted to the client, where it is displayed.
  • the Web site content may or may not be transmitted and displayed therewith, depending upon how the system is configured.
  • the certification process ends.
  • partial certification of a Web page may be provided. More specifically, to certify the contents of a Web page in accordance with the process shown in Figure 5, each element thereof must correspond to one alternative in the Web page manifest. If one element is not found on the manifest, the Web page will not be certified. In alternative embodiments, however, partial certification of a Web page may be provided if at least one element on the Web page corresponds to at least one alternative in the manifest for that Web page. In the case of partial certification, the output message and/or certificate would be changed accordingly.
  • certification engine 41 organizes individual Web pages on a Web site into zones. Which zone a particular Web page is in depends upon the rules stored in a manifest for that zone. For example, which zone a Web page is located in may depend upon a level of certification of that Web page. In this example, the level of certification of dynamic Web pages may be determined in the manner described above. However, since this aspect is not limited to use with dynamic Web pages, certification can be achieved using any method.
  • Figure 15 shows process steps for implementing this aspect of the system. These process steps may be executed to define a single zone. Other zones may be defined in. the same manner.
  • the process of Figure 15 may be implemented on certification server 7 in certification engine 41 or, alternatively, on a similar program executing on Web server 9. Step S1501 begins the process.
  • step S1501 stores a manifest containing one or more rules that define which pages may be included in the zone.
  • these rules may be defined and input by the administrator of a Web site.
  • the rules may include a variety of factors.
  • the rules may define a specific level of certification required for Web pages in the zone, a "type" of Web page that may be included in the zone (e.g., products as defined by a URL such as
  • Step S1502 thus selects each Web page, e.g., by its URL, and then step S1503 determines whether that page complies with the rules set forth in the zone manifest.
  • step S1503 may determine the certification level of the Web page by examining its certification information, as well as any other information required for the zone. That is, step S1503 may determine whether the Web page is related to a product by examining the page's URL, and whether the product has been released as of "today" by examining the content of the Web page. Other information may also need to be examined depending ' upon the number and type of rules specified in the zone manifest. In the case that a Web page complies with the rules in the zone's manifest, step S1503 concludes that the Web page belongs in the current zone.
  • Step S1504 associates each complying page with the current zone. This can be done in a number of ways. For example, step S1504 may incorporate, into a manifest of each complying Web page, a rule indicating that the Web page is part of the current zone. Instead of, or in addition to, incorporating a rule into the Web page's manifest, step S1504 may incorporate into the zone manifest one or more rules indicating which Web pages are part of the zone. For example, the URLs of Web pages included in a zone may be included in that zone's manifest.
  • Step S1505 determines whether any unexamined Web pages remain in the site. If there are such pages, processing returns to step S1502, whereafter steps S1503 to S1505 are repeated for the remaining images. Otherwise, processing for the current zone ends. However, other zones may be defined, as desired.
  • Figure 17 shows an abstract view of a Web site that has been divided into three zones -- a "products for sale” zone 80, an "unsupported tools” zone 81, and a "personal opinions” zone 82.
  • all Web pages 84 in the "products for sale” zone have a "high” certification level (e.g., the information in those pages is guaranteed accurate by the site owner) ;
  • all Web pages in the "unsupported tools” zone have a "medium” certification level (e.g., the information in those pages is deemed useful by the site owner, but its accuracy is not guaranteed) ;
  • all Web pages in the "personal opinion” zone have a "low” certification level (e.g., the site owner has no opinion concerning the accuracy of the information on those pages) .
  • a user is able to determine, simply by what zone of the Web site the user is in, the reliability of the information contained therein.
  • Web pages in a particular zone may contain visible certification (or other "type") indicators. Accordingly, a user can determine in which zone a Web page is located simply by looking at the indicator. In cases where the Web server and certification server are one in the same, certification engine 41 may simply incorporate the appropriate certification indicators into the appropriate Web pages. Where the two servers are different, certification server 7 may provide the certification indicators to Web server 9, which may then incorporate them into the Web pages for the site. In preferred embodiments, the invention also maintains a record of movement between zones. That is, each time a user enters a new URL via browser 24, there is the potential of movement to a different zone. Each time the user enters a new zone, Web server 9 and/or certification server 7 may issue a message to the user to that effect. One or both of these servers may maintain a record of URLs and corresponding zones visited by the user during a predetermined period of time.
  • the present invention also can be used to define a manifest for an entire Web site.
  • the manifest for a Web site would be similar to that shown in Figure 16 for a zone. Accordingly, a detailed description thereof is omitted here for the sake of brevity. Suffice it to say, that rules for a site manifest may be based on certification, as described above, or any other relevant information. Only Web pages and zones that comply with the site manifest may be included in that site. Moreover, a site-wide certification, similar to that described above for zones can be provided for sites.

Abstract

The system disclosed herein organizes computer-generated content into plural content zones. The system stores at least one rule defining which content may be included in a target content zone (51502), and determines whether selected content (51502) complies with the at least one rule (51503). The system then associates the selected content with the target content zone (51504) in a case that the selected content complies with the at least one rule.

Description

DEFINING CONTENT ZONES
Cross Reference To Related Application U.S. Patent Application No. 09/248,370, filed
February 8, 1999 and entitled "Content Certification", is hereby incorporated by reference into the subject application as if set forth herein in full.
Background of the Invention
Field of the Invention
The present invention is related to organizing computer-generated content, such as Web pages, into zones based on a set of predefined rules .
Description of the Related Art Various systems currently exist for certifying the content of computer-generated data, such as Web pages. For example, U.S. Patent Application No. 09/248,370 describes a certification system that incorporates digital signatures into Web pages, and that maintains a record associating each Web page with a corresponding digital signature. To certify a Web page, the system compares the digital signature of a displayed Web page to that maintained in the record. If the two match, the Web page is certified; otherwise it is not. Java JAR is example of a certification system that uses lists and digital signatures. Briefly, Java JAR is directed to ensuring the integrity of information in "composite" files; that is, files which contain multiple components, each of which has its own guarantee of integrity. An example of composite is Web page 1 of Figure 1 which may include image element 2, image element 4, and image element 5. The Java JAR system confirms that the content is intact by comparing the content with a hash code generated therefrom by the sender and encrypted with a key to guarantee its authenticity. While systems like those above go a long way toward increasing the reliability of computer-generated content such as Web pages, there is still room for improvement. For example, conventional certification systems are limited to providing one level of certification (i.e., "certified"). Using such systems, it is not possible to provide varying degrees of certification for different- Web pages, etc.
This can be a hindrance, particularly when there is a need for Web pages having a specific certification level. Accordingly, there exists a need for a system which provides for plural (e.g., two or more) levels of page certification, and which takes advantage of these plural levels of certification to organize pages in a useful manner. Looking beyond the realms of Web pages and certification levels, there also exists a need for a way that users can organize computer-generated content (i.e., any type of data, not merely Web pages) in a manner which best suits their needs.
Summary of the Invention The present invention addresses the foregoing needs. In particular, the invention is a system that enables a user to define "content zones" for holding specific computer- generated content. Each content zone is defined by user- specified rules for that zone. Accordingly, by specifying particular rules, it is possible to define zones which contain any one or more types of content . Taking certified Web pages as an example, using the present invention it is possible to certify the contents of Web pages at one of a plurality of certification levels. For example, three levels of certification may be provided: "high" indicating that a page contains information that is highly reliable, "medium" indicating that the page contains information that is less reliable, and "low" indicating that the page contains information that is still less reliable. Using the invention it is thus possible to incorporate groups of Web pages into zones based on their certification level merely by including such a rule in the zones' manifests. Alternatively, it is possible to organize the Web pages based on their content or URL. It is also possible to organize the Web pages based on both their content and their certification levels. For example, a Web site may be organized into a "products for saie" zone, an "unsupported tools" zone, and a "personal opinion" zone. In this example, all Web pages in the "products for sale" zone may have a "high" certification level; all Web pages in the "unsupported tools" zone may have a "medium" certification level; and all Web pages in the "personal opinion" zone may have a "low" certification level. According to one aspect, the invention is a system that organizes computer-generated content (e.g., Web pages) into plural content zones. The system stores at least one rule defining which content may be included in a target content zone, and determines whether selected content complies with the at least one rule. The system then associates the selected content with the target content zone in a case that the selected content complies with the at least one rule.
In preferred embodiments, the invention incorporates one or more of the following features/functions: The selected content comprises a Web page. The at least one rule defines a specific level of certification required for the target content zone, the determining comprises determining a level of certification of the selected content, and the associating comprises associating selected content having the specific level of certification with the target content zone . The at least one rule defines a specific type of content that may be included in the target content zone, the determining comprises determining a type of the selected content, and the associating comprises associating selected content having the specific type with the target content zone. The associating comprises incorporating, into a manifest for complying content, a rule indicating that the complying content is part of the target content zone. The associating comprises incorporating, into rules defining which content may be included in the target content zone, rules indicating that complying content is part of the target content zone.
Advantages of the invention in addition to those set forth above will become apparent in view of the following description, including the figures, and the claims.
Brief Description of the Drawings Figure 1 shows a composite Web page.
Figure 2 shows a network system on which the certification process may be implemented.
Figure 3 shows the graphical user interface of a Web browser that may be used with the certification process. Figure 4 shows a dynamic Web page that can be certified by the certification process.
Figure 5 shows process steps for certifying a dynamic Web page.
Figure 6 shows an example of a manifest used by the certification process to certify a dynamic Web page. Figure 7 shows a Web page that can be used to initiate certification of individual static elements of a dynamic Web page.
Figure 8 shows the process of certifying individual static elements of a dynamic Web page.
Figure 9 shows a client retrieving a dynamic Web page from a Web server.
Figure 10 shows providing user input to a Web server. Figure 11 shows requesting certification of a dynamic Web page.
Figure 12 shows process steps for certifying the content of dynamic Web pages and other dynamically-generated content . Figure 13 shows issuing a certification message relating to a certification of a dynamic Web page.
Figure 14 shows a certificate that may be issued for certified Web pages.
Figure 15 shows process steps for organizing Web pages (or other content) into zones.
Figure 16 shows an example of a manifest used to organize content into zones.
Figure 17 is an abstract view of Web pages on a Web site organized into zones.
Description of the Preferred Embodiments
The following description of the preferred embodiments of the invention relates to Web pages. It is noted up front, however, that the invention is not limited to use with Web pages. Rather, all aspects of the invention can be used with any computer-generated content including, but not limited to, rows in a database, an entire database, computer-generated queries, documents, and the like. The present invention is preferably implemented using a client-server architecture, such as that shown in Figure 2. This architecture includes client 6, certification server 7, and Web server 9 connected via network 10. Network 10 may comprise any type of network or communications medium, including, but not limited to, one or more of the following: the Internet, a local area network ("LAN"), a wide area network ("WAN"), a wireless (e.g., ATM) network, a logical network within a single computer, some other form of programmatic communication such as interprocess communications or dynamic link libraries, or any combination thereof.
Client 6 is preferably a personal computer ("PC") or similar data processing device. Client 6 includes network interface 11 for interfacing to network 10, display screen 12 for displaying information to a user, keyboard 14 for inputting text and user commands, mouse 15 for positioning a cursor on display screen 12 and for inputting user commands, disk drive 16 for reading from and writing to floppy disks installed therein, and CD-ROM drive 17 for accessing data stored on CD-ROM.
Close-up view 18 shows the internal structure of client 6. Client 6 includes memory 19 which is a computer- readable medium, such as a computer hard disk, for storing information. In the preferred embodiment memory 19 stores operating system 20, applications 21, and data 22. Microsoft™ Windows98™ is a one operating system that may be used with the invention; however, the invention is not limited to use therewith. Applications 21 include Web browser 24, among others . An example of a Web browser that may be used with the invention is Netscape™ Navigator™. Web browser 24 displays a graphical user interface ("GUI") to a user, through which the user may access information via the Internet (e.g., Web sites, individual Web pages, etc.). An example of such a GUI is shown in Figure 3.
Client 6 also includes display interface 26, keyboard interface 27, mouse interface 29, disk drive interface 30, CD-ROM drive interface 31, computer bus 32, RAM 34, and processor 35. Processor 35 preferably comprises a microprocessor or the like for executing applications, such as those noted above, out of RAM 34. Such applications, including browser 24, may be stored in memory 19 as noted above or, alternatively, on a floppy disk in disk drive 16 or CD-ROM in CD-ROM drive 17. In this regard, processor 35 accesses applications and data stored on floppy disk via disk drive interface 30 and accesses applications and data stored on CD-ROM via CD-ROM interface 31.
Web server 9 may comprise a computer having features similar to client 6 for providing remote access to the Web site of an organization. Web server 9 is connected to other computers (not shown) in the organization via LAN 36 (or network 10) . Web server 9 is also connected to certification server 7 via network 10 or other medium.
Web server likewise includes a processor 23 and a memory 28, among other things, as shown in close-up view 13. Stored in this memory is assembly engine 25 and Web page elements 33. Assembly engine 25 is a program that is executed by processor 23 to assemble Web pages. More specifically, a single Web page may be composed of a plurality of static and dynamic elements, such as images, applets, text, sound, other Web pages, etc. In response to requests received from client 6, assembly engine 25 retrieves those elements (e.g., from memory 28) and combines them in a predetermined manner so as to form the Web page. Representative examples of commercially-available assembly engines that may be used in connection with the present invention include ATG Dynamo, Servlets, JSP and ASP
Certification server 7 likewise preferably comprises a computer having features similar to client 6. As shown in close-up view 38, certification server 7 includes, among other things, memory 39 for storing both applications and certification information 48 which includes the manifests described below. Memory 39 may include one or more memory devices, such as a computer hard disk, redundant array of inexpensive disks ("RAID"), optical disk drive, and the like. Processor 40 is also included on certification server 7 so as to execute applications stored in memory 39 and to provide the resulting output to the network.
Among the applications stored in memory 39 is certification engine 41. Certification engine 41 comprises computer-executable code that runs on certification server 7 to certify Web pages and other dynamic pages based on their content and/or certification information stored in their elements. Certification engine 41 also organizes sets of Web pages into plural zones based on their levels of certification, the type of information contained therein, or the like, as described in more detail below.
It is noted that certification server 7 and Web server 9 may be one in the same; however, since this is not a requirement, the more general case of separate Web and certification servers is depicted in Figure 2. For that matter, the invention may also be implemented, in its entirety, on a single computer. That is, the functions of client 6, certification server 7 and Web server 9 (or its equivalent) may be implemented on a single computer. Dynamic Content Certification
Figures 4 to 14 depict the operation of certification engine 41 in the context of certifying dynamically-generated (or simply "dynamic") Web pages. At this point, it is repeated that although this embodiment of the invention is described with respect to Web pages, the invention is not limited to use with Web pages and can be used to certify any computer-generated content.
As described in the "Background" , a Web page is dynamic if any of its contents is specified generically or generated prograrnmatically or by query or in any other situation where the content is not specified uniquely and immutably a priori. That is, many Web pages are composites, meaning that they are composed of plural elements such as images, applets, text, sound, etc. Each individual element may be static if all of its components are specified uniquely and immutably a priori; however, the Web page itself is still dynamic if the specification of the elements within the page are not so specified. It is also possible for the elements themselves to be dynamic because of their components or because they are programs or queries. The resolution of these dynamic objects to static objects generally occurs in the assembly engine, but it is also possible for this process to occur in the browser (e.g., with JavaScript) . In this regard, there is no reason, in principle, why some or all of the functions of the certification server could not take place in the client given the necessary integration with the browser.
By way of example, Figure 4 shows a hypothetical Web page 42 displayed by browser 24. Web page 42 "builds" an automobile based on user-selected features such as model, year, color, stereo, etc. That is, Web server 9 stores, in a manifest for Web page 42, plural alternatives for text element 43 and image elements 44 and 45. A user selects which features 46 are to be included in the automobile, and a program or applet resident on Web page 43 determines which of the text and images stored on Web server 9 should be displayed as elements 43, 44 and 45 based on the selected features. Browser 24 then transmits this information to Web server 9, where assembly engine 25 retrieves the appropriate text and images from memory 28 (or, more generally, any database on which they reside) and assembles them into Web page 42. Though text and images are depicted in Figure 4, the alternatives are not limited to these; that is, the alternatives may include sound, applets or any other type of information that can be incorporated into a Web page. Figure 5 shows process steps for certifying a dynamic Web page. Though the process steps of Figure 5 are directed to certification of a Web page, once armed with the disclosure herein, one of ordinary skill in the art could easily use these steps to certify any type of computer- generated dynamic content . The process of Figure 5 begins in step S501 by defining a manifest for the Web page. The manifest is generally defined by the administrator of the Web site on which the Web page resides and provided to certification server 7 where it is indexed to the URL of the Web page and stored in memory. The manifest includes a set of rules that specify information to be included on the Web page. In the present invention, the set of rules includes alternatives for information that may be included on the Web page, though they may specify required information as well . An example of a manifest 47 for Web page 42 is shown in Figure 6. As shown, manifest 47 includes a rule 49 requiring display of an automobile image, which defines alternatives 54 (e.g., an image of a convertible, an image of a 4-wheel drive vehicle, etc.). It also includes a rule 55 requiring validation of the certification results. This may be done in accordance with a program or applet on the Web page . Certification information for the rules is provided in step S502 (which may be performed before or after step S501) . That is, step S502 confirms that each alternative element (e.g., image, applet, etc.) that could be included on the Web page is certified. For Web page 42, this means confirming that each image element 44 and 45, and any other information that Web page 42 may include, is certified. In the preferred embodiment of the invention, the certification of static elements in step S502 is performed by certification engine 41 in accordance with the process described in U.S. Patent Application No. 09/248,370. A brief description of this process is as follows .
Figure 7 shows a password protected Web page 57 for requesting certification of an element. On Web page 57, an element, such as an image, is submitted for certification simply by dragging and dropping it onto one or more of defined certification controls 59 and 60. The certification control that receives the element prepares and transmits a certification request to certification server 7 specifying the content of the element and the certification desired. As shown in Figure 8, a certification request 61 includes content 62 of the element submitted for certification, together with other information 64 such as the certification desired (e.g., site-wide certification, legal department certification, etc.), the author (s) of the element, and a uniform resource locator ("URL") that specifies a Web page on which the element is to be located. Request 61 may also include information such as an element revision number, content keywords, title, etc. Certification server 7 processes the received certification requests by distributing content 62 to those in an organization that could potentially provide approval for certification. For example, certification server 7 may distribute the content to all members of the organization's legal department when a request is made for legal department certification. Workflow software, E-mail daemons, and other techniques, executing on computers other than the certification server, can alternatively be used to distribute the content for certification.
As shown in Figure 8, after an' individual 65 receives and reviews the content, the individual can notify certification server 7 of his approval by sending a certification message 66. Certification message 66 can include the content and the other information included in the certification request. This message can also include information 67 that describes the individual transmitting the certification message, the type of certification granted (e.g., an individual may have the capacity to certify content for both the marketing and legal departments of the organization), and a level of approval (e.g., "for internal use only" or "for publication on the Internet") . Additionally, the certification message may include a digital signature 68 belonging to the individual submitting the certification message and information to confirm the digital signature (e.g., X.509), or it may include information used by other authentication techniques.
Certification engine 41 processes received certification messages in accordance with certifying instructions. These instructions may be embedded in certification engine 41 or retrieved thereby. In one embodiment of the invention, these certifying instructions authenticate a certification message to ensure that an individual claiming to have approved the submitted content was, in fact, the one who produced certification message 66. After authentication, the certifying instructions can determine whether certification message 66 satisfies the criteria for the certification requested. For example, the certifying instructions can determine whether certification message 66, alone or in combination with previously-received certification messages, is sufficient to obtain legal department certification. If the received certification message 66 does not satisfy the requisite certification criteria, the certifying instructions can store the received certification and await further certification messages. The process may store a hash for submitted content awaiting further certification to ensure that subsequent certification is for the same content as the certification already received. The process can also attempt to certify any links or other objects referenced by the content .
If certification message 66 satisfies the requisite certification criteria, the certifying instructions determine verification information from the certified content or other information provided. In this regard, verification information includes data that identifies the certified content such as a URL, compressed or uncompressed portions of the content, and/or an assigned identification number. The verification information may also include one or more hash keys (e.g., an MD5 hash and an SHA hash) . A hash key is produced by a one-way function and typically requires little storage space (e.g., 160-bits) , and is nearly guaranteed to be unique for given content.
After storing the content's certification and verification information, e.g., in memory 39, the certifying instructions can produce a digital signature (e.g., a W3C DSig (Digital Signature Group) compliant signature) for content 62. This digital signature can include computed hash, the content's URL, or any other verification or certification information (not shown) . Once the digital signature has been generated, the certifying instructions determine whether content 62 can be dynamically modified to include the digital signature. For example, HTML and XML permit dynamic insertion of digital signatures into the content (e.g., as header information or as a newly defined tag) . Inclusion of the digital signature in content 62 ensures that the digital signature travels with the content. Thereafter, certified content 69, including the digital signature, is transmitted back to Web server 9, as shown in Figure 8. Returning to Figure 5, following step S502 processing proceeds to step S503. In this regard, any page, even an initial page, may be subject to the certification process of the present invention. Thus steps S503 and S504 are not necessary, since any attempt to retrieve a page may start at step S505. Nevertheless, for illustration's sake, steps S503 and S504 are included in the process.
In step S503, a user logs onto client 6, executes browser 24, and requests a Web page from Web server 9. In response to this request, Web server 9 transmits a Web page, such as that shown in Figure 4, to client 6. There, the Web page is displayed. This process is depicted graphically in Figure 9. At this point, it is noted that the invention does not require a user to have an initial page into which to put initial information. Any interaction with the user supplies at least authentication information and perhaps information from "cookies".
Next, in step S504, the user inputs information into the Web page. For example, in the case of Web page 42, the user may select options for building an automobile. Browser 24 transmits these user-selected options (i.e., the user input) to Web server 9, as shown in Figure 10. There, assembly engine 25 determines which elements (e.g., images, text, applets, sound, etc.) are to be included on the Web page. Assembly engine 25 then retrieves the appropriate elements from memory 28 (or any other database on which they reside) , and assembles the Web page therefrom. Certification of the Web page may take place before, during or after this process.
More specifically, each element on the Web page may be certified prior to assembly, as described above with respect to Figure 8 and in U.S. Patent Application No. 09/248,370. Alternatively, each element may be certified as part of the Web page on an ad hoc basis, i.e., during assembly. As still another alternative, certification may take place following assembly of the Web page. With reference to Figure 6, pre-assembly rules 90 control certification prior to assembly, during-asse bly rules 91 control certification during assembly, and post-assembly rules 92 control certification post assembly. As shown, each of these includes prologue rules, body rules, and epilogue rules, which can specify an order of execution for the rules . Assuming that certification takes place following assembly of the Web page, in step S506 assembly engine 25 extracts identification and certification information from each element of the Web page. For example, it extracts the URL of the Web page, the digital signature and/or content of each element (e.g., elements 43, 44 and 45 in Figure 4) in the Web page, an identification number of each element, etc.
Next, -in step S507, assembly engine 25 issues a request to certification server 7. This is depicted graphically in Figure 11. The request can be encrypted for security purposes, and includes the information extracted in step S506, together with a request for certification of the Web page . Thereafter, step S508 determines whether the Web page is certified, meaning that the information contained therein is valid. In the present embodiment, the certi ication process is performed in certification server 7 by certification engine 41. As noted above, however, in other embodiments of the invention, the Web server and certi ication server functions may be implemented on the same computer, in which case the certification process would take place on that single computer.
Figure 12 depicts the certification process. To begin, in step S1201, certification server 7 receives the request for certification from assembly engine 25 on Web server 9. Based on this request, and the information contained therein, certification engine 41 determines whether the information in the Web page complies with the set of rules stored therefor. To this end, certification engine 41 determines whether each of the elements that make up the Web page corresponds to at least one of the alternatives contained in the manifest for that Web page. This is done in step S1202, e.g., by comparing an assigned identification number or hash for each element to those contained in the manifest .
For each static element that corresponds to an alternative in the manifest, in step S1203 certification engine 41 also determines whether that element is certified. This is done, e.g., by comparing one or more of the digital signature, content, etc. for that element to corresponding verification information therefor. If there is a match, then that individual element is considered certified. Alternatively, certification information can be included in the manifest, in which case the manifest can be consulted to determine whether each element is certified.
Finally, for each dynamic element that corresponds to an alternative in the manifest, in step S1204 certification engine 41 also determines whether that element is certified. Each such element includes a manifest, and a requisite rule or rules are executed for that element. The results of these executions are certified by subsequent rules to see what form of certification is required for the entire Web page. This process is similar to that described above .
Thus, following step S1204 if the Web page complies with the manifest stored on certification server 7, i.e., if each of its elements complies with a rule on the manifest and is certified, then the entire Web page is considered certified. Otherwise, it is not. In this regard, the certification of the entire page depends upon the epilogue rules working on the certification results of the prologue and the body. In the absence of any explicit global certification rules, rules from a zone or site manifest (described below) may be used.
In preferred embodiments, the invention provides for several different levels of certification. For example, three such levels may be provided, including "high" (or "platinum") indicating that the information is highly reliable, "medium" (or "gold") indicating a relatively lower degree of reliability, and "low" ("silver" or "bronze") indicating a still lower degree of reliability. Though only three levels of certification are described here, the invention is not limited to three. Rather, any number of certification levels may be used. The level of certification for each alternative in a Web page manifest is preferably stored in the rule for that alternative.
Accordingly, returning to Figure 5, if the Web page is certified in step S508, in step S509 certification engine 41 may extract a level of certification (not shown) for each element in the Web page using the manifest. Of course, if only one level of certification is provided, then that level will be extracted in step S509. Based on the level of certification of each element, a level of certification for the entire Web page can be determined. Generally, the level of certification of the entire Web page will correspond to the lowest level of certification of an element on that Web page. However, other methods of determining the certification level of the entire Web page may also be used with the invention.
Following step S509, processing proceeds to step S510. In step S510, certification engine 41 issues a message 74 to assembly engine 25. This is depicted graphically in Figure 13. In this case, i.e., where the Web page has been certified, the message indicates that the Web page has been certified. The message may also include a certificate that is transmitted to the user and displayed along with the Web page, as shown in Figure 13. An example of such a certificate 78 is shown in Figure 14. Where more than one level of certification is provided, the message and/or certificate may also indicate the level of certification for the Web page. Following step S510, processing ends.
Returning to step S508, in a case that the Web page has not been certified, message 74 is still output by certification engine 41 in step S511. This time, however, the message indicates that the Web page has not been certified. The message may then be transmitted from Web server 9 to client 6 and/or to the Web site administrator. In a case that the message is provided to the site administrator, it may include instructions indicating exactly which portions of the Web page were not certified and why. In step S512, this message indicating that the Web page is not certified may be transmitted to the client, where it is displayed. The Web site content may or may not be transmitted and displayed therewith, depending upon how the system is configured. Following step S512, the certification process ends.
In alternative embodiments of the invention, partial certification of a Web page may be provided. More specifically, to certify the contents of a Web page in accordance with the process shown in Figure 5, each element thereof must correspond to one alternative in the Web page manifest. If one element is not found on the manifest, the Web page will not be certified. In alternative embodiments, however, partial certification of a Web page may be provided if at least one element on the Web page corresponds to at least one alternative in the manifest for that Web page. In the case of partial certification, the output message and/or certificate would be changed accordingly.
Defining Content Zones
This aspect of the system builds on the concept of different certification levels introduced above. Although this embodiment is described in the context of Web pages, the invention can be used with any computer-generated content. In this embodiment, certification engine 41 organizes individual Web pages on a Web site into zones. Which zone a particular Web page is in depends upon the rules stored in a manifest for that zone. For example, which zone a Web page is located in may depend upon a level of certification of that Web page. In this example, the level of certification of dynamic Web pages may be determined in the manner described above. However, since this aspect is not limited to use with dynamic Web pages, certification can be achieved using any method.
Figure 15 shows process steps for implementing this aspect of the system. These process steps may be executed to define a single zone. Other zones may be defined in. the same manner. The process of Figure 15 may be implemented on certification server 7 in certification engine 41 or, alternatively, on a similar program executing on Web server 9. Step S1501 begins the process.
More specifically, step S1501 stores a manifest containing one or more rules that define which pages may be included in the zone. As above, these rules may be defined and input by the administrator of a Web site. The rules may include a variety of factors. For example, the rules may define a specific level of certification required for Web pages in the zone, a "type" of Web page that may be included in the zone (e.g., products as defined by a URL such as
"www.NovaSoft.com/products" or other means), and the like. Additional rules may also be provided to further differentiate the zones. For example, if a zone specifies "products for sale", a rule may be included in the manifest to specify that only products having a release date "less than or equal to today" may be included in the zone. Figure 16 depicts an example of a "products for sale" manifest that may be used by the present invention to define such a zone. Once a set of rules has been defined for the zone, certification engine 41 examines the content of Web pages in the Web site in order to determine which of those Web pages belong in the current zone. In this regard, a single Web page may be included in more than one zone; however, for the sake of clarity, the present description will assume that each Web page is included in only one zone.
Step S1502 thus selects each Web page, e.g., by its URL, and then step S1503 determines whether that page complies with the rules set forth in the zone manifest. For example, step S1503 may determine the certification level of the Web page by examining its certification information, as well as any other information required for the zone. That is, step S1503 may determine whether the Web page is related to a product by examining the page's URL, and whether the product has been released as of "today" by examining the content of the Web page. Other information may also need to be examined depending' upon the number and type of rules specified in the zone manifest. In the case that a Web page complies with the rules in the zone's manifest, step S1503 concludes that the Web page belongs in the current zone. Accordingly, processing proceeds to step S1504. Step S1504 associates each complying page with the current zone. This can be done in a number of ways. For example, step S1504 may incorporate, into a manifest of each complying Web page, a rule indicating that the Web page is part of the current zone. Instead of, or in addition to, incorporating a rule into the Web page's manifest, step S1504 may incorporate into the zone manifest one or more rules indicating which Web pages are part of the zone. For example, the URLs of Web pages included in a zone may be included in that zone's manifest.
Following step S1504, or in a case that a Web page does not comply with the rules of the current zone, processing proceeds to step S1505. Step S1505 determines whether any unexamined Web pages remain in the site. If there are such pages, processing returns to step S1502, whereafter steps S1503 to S1505 are repeated for the remaining images. Otherwise, processing for the current zone ends. However, other zones may be defined, as desired.
Figure 17 shows an abstract view of a Web site that has been divided into three zones -- a "products for sale" zone 80, an "unsupported tools" zone 81, and a "personal opinions" zone 82. In this example, all Web pages 84 in the "products for sale" zone have a "high" certification level (e.g., the information in those pages is guaranteed accurate by the site owner) ; all Web pages in the "unsupported tools" zone have a "medium" certification level (e.g., the information in those pages is deemed useful by the site owner, but its accuracy is not guaranteed) ; and all Web pages in the "personal opinion" zone have a "low" certification level (e.g., the site owner has no opinion concerning the accuracy of the information on those pages) . By virtue of this setup, a user is able to determine, simply by what zone of the Web site the user is in, the reliability of the information contained therein.
In this regard, Web pages in a particular zone may contain visible certification (or other "type") indicators. Accordingly, a user can determine in which zone a Web page is located simply by looking at the indicator. In cases where the Web server and certification server are one in the same, certification engine 41 may simply incorporate the appropriate certification indicators into the appropriate Web pages. Where the two servers are different, certification server 7 may provide the certification indicators to Web server 9, which may then incorporate them into the Web pages for the site. In preferred embodiments, the invention also maintains a record of movement between zones. That is, each time a user enters a new URL via browser 24, there is the potential of movement to a different zone. Each time the user enters a new zone, Web server 9 and/or certification server 7 may issue a message to the user to that effect. One or both of these servers may maintain a record of URLs and corresponding zones visited by the user during a predetermined period of time.
In addition to defining manifests for individual pages and zones, the present invention also can be used to define a manifest for an entire Web site. The manifest for a Web site would be similar to that shown in Figure 16 for a zone. Accordingly, a detailed description thereof is omitted here for the sake of brevity. Suffice it to say, that rules for a site manifest may be based on certification, as described above, or any other relevant information. Only Web pages and zones that comply with the site manifest may be included in that site. Moreover, a site-wide certification, similar to that described above for zones can be provided for sites.
Finally, it is noted that the invention is not limited to use in the exact manner set forth herein. For example, the process steps of Figures 5, 12 and 15 need not be executed in the exact order shown, so long as the functionality of the system is maintained. Also, the invention is not limited to use with the hardware described herein, or to use with the types of images described above. In this regard, the present invention has been described with respect to particular illustrative embodiments. It is to be understood that the invention is not limited to the above-described embodiments and modifications thereto, and that various changes and/or modifications are within the scope of the appended claims. What is claimed is :

Claims

1. A method of organizing computer-generated content into plural content zones, for a target content zone the method comprising: storing at least one rule defining which content may be included in the target content zone; determining whether selected content complies with the at least one rule; and associating the selected content with the target content zone in a case that the selected content complies with the at least one rule.
2. A method according to claim 1, wherein the selected content comprises a Web page.
3. A method according to claim 1, wherein the at least one rule defines a specific level of certification required for the target content zone, the determining comprises determining a level of certification of the selected content, and the associating comprises associating selected content having the specific level of certification with the target content zone.
4. A method according to claim 1, wherein the at least one rule defines a specific type of content that may be included in the target content zone, the determining comprises determining a type of the selected content, and the associating comprises associating selected content having the specific type with the target content zone.
5. A method according to claim 1, wherein the associating comprises incorporating, into a manifest for complying content, a rule indicating that the content is part of the target content zone.
6. A method according to claim 1, wherein the associating comprises incorporating, into rules defining which content may be included in the target content zone, rules indicating that complying content is part of the target content zone.
7. An apparatus for organizing computer-generated content into plural content zones, the apparatus comprising: a memory which stores computer-executable process steps; and a processor which executes the computer-executable process steps so as, for a target content zone, (i) to store at least one rule defining which content may be included in the target content zone, (ii) to determine whether selected content complies with the at least one rule, and (iii) to associate the selected content with the target content zone in a case that the selected content complies with the at least one rule.
8. An apparatus according to claim 7, wherein the selected content comprises a Web page.
9. An apparatus according to claim 7, wherein the at least one rule defines a specific level of certification required for the target content zone, the determining comprises determining a level of certification of the selected content, and the associating comprises associating selected content having the specific level of certification with the target content zone.
10. An- apparatus according to claim 7, wherein the at least one rule defines a specific type of content that may be included in the target content zone, the determining comprises determining a type of the selected content, and the associating comprises associating selected content having the specific type with the target content zone.
11. An apparatus according to claim 7, wherein the associating comprises incorporating, into a manifest for selected content, a rule indicating that the selected content is part of the target content zone.
12. An apparatus according to claim 7, wherein the associating comprises incorporating, into rules defining which content may be included in the target content zone, rules indicating that complying content is part of the target content zone .
13. A computer program to organize computer- generated content into plural content zones, the computer program comprising: code to store at least one rule defining which content may be included in a target content zone; code to determine whether selected content complies with the at least one rule; and code to associate the selected content with the target content zone in a case that the selected content complies with the at least one rule.
14. A computer program according to claim 13 , wherein the selected content comprises a Web page.
15. A computer program according to claim 13, wherein the at. least one rule defines a specific level of certification required for the target content zone, the determining code determines a level of certification of the selected content, and the associating code associates selected content having the specific level of certification with the target content zone.
16. A computer program according to claim 13, wherein the at least one rule defines a specific type of content that may be included in the target content zone, the determining code determines a type of the selected content, and the associating code associates selected content having the specific type with the target content zone.
17. A computer program according to claim 13, wherein the associating code incorporates, into a manifest for complying content, a rule indicating that the complying content is part of the target content zone.
18. A computer program according to claim 13, wherein the associating code incorporates, into rules defining which content may be included in the target content zone, rules indicating that complying content is part of the target content zone .
PCT/US2001/009628 2001-03-26 2001-03-26 Defining content zones WO2002077793A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2001/009628 WO2002077793A1 (en) 2001-03-26 2001-03-26 Defining content zones

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2001/009628 WO2002077793A1 (en) 2001-03-26 2001-03-26 Defining content zones

Publications (1)

Publication Number Publication Date
WO2002077793A1 true WO2002077793A1 (en) 2002-10-03

Family

ID=21742440

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/009628 WO2002077793A1 (en) 2001-03-26 2001-03-26 Defining content zones

Country Status (1)

Country Link
WO (1) WO2002077793A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7003661B2 (en) 2001-10-12 2006-02-21 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7114177B2 (en) 2001-03-28 2006-09-26 Geotrust, Inc. Web site identity assurance
US7694135B2 (en) 2004-07-16 2010-04-06 Geotrust, Inc. Security systems and services to provide identity and uniform resource identifier verification
WO2016203426A1 (en) * 2015-06-17 2016-12-22 De Stefani Marco Alvise Method for certifying electronic documents and contents on the internet and certification system of electronic documents and contents that implements said method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5875440A (en) * 1997-04-29 1999-02-23 Teleran Technologies, L.P. Hierarchically arranged knowledge domains
WO1999030218A1 (en) * 1997-12-11 1999-06-17 Sun Microsystems, Inc. Typed, parameterized, and extensible access control permissions

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5875440A (en) * 1997-04-29 1999-02-23 Teleran Technologies, L.P. Hierarchically arranged knowledge domains
US6247007B1 (en) * 1997-04-29 2001-06-12 Teleran Technologies, Inc. Hierarchically arranged knowledge domains
WO1999030218A1 (en) * 1997-12-11 1999-06-17 Sun Microsystems, Inc. Typed, parameterized, and extensible access control permissions

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7114177B2 (en) 2001-03-28 2006-09-26 Geotrust, Inc. Web site identity assurance
US7552466B2 (en) 2001-03-28 2009-06-23 Geotrust, Inc. Web site identity assurance
US7003661B2 (en) 2001-10-12 2006-02-21 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7120929B2 (en) 2001-10-12 2006-10-10 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7562212B2 (en) 2001-10-12 2009-07-14 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US8028162B2 (en) 2001-10-12 2011-09-27 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7694135B2 (en) 2004-07-16 2010-04-06 Geotrust, Inc. Security systems and services to provide identity and uniform resource identifier verification
WO2016203426A1 (en) * 2015-06-17 2016-12-22 De Stefani Marco Alvise Method for certifying electronic documents and contents on the internet and certification system of electronic documents and contents that implements said method

Similar Documents

Publication Publication Date Title
KR100851710B1 (en) Lateral search
JP3771822B2 (en) Data retrieval method, system, and program
US8015194B2 (en) Refining based on log content
US7849053B2 (en) Coordination and tracking of workflows
TW424185B (en) Named bookmark sets
EP1958119B1 (en) System and method for appending security information to search engine results
US7516118B1 (en) Methods and systems for assisted network browsing
US8438469B1 (en) Embedded review and rating information
US7873632B2 (en) Systems and methods for associating a keyword with a user interface area
JP4869237B2 (en) Variable control of access to content
US20040215607A1 (en) Method and system fo blending search engine results from disparate sources into one search result
US20020059364A1 (en) Content certification
US20110289095A1 (en) Agent rank
US7502774B2 (en) Ring method, apparatus, and computer program product for managing federated search results in a heterogeneous environment
KR20010092785A (en) System and method of presenting channelized data
JP2006512693A (en) A knowledge management system for law firms.
WO2006001920A1 (en) Variable length snippet generation
US8050980B2 (en) Secure downloading of a file from a network system and method
KR20010086259A (en) Improved search engine
US20020165940A1 (en) Computer system, a method and a program for providing a Web page appropriate to a user
US8095873B2 (en) Promoting content from one content management system to another content management system
JP4935274B2 (en) Server and program
JP4682549B2 (en) Classification guidance device
EP1804180A1 (en) Refining based on log content
GB2397915A (en) User editable server side web page editor

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: COMMUNICATION UNDER RULE 69 EPC (EPO FORM 1205A DATED 15.01.2004)

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP