WO2004059940A1 - Connexion anonyme a un serveur web depuis un lecteur de supports d'informations - Google Patents

Connexion anonyme a un serveur web depuis un lecteur de supports d'informations Download PDF

Info

Publication number
WO2004059940A1
WO2004059940A1 PCT/IB2003/005781 IB0305781W WO2004059940A1 WO 2004059940 A1 WO2004059940 A1 WO 2004059940A1 IB 0305781 W IB0305781 W IB 0305781W WO 2004059940 A1 WO2004059940 A1 WO 2004059940A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
information carrier
player
carrier player
information
Prior art date
Application number
PCT/IB2003/005781
Other languages
English (en)
Inventor
Declan Patrick Kelly
Yang Peng
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Priority to AU2003303453A priority Critical patent/AU2003303453A1/en
Publication of WO2004059940A1 publication Critical patent/WO2004059940A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Definitions

  • the invention relates to a communication method between an information carrier player and a server.
  • the invention may be used in DVD players implementing means for Web browsing.
  • the DVD Forum has established a working group AH1-12 to standardize Web connected DVD, known as WebDVD. These new specifications are an extension of current DVD-Video specifications. They describe that DVD-Video discs compliant with these new specifications will be published with links to specific Websites containing additional content directly related to the content of the DVD disc being played. These specific Websites may include new navigation menus and content, which the player can download and use instead of original menus provided by the DVD disc. It is also intended to allow this enhanced content to be stored in a memory device in the player as well as in a website so that it can be used offline: the player is used as a Web browser.
  • a technical requirement set by the DVD Forum is to allow identification of the user. This must take into account the possibility of multiple users sharing the same device.
  • the Web server may track user behavior, for example in defining a complete history of all the discs the user has ever watched by means of cookies stored on the player at the request of the Web server. Such an identification may be used for customizing the appearance of the content based on previous behavior.
  • the method according to the invention comprises : - a log-in step for logging in from said information carrier player in said server by using dummy user information, - a control step for forbidding cookies sent by said server to be stored on said- information carrier player.
  • the user appears as a new user to the Web server each time, so that the user's identity is automatically hidden from the server. Since the cookies, either common to all users or separate per user, cannot be stored on the information carrier player, the behavior of the user who has logged on as an anonymous user cannot be tracked.
  • the method according to the invention comprises a masking step for masking the Internet Protocol address which characterizes said information carrier player.
  • the Internet Protocol (IP) address of the player is the IP address of the masking step, which can be implemented by a proxy server having a permanent IP address.
  • IP Internet Protocol
  • the method according to the invention comprises a random string generation step for generating a dummy user name used as dummy user information.
  • the invention also relates to an information carrier player intended to communicate with a server, said information carrier player comprising :
  • - log-in means for logging in from said information carrier player in said server by using dummy user information
  • - control means for forbidding cookies sent by said server to be stored on said information carrier player.
  • the invention also relates to a communication system communication system comprising an information carrier player and a server, said information carrier comprising :
  • - log-in means for logging in from said information carrier player in said server by using dummy user information
  • the communication system comprises a proxy server connected between said information carrier player and said server for masking the Internet Protocol address which characterizes said information carrier player.
  • the proxy server is used as a masking means for masking the Internet Protocol address which characterizes the information carrier player. This constitutes an additional feature for the user to appear anonymous.
  • the invention also relates to a computer program comprising code instructions for implementing the steps of the method described above.
  • Fig.l shows the communication method according to the invention
  • Fig.2 shows an improved communication method according to the invention.
  • Fig.l shows a communication method according to the invention between an information carrier player 101 and a server 102 via a communication network 103.
  • the communication network 103 is, for example, the Internet Network.
  • This player 101 is in particular intended to access the content of a Web server 102 linked to the content of a WebDVD information carrier 104 to be played.
  • the method comprises a log-in step 105 for logging in from said information carrier player 101 in said server 102 by using dummy user information 106.
  • dummy user information 106 instead of manually entering a user name (for example from a user interface such as a keyboard), the log-in is performed without any actions of the user because a dummy user name 106 is automatically generated by the player 101.
  • Dummy user information in particular a dummy user name, may be generated by a random string generation step 107. This user information is sent to the server for providing an anonymous identification by the server.
  • the method also comprises a control step 108 for forbidding cookies sent by the server and intended to be stored in a memory device 111 of said information carrier player.
  • the control step 108 works as a switch controlled by a control signal 109 generated by a detection step 110.
  • the detection step 110 is in charge of detecting whether cookies sent by the server are intended to be stored on the player. Cookies may be detected in different manners:
  • - cookies may be detected by the presence, among data 112 sent by the server to the player, of a cookie creation instruction indented to be executed by the browser of the player.
  • a cookie creation instruction usually follows a request of an HTML- coded data performed by the player.
  • - cookies may be detected by the presence of a cookie creation script encapsulated in HTML-coded data 112 sent by the server.
  • the detection step 110 If a cookie is detected in data 112 sent from the server to the player, the detection step 110 generates a control signal 109 which opens the switch of the control step 108. The cookie file associated with this cookie thus cannot be stored in the memory device 111.
  • Fig.2 which derives from Fig.l, depicts an improved communication method according to the invention between an information carrier player 101 and a server 102 via a communication network 103.
  • This method differs from the method of Fig.l in that it comprises a masking step 201 for masking the Internet Protocol address IPi which characterizes the information carrier player 101.
  • the masking step 201 is advantageously implemented by a proxy server having a permanent Internet Protocol address IPO.
  • the proxy server may correspond to a cache disc for temporally buffering data exchanged between the player and the server, and/or to a firewall.
  • the use of the proxy server 201 is a supplementary feature for ensuring that the user will be anonymous. This prevents the user, even logged in anonymously, from being tracked by the server 102 by the use of the Internet Protocol address IPi of the player 101.
  • Some Web servers send data only if cookies are stored in the local memory of the client. In that case, blocking of all cookies will lead to the situation that the contents of such
  • the communication method according to the invention may be implemented in an information carrier player comprising a Web browser feature, such as a DVD player, or in any portable apparatus comprising a DVD player (PDA, mobile phone ).
  • an information carrier player comprising a Web browser feature
  • DVD player or in any portable apparatus comprising a DVD player (PDA, mobile phone ).
  • Such a method may be implemented by means of hardware elements (such as wired electronic circuits, memories, signal processors ...), or alternatively by means of software elements such as computer programs comprising code instructions stored in a memory device, said code instructions being executed by a signal processor.
  • hardware elements such as wired electronic circuits, memories, signal processors
  • software elements such as computer programs comprising code instructions stored in a memory device, said code instructions being executed by a signal processor.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un procédé de communication entre un lecteur de supports d'informations (101) et un serveur (102), ledit procédé comprenant un stade de connexion (105) destiné à se connecter dudit support d'informations (101) audit serveur (102) au moyen d'informations d'utilisateur factices (106), et un stade de contrôle (108) destiné à empêcher les cookies envoyés par ledit serveur (102) d'être stockés dans ledit lecteur de supports d'informations (101).
PCT/IB2003/005781 2002-12-30 2003-12-05 Connexion anonyme a un serveur web depuis un lecteur de supports d'informations WO2004059940A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2003303453A AU2003303453A1 (en) 2002-12-30 2003-12-05 Anonymous log-in from an information carrier player to a web server

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP02293264.4 2002-12-30
EP02293264 2002-12-30

Publications (1)

Publication Number Publication Date
WO2004059940A1 true WO2004059940A1 (fr) 2004-07-15

Family

ID=32668924

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2003/005781 WO2004059940A1 (fr) 2002-12-30 2003-12-05 Connexion anonyme a un serveur web depuis un lecteur de supports d'informations

Country Status (3)

Country Link
AU (1) AU2003303453A1 (fr)
TW (1) TW200428835A (fr)
WO (1) WO2004059940A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2443093A (en) * 2006-10-19 2008-04-23 Dovetail Software Corp Ltd Insertion of extraneous characters into requested data to affect pattern recognition processes e.g. webscraping
GB2464397A (en) * 2008-10-17 2010-04-21 Intuit Inc Accessing dynamic content on a web server using a default anonymous user account and cached logons of the web site owner.

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0855659A1 (fr) * 1997-01-22 1998-07-29 Lucent Technologies Inc. Système et méthode de browsage anonyme et personnalisé dans un réseau
EP1017205A1 (fr) * 1998-12-31 2000-07-05 Lucent Technologies Inc. Méthode de communication d'information d'un utilisateur anonyme à un site Web
WO2002003219A1 (fr) * 2000-06-30 2002-01-10 Plurimus Corporation Procede et systeme pour le controle de comportement de reseau informatique en ligne et la creation de profils de comportement en ligne
US20020029216A1 (en) * 2000-09-02 2002-03-07 Honder Tzou Device and method for supplying the information of DVDs

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0855659A1 (fr) * 1997-01-22 1998-07-29 Lucent Technologies Inc. Système et méthode de browsage anonyme et personnalisé dans un réseau
EP1017205A1 (fr) * 1998-12-31 2000-07-05 Lucent Technologies Inc. Méthode de communication d'information d'un utilisateur anonyme à un site Web
WO2002003219A1 (fr) * 2000-06-30 2002-01-10 Plurimus Corporation Procede et systeme pour le controle de comportement de reseau informatique en ligne et la creation de profils de comportement en ligne
US20020029216A1 (en) * 2000-09-02 2002-03-07 Honder Tzou Device and method for supplying the information of DVDs

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "Anti-Cookie Software", INTERNET ARTICLE, 3 April 2001 (2001-04-03), pages 1, XP002278107, Retrieved from the Internet <URL:http://www.cookiecentral.com/ccstory/cc5.html> [retrieved on 20040426] *
ANONYMOUS: "Internet Junkbuster Technical Information-Manual Page", INTERNET ARTICLE, 23 October 2002 (2002-10-23), pages 1 - 6, XP002278106, Retrieved from the Internet <URL:http://web.archive.org/web/20030402030830/www.junkbusters.com/ijbman.html> [retrieved on 20040426] *
SYVERSON P F ET AL: "PRIVATE WEB BROWSING", JOURNAL OF COMPUTER SECURITY, AMSTERDAM, NL, vol. 5, no. 3, 1 June 1997 (1997-06-01), pages 237 - 248, XP002059821, ISSN: 0926-227X *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2443093A (en) * 2006-10-19 2008-04-23 Dovetail Software Corp Ltd Insertion of extraneous characters into requested data to affect pattern recognition processes e.g. webscraping
GB2464397A (en) * 2008-10-17 2010-04-21 Intuit Inc Accessing dynamic content on a web server using a default anonymous user account and cached logons of the web site owner.
US8032930B2 (en) 2008-10-17 2011-10-04 Intuit Inc. Segregating anonymous access to dynamic content on a web server, with cached logons
GB2464397B (en) * 2008-10-17 2013-01-02 Intuit Inc Segregating anonymous access to dynamic content on a web server, with cached logons
US9047387B2 (en) 2008-10-17 2015-06-02 Intuit Inc. Secregating anonymous access to dynamic content on a web server, with cached logons

Also Published As

Publication number Publication date
AU2003303453A1 (en) 2004-07-22
TW200428835A (en) 2004-12-16

Similar Documents

Publication Publication Date Title
JP6367883B2 (ja) ウェブページを通してローカルアプリケーションを制御するシステム及び方法
US10313354B2 (en) Systems and methods for efficient and secure temporary anonymous access to media content
US6938096B1 (en) Method and system for remote networking using port proxying by detecting if the designated port on a client computer is blocked, then encapsulating the communications in a different format and redirecting to an open port
US7200632B1 (en) Method and system for serving software applications to client computers
US6859878B1 (en) Universal userid and password management for internet connected devices
US7175078B2 (en) Personal portable storage medium
US6438600B1 (en) Securely sharing log-in credentials among trusted browser-based applications
US7578002B2 (en) Controlling interaction of deliverable electronic media
US7316033B2 (en) Method of controlling recording of media
US20030084439A1 (en) Incentive system for distributing software over a computer network
US20080148377A1 (en) Management of Network Login Identities
US20080127319A1 (en) Client based online fraud prevention
MXPA03005450A (es) Personalizacion y notificacion de controles paternales.
WO2017040601A1 (fr) Procédé, dispositif et système de gestion d&#39;accès d&#39;un service d&#39;hébergement nuagique
CA2622253C (fr) Procede de commande d&#39;une fenetre de navigateur
JP2000105741A (ja) セッション環境情報を共用する方法
EP3345087A1 (fr) Procédé, dispositif et système de gestion d&#39;accès d&#39;un service d&#39;hébergement nuagique
EP1183583A1 (fr) Systeme et procede d&#39;authentification d&#39;utilisateurs et de gestion d&#39;identites
WO2009039160A2 (fr) Procédé et système pour stocker et utiliser une pluralité de mots de passe
KR100615470B1 (ko) 웹 에이전트를 이용한 불법 침입자 추적 및 접근자 인증시스템과 그 방법
US7730169B1 (en) Business method and system for serving third party software applications
Ye et al. Web spoofing revisited: SSL and beyond
US20050267981A1 (en) System and method for server side detection of client side popup blocking
US10686834B1 (en) Inert parameters for detection of malicious activity
WO2004059940A1 (fr) Connexion anonyme a un serveur web depuis un lecteur de supports d&#39;informations

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP