WO2016203426A1 - Procédé de certification de documents et contenus électroniques sur internet et système de certification de documents et contenus électroniques mettant en œuvre ledit procédé - Google Patents

Procédé de certification de documents et contenus électroniques sur internet et système de certification de documents et contenus électroniques mettant en œuvre ledit procédé Download PDF

Info

Publication number
WO2016203426A1
WO2016203426A1 PCT/IB2016/053585 IB2016053585W WO2016203426A1 WO 2016203426 A1 WO2016203426 A1 WO 2016203426A1 IB 2016053585 W IB2016053585 W IB 2016053585W WO 2016203426 A1 WO2016203426 A1 WO 2016203426A1
Authority
WO
WIPO (PCT)
Prior art keywords
surfing
contents
electronic documents
user
internet
Prior art date
Application number
PCT/IB2016/053585
Other languages
English (en)
Inventor
Marco Alvise DE STEFANI
Dario TION
Michele DELLA MARINA
Original Assignee
De Stefani Marco Alvise
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by De Stefani Marco Alvise filed Critical De Stefani Marco Alvise
Priority to EP16734751.7A priority Critical patent/EP3311351A1/fr
Publication of WO2016203426A1 publication Critical patent/WO2016203426A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/018Certifying business or products
    • G06Q30/0185Product, service or business identity fraud
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Definitions

  • the present invention concerns a method for certifying electronic documents and contents.
  • the present invention concerns a method for certifying electronic documents and contents in a protected environment on the Internet and a system for carrying out said certification which implements said method.
  • the present invention is able not only to certify documents, generated or downloaded on the Internet, but also to save, date and certify Internet surfing, hence procedures, passes, search logics and connections, in such a way as to be exempt from counterfeiting, guaranteeing the authenticity and the possibility of certifying a posteriori the authenticity and date thereof, also if the original element is later no longer accessible.
  • the date and time of acquisition of the screenshot can be left unchanged, but the content of the electronic document itself can be modified, for example with a retouching software program, for example cancelling a Company reference or an important connection, or cancelling a field of text, or modifying the URL address of the Internet site, rewriting it and/or camouflaging it.
  • a retouching software program for example cancelling a Company reference or an important connection, or cancelling a field of text, or modifying the URL address of the Internet site, rewriting it and/or camouflaging it.
  • US 6,839,879 Bl describes a method and the corresponding system for certifying electronic documents, which provides to temporally mark and manage electronic documents.
  • GB 2357350 A describes a system for certifying electronic documents, more specifically electronic copies of real documents.
  • this document provides to acquire real documents, for example by scanning them, or with other acquisition methods, to create an electronic copy of the documents to be certified.
  • the document refers to the use of the Internet only to be able to associate the electronic device, with which an electronic document has been certified, with an archive system that is used to store all the electronic documents certified, and to be able to access the same.
  • WO 02/077793 Al describes a method to organize contents generated by a computer, in particular to catalog them. The method described there provides to associate electronic contents with predefined parameters to supply a certification of the parameters associated with each electronic content acquired from web pages.
  • US 2002/0124172 Al describes a method to validate web pages.
  • the method provides to digitally sign electronic contents of a web page accessible by using a portal on the Internet, but changing the information content of the electronic contents signed because components need to be installed in the servers that host the web page to be signed.
  • the solutions described above do not ensure a certification method that can be, for example, exempt from malware present on the surfing Client, from problems inserted between the Client and Internet, or from malevolent and fraudulent interventions by the user himself.
  • the purpose of the present invention is therefore to perfect a method for certifying electronic documents and contents in a protected environment on the Internet, and a system to certify electronic documents and contents that implements said method, which are able to guarantee the authenticity and non- changeability of the electronic documents acquired, and which are able to frustrate any possible attempt to alter information and/or parameters of the electronic documents and contents acquired on the Internet.
  • the Applicant has devised, tested and embodied the present invention to overcome the shortcomings of the state of the art and to obtain these and other purposes and advantages.
  • Embodiments described here concern a method for certifying electronic documents and contents, which allows a user to surf the Internet in a protected environment to acquire and save said electronic documents and contents to be certified.
  • the method comprises at least an acquisition step, a memorization step and a transmission step.
  • the acquisition step comprises the following steps in succession:
  • the surfing step provides to acquire and save an entire web surf of the user, therefore in terms of content intended as research strategies, connections, logics, passages and other, and also in terms of documents downloaded or generated.
  • the memorization step comprises the following steps in succession:
  • the content and document generation step provides at least a procedure in which the electronic documents and contents acquired are signed temporally without changing the information content of the electronic documents and contents themselves, therefore comprising the web pages visited and/or the web surfing performed by the user.
  • - fig. 1 is a flow chart of certification steps of an electronic document, in accordance with the present invention.
  • - fig. 2 is a schematic view of a certification system of a document, in accordance with the present invention.
  • fig. 1 shows with a flow chart a method 10 for certifying documents, in particular documents in electronic format acquired from the Internet, and also electronic contents according to one embodiment of the present invention.
  • the method 10 can be implemented using a system 100 for certifying electronic documents acquired on the Internet, or more generally electronic contents, for example a whole surfing on web pages, shown in its entirety by the general diagram in fig. 2.
  • certification we mean, in general, the process by which documents or contents can be deemed unchanged from the moment when they were acquired.
  • the certification of a document guarantees the persistence, consistency, validity, integrity and authenticity of spatial-temporal data, information, parameters and the source of acquisition of the electronic document itself.
  • the invention can also refer to the information content of a particular electronic document or electronic content.
  • the method 10 can comprise a step 12 of acquiring the electronic document or content.
  • a user can acquire an electronic document or content to be certified.
  • the user can for example surf the Internet in a protected environment to download one or more electronic documents or contents to be subsequently certified.
  • the user can surf the Internet using a secure and controlled Internet connection.
  • the user can surf the Internet in a computer portal for certifying documents or contents.
  • the method 10 can comprise a step 14 of memorizing the electronic document or content acquired on the Internet, after the acquisition step 12.
  • the memorization step 14 it is provided to memorize the one or more electronic documents or contents to be certified acquired on the Internet by the user, and the corresponding environmental parameters detected and measured by the system.
  • the method 10 can comprise a transmission step 16, after the memorization step 14.
  • a further memorization is provided of the one or more electronic documents or contents certified, in an archive support, such as for example a CD, DVD, USB support etc., which on request can be transmitted to the user who acquired the electronic documents or contents.
  • an archive support such as for example a CD, DVD, USB support etc.
  • the acquisition step 12 can comprise, in succession, a credit management step 18, a step 20 to start the protected environment, a step 22 to start a timer and counter, a web surfing step 24 and a step to choose the acquisition mode 26.
  • the user can manage his credit to carry out one or more operations made available by the software program of the protected environment, such as for example concluding one or more certifications of electronic documents or contents and/or receiving the archive support with, inside it, the certified electronic documents.
  • an initialization of the protected environment is provided, inside which the user can safely surf the net to acquire electronic documents or contents to be certified.
  • the user can log in to the system 100, inserting a user name and a password.
  • it can be provided to insert personal data such as one's tax code and or other personal data that guarantee the user's authenticity, for example using strong authentication systems.
  • the step 22 to start a timer and counter provides to start a timer device and a counter device, configured respectively to generate and memorize the user's web surfing time and to detect the quantity of information downloaded during the user's web surfing, for example the quantity of Bytes used during the active surfing session.
  • a timer device advantageously allows to monitor the user's surfing session both constantly and accurately, increasing the reliability of the acquisitions and consequently the certifications made, both in terms of the documents generated, viewed or uploaded/downloaded, and also more generally in terms of contents, such as the surfing mode, the search logics or other.
  • the user can surf the Internet inside the protected environment, for example searching for the contents from which to acquire the one or more electronic documents or contents to be certified.
  • the user can select one or more acquisition modes of the electronic documents or contents to be certified.
  • the user can acquire a single web page, for example making a screenshot of the screen displayed.
  • he/she can acquire a whole website, or a specific image or video, or data from specific environments, for example from social networks.
  • the web surfing step 24 provides to acquire and save the user's whole web surfing.
  • the user can activate specific plug- ins supported by the computer portal, able to acquire specific web contents.
  • the memorization step 14 can comprise an archiving step 28 and a subsequent document generation step 30.
  • the electronic documents or contents acquired are archived in at least a network archive system 190 associated with the certification system 100.
  • the electronic documents or contents are validated and encoded to guarantee their security against any possible attempt to modify them, either external (by third parties) or internal (by the user who acquired electronic documents during the protected surfing or by the system administrators), after acquisition.
  • the one or more network archive systems 190 can execute, substantially constantly, one or more backup copies, geographically distributed, of the chronology of the surfing session, the acquisition, the data input by the user, etc., so as to guarantee a further security to the system 100, to the state of the acquisition environment and surroundings, against any attempt at modification.
  • the document generation step 30 provides to temporally sign the electronic documents or contents acquired on the Internet, in particular to certify the exact date and time they were acquired and to guarantee they cannot be changed.
  • the temporal signature of the electronic documents or contents acquired does not modify the information content of the electronic documents or contents themselves and/or the web pages and/or the user's entire surfing session.
  • the document generation step 30 provides to generate an information report, containing information as complete as possible on the user's whole surfing session.
  • the information report can contain the data acquired and the corresponding references to guarantee the substance and non-changeability thereof.
  • the method 10 can comprise a further credit management step 18 which allows the user to verify if there is sufficient credit for the possible subsequent step 16 of transmitting the information report and the one or more electronic documents acquired, certified, archived in one or more of the archive backups cited above.
  • the user can connect to the protected environment to carry out a trial surfing session, for example free.
  • the trial session can be limited in the functions available, compared with the complete session which is generally available in return for payment, and can be active for a limited time and/or for a limited number of trials.
  • fig. 2 shows a system 100 for certifying electronic documents or contents that can implement the method 10 described above.
  • the system 100 can be connected to a fruition unit 110 of the electronic documents to be certified.
  • the fruition unit 1 10 is a device owned and/or used by the user that allows to connect to the system 100 for certifying electronic documents or contents.
  • the fruition unit 110 can be for example an electronic processor, such as for example a computer, notebook, netbook or a mobile electronic device, such as for example a smartphone, tablet or any other device that allows the user to surf the Net simply and securely and to access the computer portal for certifying electronic documents or contents.
  • an electronic processor such as for example a computer, notebook, netbook or a mobile electronic device, such as for example a smartphone, tablet or any other device that allows the user to surf the Net simply and securely and to access the computer portal for certifying electronic documents or contents.
  • the system 100 can comprise a surfing and acquisition interface 180 of the electronic documents or contents to be certified.
  • the surfing and acquisition interface 180 is accessible through the fruition unit 1 10 when the latter is correctly connected to the system 100.
  • the fruition unit 1 10 can comprise a graphical interface 120, configured to display the surfing and acquisition interface 180 and hence the screenshots of the various Internet sites to the connected user, through an encoded web connection.
  • the graphical interface 120 can be a touch screen that allows the user to select functions and insert input without needing to use a keyboard and/or a mouse.
  • Fig. 2 shows by way of example the screen of an internet site displayed on a fruition unit 110.
  • the graphical interface 120 in this situation, can comprise an URL address 130, a date reference 135, a time reference 140, a title reference 145, an image 150, an image description 155 and a hypertext link 160.
  • the URL address 130 can show, preferably alphanumerically, the address of the internet site in which the user is surfing at a specific moment.
  • the date reference 135 and the time reference 140 are indicators that show respectively the actual surfing date and the actual surfing time.
  • the surfing date and time in the protected environment can be constantly compared with external systems, having an hourly reference which, in a preferred solution, can be monitored by other external systems.
  • the external system can surf sites with pages that have a date stamp, to constantly compare the date.
  • This aspect is particularly advantageous because it makes it substantially impossible to modify the date and time with the intention of falsifying the acquisition moment and hence the certification of electronic documents or contents acquired on the Internet.
  • the title reference 145 is a field of text that synthetically describes the content of the Internet site.
  • the one or more images 150 can be, for example, photos of objects, reference drawings, graphics etc., present inside the Internet site.
  • the image description 155 is generally a text that is inserted in correspondence with the image 150 to give a substantive description thereof.
  • the one or more hypertext links 160 can be links to other Internet pages, in particular they can be links that, if selected, direct the user to one or more new Internet pages.
  • the graphical interface 120 can also comprise other fields of text 165, which can for example contain an article, a description, a space inside which it is possible to insert notes, comments, reviews or other.
  • the graphical interface 120 can also comprise one or more plugins for access to functions relating to social networks for example.
  • the surfing and acquisition interface 180 can be associated with a surfing system 191, for example a router, with network archive systems 190, for example servers, and with processing systems 192, also servers for example.
  • a surfing system 191 for example a router
  • network archive systems 190 for example servers
  • processing systems 192 also servers for example.
  • the user's fruition unit 1 10 can be connected by Internet and a web browser to the system 100.
  • the fruition unit 110 can be connected, for example in wireless mode, and in any case by an Internet network, to the surfing and acquisition interface 180.
  • the system 100 can be configured, by means of the surfing and acquisition interface 180, to supply to the fruition unit 110 a protected surfing environment, which allows the user only to surf the net to search for contents to be acquired and certified.
  • the network archive systems 190 and the processing systems 192 can be interfaced, in protected and indirect mode, and only by means of the surfing and acquisition interface 180, to the fruition unit 1 10 and can be configured to process and archive securely the various electronic data from the user's surfing.
  • the method 10 provides to read in advance any possible attempt to modify one or more of the elements cited above and the corresponding communication methods, in order to block said possible attempt, preventing any modification and the falsification of the certification of the one or more electronic documents acquired by the user.
  • a user may possibly try to modify the URL address 130 of the Internet site inside which he is surfing, and try to modify the actual address with a different one.
  • DNS injection a procedure called "DNS injection” which consists of intervening in resolving the names, that is, when a domain name is converted into an IP address in order to take the web surfing to another destination transparently.
  • the invention provides that DNS lookups for resolving domain names are carried out on an internal search engine and compared with lookups carried out at the same time on other external DNS engines.
  • a user may also possibly try to re-direct the surfing onto websites that have been falsified by modifications of the routing systems, and in particular by modifying the connection between the router and the fruition unit 110, and/or between the surfing and acquisition interface 180 and fruition unit 110, for example by modifying the transmission protocols of the router/routers.
  • the data packages transmitted by the router/routers are traced and acquired in a non-modifiable format at the same time as the user is surfing.
  • a user may try to modify contents inside the Internet site by using malware programs present for example in the fruition unit 110 or in the external network archive system 190.
  • surfing systems 191 are not directly accessible by users, and therefore the possibilities of action and consequent impairment are limited.
  • the data are acquired through two or more different access channels to the Internet, used simultaneously or randomly, so as to be able to compare the contents downloaded in parallel and to identify possible attempts to alter them and/or make the surfing channel used not predictable.
  • the paths and times of travel of the data packages used are continuously monitored, so as to identify possible anomalies in them.
  • network archive systems 190 are protected by evolved firewall systems and by systems 193 to monitor intrusions. Every attempted access is logged on remote devices. In particular, if an attempted access is not authorized, the monitoring systems 193 sound an alarm.
  • the data are also encoded, by means of an encoding system 194, so as to make it substantially impossible to modify them without breaking the code.
  • the main files of the operating system are analyzed cyclically by part of an integrity control system 195. This can be configured to sound alarms if compromises are identified.
  • Both the data archives and the attached reports are signed digitally and marked temporally. It is therefore not possible to modify the contents and/or the properties without this harmful activity being detected, thus causing the archive itself to lose its validity.
  • the information report generated during the document generation step 30 includes the list of materials of the archive, with the corresponding hash signatures. Moreover, the hash of the whole archive is included, so as to make any impairment difficult.
  • the information report is digitally signed so as to prevent any modification thereof by a third party.
  • the whole fruition activity of the fruition unit 110 is registered, certified and attached to the data archive, available to the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Finance (AREA)
  • Marketing (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé de certification de documents électroniques, qui permet à un utilisateur de naviguer sur Internet dans un environnement protégé pour acquérir lesdits documents électroniques à certifier, comportant une étape (12) d'acquisition, une étape (14) de mémorisation et une étape (16) de transmission. L'étape (12) d'acquisition comporte au moins une étape servant à démarrer un environnement protégé, une étape de navigation et une étape servant à choisir le mode d'acquisition. L'étape (14) de mémorisation comporte au moins une étape d'archivage et une étape de génération de documents.
PCT/IB2016/053585 2015-06-17 2016-06-16 Procédé de certification de documents et contenus électroniques sur internet et système de certification de documents et contenus électroniques mettant en œuvre ledit procédé WO2016203426A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP16734751.7A EP3311351A1 (fr) 2015-06-17 2016-06-16 Procédé de certification de documents et contenus électroniques sur internet et système de certification de documents et contenus électroniques mettant en oeuvre ledit procédé

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ITUB20151433 2015-06-17
IT102015000024343 2015-06-17

Publications (1)

Publication Number Publication Date
WO2016203426A1 true WO2016203426A1 (fr) 2016-12-22

Family

ID=55409921

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2016/053585 WO2016203426A1 (fr) 2015-06-17 2016-06-16 Procédé de certification de documents et contenus électroniques sur internet et système de certification de documents et contenus électroniques mettant en œuvre ledit procédé

Country Status (2)

Country Link
EP (1) EP3311351A1 (fr)
WO (1) WO2016203426A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2357350A (en) * 1999-12-18 2001-06-20 Ncr Int Inc Storage and retrieval of images
US20020124172A1 (en) * 2001-03-05 2002-09-05 Brian Manahan Method and apparatus for signing and validating web pages
WO2002077793A1 (fr) * 2001-03-26 2002-10-03 Geo Trust, Inc. Ddefinition de zones de contenu
US6839879B1 (en) * 1999-05-07 2005-01-04 Xilinx, Inc. Method and system for time-stamping and managing electronic documents
EP2083531A2 (fr) * 2008-01-23 2009-07-29 De Luca, Stefano Dispositif de marquage spatial et temporel, particulièrement pour documents numériques

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6839879B1 (en) * 1999-05-07 2005-01-04 Xilinx, Inc. Method and system for time-stamping and managing electronic documents
GB2357350A (en) * 1999-12-18 2001-06-20 Ncr Int Inc Storage and retrieval of images
US20020124172A1 (en) * 2001-03-05 2002-09-05 Brian Manahan Method and apparatus for signing and validating web pages
WO2002077793A1 (fr) * 2001-03-26 2002-10-03 Geo Trust, Inc. Ddefinition de zones de contenu
EP2083531A2 (fr) * 2008-01-23 2009-07-29 De Luca, Stefano Dispositif de marquage spatial et temporel, particulièrement pour documents numériques

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HOSSEIN JAHANKHANI ET AL: "Electronic Signatures as Obstacle for Cross- Border E-Procurement in Europe. Lessons from the PROCURE Improved Awareness on Fake Websites and Detecting Techniques", BRUSSELS MONTHLY NEWSLETTER INTERNATIONAL JOURNAL OF NETWORK MANAGEMENT COMPUTER AND INFORMATION SCIENCE UNITED NATIONS DEPARTMENT OF ECONOMIC AND SOCIAL AFFAIRS: PUBLIC GOVERNANCE INDICATORS: LITERATURE REVIEW PAPER NR, 1 January 1999 (1999-01-01), pages 129 - 137, XP055265982, Retrieved from the Internet <URL:http://www.ask-force.org/web/Discourse/Jahankhani-Improved-Awareness-Fake-Websites-2012.pdf> *
PAUL V MOCKAPETRIS: "Defending your DNS & DHCP - Best Practices", NETWORK SECURITY, vol. 2003, no. 6, 1 June 2003 (2003-06-01), AMSTERDAM, NL, pages 7 - 10, XP055265977, ISSN: 1353-4858, DOI: 10.1016/S1353-4858(03)00609-3 *

Also Published As

Publication number Publication date
EP3311351A1 (fr) 2018-04-25

Similar Documents

Publication Publication Date Title
CN107209830B (zh) 用于识别并抵抗网络攻击的方法
Stuttard et al. The web application hacker's handbook: Finding and exploiting security flaws
US8286225B2 (en) Method and apparatus for detecting cyber threats
CN102546576B (zh) 一种网页挂马检测和防护方法、系统及相应代码提取方法
Castiglione et al. Security and privacy issues in the Portable Document Format
Calzavara et al. Testing for integrity flaws in web sessions
US20180302437A1 (en) Methods of identifying and counteracting internet attacks
Likaj et al. Where we stand (or fall): An analysis of CSRF defenses in web frameworks
Heiderich et al. The bug that made me president a browser-and web-security case study on helios voting
CN111786795B (zh) 域名注册方法、域名监管方法、客户端及域名监管终端
Kimak et al. An investigation into possible attacks on HTML5 indexedDB and their prevention
Batarfi et al. Csrfdtool: Automated detection and prevention of a reflected cross-site request forgery
WO2016203426A1 (fr) Procédé de certification de documents et contenus électroniques sur internet et système de certification de documents et contenus électroniques mettant en œuvre ledit procédé
Bissyandé et al. Vulnerabilities of government websites in a developing country–the case of Burkina Faso
Riesch et al. Audit based privacy preservation for the OpenID authentication protocol
Ashari et al. Security Audit for Vulnerability Detection and Mitigation of UPT Integrated Laboratory (ILab) ITERA Website Based on OWASP Zed Attack Proxy (ZAP)
Alanazi et al. The history of web application security risks
Appelbaum Technical analysis of the Ultrasurf proxying software
Salvador et al. wraudit: a tool to transparently monitor web resources’ integrity
Mahajan et al. BRB dashboard: A web-based statistical dashboard
Adams et al. Guide to Securing Scientific Software
Subana et al. Web Server Security Analysis Using The OWASP Mantra Method: Web Server Security Analysis Using The OWASP Mantra Method
Khan The Most In-depth Hacker's Guide
Georgiev Information Security of PHP Applications
Sharma et al. Discover broken authentication and session management vulnerabilities in asp. net web application

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16734751

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2016734751

Country of ref document: EP