| 发明名称 | Client-side encryption of form data | ||
| 摘要 | Disclosed are various embodiments that facilitate client-side encryption of form data. A network page that includes client-side code that encrypts one or more data items using a public key is sent to the client. The data items are provided by a user in one or more form fields of the network page. The data items and one or more unencrypted data items are obtained from the client over an encrypted channel. The data items are encrypted using the public key when the data items have not been encrypted by the client-side encryption code. The data items are sent in an encrypted state to a server over an internal network. A firewall is interposed between the internal network and the server to protect the server from the internal network. | ||
| 申请公布号 | US9058603(B1) | 申请公布日期 | 2015.06.16 |
| 申请号 | US201112984264 | 申请日期 | 2011.01.04 |
| 申请人 | Zappos IP, Inc. | 发明人 | Lee Asheley S.;Ozdemir Saffet G.;Weiss Christopher A.;Madej Mark G.;Bailey David B. |
| 分类号 | G06Q20/00;G06Q20/38 | 主分类号 | G06Q20/00 |
| 代理机构 | Thomas | Horstemeyer, LLP | 代理人 | Thomas | Horstemeyer, LLP |
| 主权项 | 1. A system, comprising: at least one computing device; and a network page server executable in the at least one computing device, the network page server comprising: logic that sends a network page to a client, the network page including code that encrypts at least one data item in the client using a public key, the at least one data item being provided by a user in at least one form field of the network page and including private data;logic that, in response to receiving the at least one data item and at least one unencrypted data item from the client over an encrypted channel, determines whether the at least one data item that has been received has been encrypted in the client by the code that encrypts, wherein the logic that determines whether the at least one data item that has been received has been encrypted in the client by the code that encrypts is configured to at least: determine a first form parameter name corresponding to the at least one data item being encrypted in the client and a second form parameter name corresponding to the at least one data item not being encrypted in the client; anddetermine whether form data received from the client includes the at least one data item under the first form parameter name or the second form parameter name;logic that encrypts the at least one data item using the public key in response to determining that the at least one data item that has been received has not been encrypted in the client by the code that encrypts, wherein the logic that encrypts is configured not to encrypt the at least one data item in response to determining that the at least one data item that has been received has been encrypted in the client by the code that encrypts; andlogic that sends the at least one data item in an encrypted state to a server over an internal network, wherein a firewall is interposed between the internal network and the server to protect the server from the internal network. | ||
| 地址 | Henderson NV US | ||