发明名称 |
Enforcement of same origin policy for sensitive data |
摘要 |
Methods, systems, and apparatus relating to enforcement of same origin policy of sensitive data are described. In an embodiment, a security agent may help ensure release of sensitive data is only triggered by authorized sources. The security agent may help ensure sensitive data is only released to authorized destinations. A security agent may translate or obfuscate sensitive data. Sensitive data may include HTTP cookies, session data, authentication information, authorization information, personal information, user credentials, and/or other data sensitive in nature. Sensitive data destinations and/or sensitive data origins may be identified. Identification may be performed using secure means (such as for example a SSL/TLS handshake). Other embodiments are also disclosed and claimed. |
申请公布号 |
US8856869(B1) |
申请公布日期 |
2014.10.07 |
申请号 |
US201012821116 |
申请日期 |
2010.06.22 |
申请人 |
NexWavSec Software Inc. |
发明人 |
Brinskelle Jeffrey E. |
分类号 |
G06F7/04;G06F17/30;G06F9/00;G06F15/16;G06F17/00;G06F21/31;H04L29/06 |
主分类号 |
G06F7/04 |
代理机构 |
|
代理人 |
Aghevli Ramin |
主权项 |
1. A method to enforce same origin policy comprising:
examining a network message, from a client to a first domain, corresponding to a sensitive data, wherein generation of the network message is initiated from a second domain; determining a trigger within the network message to cause release of the sensitive data, wherein the trigger identifies the second domain; retrieving one or more authorized triggers for the sensitive data from a storage device; determining whether the trigger matches the one or more authorized triggers for the sensitive data; and releasing the sensitive data based on the determination of whether the trigger matches the one or more authorized triggers for the sensitive data. |
地址 |
Ottawa CA |