摘要 |
The invention relates to systems and methods of securing HTTP applications. According to the invention, responses sent from a server, such as a Web server, are analysed and a signature is generated for each HTML object on said page. The signature is encrypted and sent to a client together with the contents of the page. When a client sends a subsequent request, the system compares the signature associated with said request with the contents of the actual request. If the values, variables, lengths and cardinality of the request are valid, the petition is then transferred to the Web server. However, if the request is invalid, it is blocked from reaching the Web server, thereby protecting said Web server from malicious attacks. The inventive systems and methods provide security without being restricted to one session or one user.
|
申请人 |
GRUPO S21SEC GESTION, S.A.;MORA HIDALGO, LUIS;PANADERO LLEONART, XABIER |
发明人 |
MORA HIDALGO, LUIS;PANADERO LLEONART, XABIER |