WO2002078259A1 - Dynamic content certification - Google Patents

Dynamic content certification Download PDF

Info

Publication number
WO2002078259A1
WO2002078259A1 PCT/US2001/009581 US0109581W WO02078259A1 WO 2002078259 A1 WO2002078259 A1 WO 2002078259A1 US 0109581 W US0109581 W US 0109581W WO 02078259 A1 WO02078259 A1 WO 02078259A1
Authority
WO
WIPO (PCT)
Prior art keywords
content
certification
information
rules
alternatives
Prior art date
Application number
PCT/US2001/009581
Other languages
French (fr)
Inventor
Christopher M. Coulthard
Scott C. Mcleod
Peter D. Norman
Kevin Willoughby
Original Assignee
Geo Trust, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Geo Trust, Inc. filed Critical Geo Trust, Inc.
Priority to PCT/US2001/009581 priority Critical patent/WO2002078259A1/en
Publication of WO2002078259A1 publication Critical patent/WO2002078259A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Definitions

  • the present invention is related to certifying computer-generated content, such as Web pages.
  • U.S. Patent Application No. 09/248,370 describes a certification system that incorporates digital signatures into Web pages, and that maintains a record associating each Web page with a corresponding digital signature. To certify a Web page, the system compares the digital signature of a displayed Web page to that maintained in the record. If the two match, the Web page is certified; otherwise it is not.
  • Java JAR is example of a certification system that uses lists and digital signatures. Briefly, Java JAR is directed to ensuring the integrity of information in
  • composite files that is, files which contain multiple components, each of which has its own guarantee of integrity.
  • An example of composite is Web page 1 of Figure 1 which may include image element 2 , image element 4 , and image element 5.
  • the Java JAR system confirms that the content is intact by comparing the content with a hash code generated therefrom by the sender and encrypted with a key to guarantee its authenticity.
  • a dynamic Web page is comprised of static and, possibly, dynamic elements.
  • the Web page is dynamic if at least some of the static elements can be substituted for one another.
  • a common example of a dynamic Web page is a page that "builds" an automobile in response to user selection of features such as model, year, color, etc., and that displays an image of the resulting automobile together with its price. In this example, different alternatives may be displayed on the same page depending on the user's selection of features.
  • the invention is a system that certifies dynamically-generated content such as interactive Web pages.
  • the invention stores a set of rules containing alternatives as to what information may be included in the content.
  • the alternatives contained in the set of rules may correspond to models that are available from a particular manufacturer.
  • the alternatives may indicate that information corresponding to those models (e.g, their images) may be included in the Web page.
  • the invention determines whether each element of information for which certification is required obeys the rules specified for it, and what the certification result for the element is.
  • the certification result for content such as a Web page, is then determined based on additional rules involving the certification results of the elements and the context of the page. All rules can take into consideration information from their context. This context includes the identity, authorization and location of the user, the date, parameters which may have been set by the user or by an authorized person or process on the server, or any other information that can be exposed programmatically as property.
  • the certification process can be recursive. That is, the individual elements may have groups of rules for themselves and any of their subsidiary elements. This increases the utility of the system by allowing complex structures to be built.
  • Plural (e.g., two or more) levels of certification are provided in preferred embodiments of the invention.
  • different levels of certification may be provided for different alternatives, e.g., "high” indicating a high degree of reliability, “medium” indicating a relatively lower degree of reliability, and “low” indicating a low degree of reliability.
  • the level of certification of particular content depends on which alternatives match the elements of information contained therein.
  • the invention is preferably implemented using a client-server architecture. Specifically, the client requests content (e.g., a Web page), and the server assembles information contained in the requested content and processes the information in the manner described above to determine whether or not to certify the content.
  • content e.g., a Web page
  • server assembles information contained in the requested content and processes the information in the manner described above to determine whether or not to certify the content.
  • the present invention is a system for certifying computer-generated content.
  • the system includes a client which outputs information corresponding to the content .
  • a server stores a set of rules that contains alternatives for information that may be included in the content, and determines whether the information from the content corresponds to at least one of the alternatives contained in the set of rules.
  • the server issues a certification confirming the validity of the content in a case that the information corresponds to at least one alternative.
  • the invention incorporates one or more of the following features/functions:
  • the client requests content with dynamic components or engages in a dynamic interaction such as a form response or query.
  • the determining performed by the server determines whether the result obeys its certification requirements.
  • the determining performed by the server determines whether the plural elements of information correspond to the alternatives.
  • the client includes a user interface, and the content is generated on the client in accordance with information input via the user interface.
  • the content comprises a Web page.
  • the alternatives in the set of rules apply to programs that may be executed via the content .
  • the alternatives in the set of rules apply to individual objects such as images which may be incorporated into the content .
  • the client (i) displays the content, and (ii) displays a certification along with the content, the certification indicating that the content has been certified.
  • the content is not certified in a case that the information therein does not correspond to at least one alternative.
  • the server outputs the message to the client and the client displays the message to the user or, if the server is working cooperatively with an assembly engine, it may output the message to the assembly engine.
  • the client may display the content together with the message.
  • Certification results may correspond to a plurality of certification levels and the issuing performed by the server certifies the information in the content at one of the plurality of certification levels based on a result of execution of rules for the content.
  • the plurality of certification levels include “high” indicating a high degree of reliability, “medium” indicating a relatively lower degree of reliability, and “low” indicating a low degree of reliability.
  • the client displays the content, and the determining performed by the server can be performed either before, during or after the content is assembled.
  • Figure 1 shows a composite Web page.
  • Figure 2 shows a network system on which the certification process may be implemented.
  • Figure 3 shows the graphical user interface of a Web browser that may be used with the certification process.
  • Figure 4 shows a dynamic Web page that can be certified by the certification process.
  • Figure 5 shows process steps for certifying a dynamic Web page.
  • Figure 6 shows an example of a manifest used by the certification process to certify a dynamic Web page.
  • Figure 7 shows a Web page that can be used to initiate certification of individual static elements of a dynamic Web page.
  • Figure 8 shows the process of certifying individual static elements of a dynamic Web page.
  • Figure 9 shows a client retrieving a dynamic Web page from a Web server.
  • Figure 10 shows providing user input to a Web server.
  • Figure 11 shows requesting certification of a dynamic Web page.
  • Figure 12 shows process steps for certifying the content of dynamic Web pages and other dynamically-generated content .
  • Figure 13 shows issuing a certification message relating to a certification of a dynamic Web page.
  • Figure 14 shows a certificate that may be issued for certified Web pages.
  • Figure 15 shows process steps for organizing Web pages (or other content) into zones.
  • Figure 16 shows an example of a manifest used to organize content into zones.
  • Figure 17 is an abstract view of Web pages on a Web site organized into zones.
  • the present invention is preferably implemented using a client-server architecture, such as that shown in Figure 2.
  • This architecture includes client 6, certification server 7, and Web server 9 connected via network 10.
  • Network 10 may comprise any type of network or communications medium, including, but not limited to, one or more of the following: the Internet, a local area network ("LAN”), a wide area network (“WAN”), a wireless (e.g., ATM) network, a logical network within a single computer, some other form of programmatic communication such as interprocess communications or dynamic link libraries, or any combination thereof.
  • Client 6 is preferably a personal computer (“PC”) or similar data processing device.
  • Client 6 includes network interface 11 for interfacing to network 10, display screen 12 for displaying information to a user, keyboard 14 for inputting text and user commands, mouse 15 for positioning a cursor on display screen 12 and for inputting user commands, disk drive 16 for reading from and writing to floppy disks installed therein, and CD-ROM drive 17 for accessing data stored on CD-ROM.
  • Close-up view 18 shows the internal structure of client 6.
  • Client 6 includes memory 19 which is a computer- readable medium, such as a computer hard disk, for storing information.
  • memory 19 stores operating system 20, applications 21, and data 22.
  • MicrosoftTM Windows98TM is a one operating system that may be used with the invention; however, the invention is not limited to use therewith.
  • Applications 21 include Web browser 24, among others .
  • An example of a Web browser that may be used with the invention is NetscapeTM NavigatorTM.
  • Web browser 24 displays a graphical user interface ("GUI") to a user, through which the user may access information via the GUI.
  • GUI graphical user interface
  • Client 6 also includes display interface 26, keyboard interface 27, mouse interface 29, disk drive interface 30, CD-ROM drive interface 31, computer bus 32,
  • Processor 35 preferably comprises a microprocessor or the like for executing applications, such as those noted above, out of RAM 34.
  • applications including browser 24, may be stored in memory 19 as noted above or, alternatively, on a floppy disk in disk drive 16 or CD-ROM in CD-ROM drive 17.
  • processor 35 accesses applications and data stored on floppy disk via disk drive interface 30 and accesses applications and data stored on CD-ROM via CD-ROM interface 31.
  • Web server 9 may comprise a computer having features similar to client 6 for providing remote access to the Web site of an organization.
  • Web server 9 is connected to other computers (not shown) in the organization via LAN 36 (or network 10) .
  • Web server 9 is also connected to certification server 7 via network 10 or other medium.
  • Web server likewise includes a processor 23 and a memory 28, among other things, as shown in close-up view 13.
  • Assembly engine 25 Stored in this memory is assembly engine 25 and Web page elements 33.
  • Assembly engine 25 is a program that is executed by processor 23 to assemble Web pages. More specifically, a single Web page may be composed of a plurality of static and dynamic elements, such as images, applets, text, sound, other Web pages, etc.
  • assembly engine 25 retrieves those elements (e.g., from memory 28) and combines them in a predetermined manner so as to form the Web page .
  • Representative examples of commercially-available assembly engines that may be used in connection with the present invention include ATG Dynamo, Servlets, JSP and ASP
  • Certification server 7 likewise preferably comprises a computer having features similar to client 6. As shown in close-up view 38, certification server 7 includes, among other things, memory 39 for storing both applications and certification information 48 which includes the manifests described below. Memory 39 may include one or more memory devices, such as a computer hard disk, redundant array of inexpensive disks (“RAID”), optical disk drive, and the like. Processor 40 is also included on certification server 7 so as to execute applications stored in memory 39 and to provide the resulting output to the network.
  • RAID redundant array of inexpensive disks
  • Certification engine 41 comprises computer-executable code that runs on certification server 7 to certify Web.pages and other dynamic pages based on their content and/or certification information stored in their elements. Certification engine 41 also organizes sets of Web pages into plural zones based on their levels of certification, the type of information contained therein, or the like, as described in more detail below.
  • certification server 7 and Web server 9 may be one in the same; however, since this is not a requirement, the more general case of separate Web and certification servers is depicted in Figure 2.
  • the invention may also be implemented, in its entirety, on a single computer. That is, the functions of client 6, certification server 7 and Web server 9 (or its equivalent) may be implemented on a single computer.
  • Figures 4 to 14 depict the operation of certification engine 41 in the context of certifying dynamically-generated (or simply "dynamic") Web pages.
  • this embodiment of the invention is described with respect to Web pages, the invention is not limited to use with Web pages and can be used to certify any computer-generated content.
  • a Web page is dynamic if any of its contents is specified generically or generated programmatically or by query or in any other situation where the content is not specified uniquely and immutably a priori. That is, many Web pages are composites, meaning that they are composed of plural elements such as images, applets, text, sound, etc.
  • Each individual element may be static if all of its components are specified uniquely and immutably a priori; however, the Web page itself is still dynamic if the specification of the elements within the page are not so specified. It is also possible for the elements themselves to be dynamic because of their components or because they are programs or queries. The resolution of these dynamic objects to static objects generally occurs in the assembly engine, but it is also possible for this process to occur in the browser (e.g., with JavaScript) . In this regard, there is no reason, in principle, why some or all of the functions of the certification server could not take place in the client given the necessary integration with the browser.
  • Figure 4 shows a hypothetical Web page 42 displayed by browser 24.
  • Web page 42 "builds" an automobile based on user-selected features such as model, year, color, stereo, etc. That is, Web server 9 stores, in a manifest for Web page 42, plural alternatives for text element 43 and image elements 44 and 45.
  • a user selects which features 46 are to be included in the automobile, and a program or applet resident on Web page 43 determines which of the text and images stored on Web server 9 should be displayed as elements 43, 44 and 45 based on the selected features.
  • Browser 24 then transmits this information to Web server 9, where assembly engine 25 retrieves the appropriate text and images from memory 28 (or, more generally, any database on which they reside) and assembles them into Web page 42.
  • Figure 5 shows process steps for certifying a dynamic Web page. Though the process steps of Figure 5 are directed to certification of a Web page, once armed with the disclosure herein, one of ordinary skill in the art could easily use these steps to certify any type of computer- generated dynamic content .
  • the process of Figure 5 begins in step S501 by defining a manifest for the Web page.
  • the manifest is generally defined by the administrator of the Web site on which the Web page resides and provided to certification server 7 where it is indexed to the URL of the Web page and stored in memory.
  • the manifest includes a set of rules that specify information to be included on the Web page.
  • the set of rules includes alternatives for information that may be included on the Web page, though they may specify required information as well.
  • manifest 47 includes a rule 49 requiring display of an automobile image, which defines alternatives 54 (e.g., an image of a convertible, an image of a 4-wheel drive vehicle, etc.). It also includes a rule 55 requiring validation of the certification results. This may be done in accordance with a program or applet on the Web page .
  • step S502 (which may be performed before or after step S501) . That is, step S502 confirms that each alternative element (e.g., image, applet, etc.) that could be included on the Web page is certified. For Web page 42, this means confirming that each image element 44 and 45, and any other information that Web page 42 may include, is certified.
  • the certification of static elements in step S502 is performed by certification engine 41 in accordance with the process described in U.S. Patent Application No. 09/248,370. A brief description of this process is as follows.
  • FIG. 7 shows a password protected Web page 57 for requesting certification of an element.
  • an element such as an image
  • the certification control that receives the element prepares and transmits a certification request to certification server 7 specifying the content of the element and the certification desired.
  • a certification request 61 includes content 62 of the element submitted for certification, together with other information 64 such as the certification desired (e.g., site-wide certification, legal department certification, etc.), the author (s) of the element, and a uniform resource locator ("URL") that specifies a Web page on which the element is to be located.
  • Request 61 may also include information such as an element revision number, content keywords, title, etc.
  • Certification server 7 processes the received certification requests by distributing content 62 to those in an organization that could potentially provide approval for certification. For example, certification server 7 may distribute the content to all members of the organization's legal department when a request is made for legal department certification. Workflow software, E-mail daemons, and other techniques, executing on computers other than the certification server, can alternatively be used to distribute the content for certification.
  • Certification message 66 can include the content and the other information included in the certification request. This message can also include information 67 that describes the individual transmitting the certification message, the type of certification granted (e.g., an individual may have the capacity to certify content for both the marketing and legal departments of the organization), and a level of approval (e.g., "for internal use only” or "for publication on the Internet") . Additionally, the certification message may include a digital signature 68 belonging to the individual submitting the certification message and information to confirm the digital signature (e.g., X.509), or it may include information used by other authentication techniques.
  • a digital signature 68 belonging to the individual submitting the certification message and information to confirm the digital signature (e.g., X.509), or it may include information used by other authentication techniques.
  • Certification engine 41 processes received certification messages in accordance with certifying instructions. These instructions may be embedded in certification engine 41 or retrieved thereby. In one embodiment of the invention, these certifying instructions authenticate a certification message to ensure that an individual claiming to have approved the submitted content was, in fact, the one who produced certification message 66. After authentication, the certifying instructions can determine whether certification message 66 satisfies the criteria for the certification requested. For example, the certifying instructions can determine whether certification message 66, alone or in combination with previously-received certification messages, is sufficient to obtain legal department certification.
  • the certifying instructions can store the received certification and await further certification messages.
  • the process may store a hash for submitted content awaiting further certification to ensure that subsequent certification is for the same content as the certification already received.
  • the process can also attempt to certify any links or other objects referenced by the content.
  • the certifying instructions determine verification information from the certified content or other information provided.
  • verification information includes data that identifies the certified content such as a URL, compressed or uncompressed portions of the content, and/or an assigned identification number.
  • the verification information may also include one or more hash keys (e.g., an MD5 hash and an SHA hash) .
  • a hash key is produced by a one-way function and typically requires little storage space (e.g., 160-bits) , and is nearly guaranteed to be unique for given content .
  • the certifying instructions can produce a digital signature (e.g., a W3C DSig (Digital Signature Group) compliant signature) for content 62.
  • This digital signature can include computed hash, the content's URL, or any other verification or certification information (not shown) .
  • the certifying instructions determine whether content 62 can be dynamically modified to include the digital signature. For example, HTML and XML permit dynamic insertion of digital signatures into the content (e.g., as header information or as a newly defined tag) . Inclusion of the digital signature in content 62 ensures that the digital signature travels with the content. Thereafter, certified content 69, including the digital signature, is transmitted back to Web server 9, as shown in Figure 8.
  • step S503 any page, even an initial page, may be subject to the certification process of the present invention.
  • steps S503 and S504 are not necessary, since any attempt to retrieve a page may start at step S505. Nevertheless, for illustration's sake, steps S503 and S504 are included in the process.
  • a user logs onto client 6, executes browser 24, and requests a Web page from Web server 9.
  • Web server 9 transmits a Web page, such as that shown in Figure 4, to client 6. There, the Web page is displayed.
  • This process is depicted graphically in Figure 9.
  • the invention does not require a user to have an initial page into which to put initial information. Any interaction with the user supplies at least authentication information and perhaps information from "cookies".
  • step S504 the user inputs information into the Web page.
  • the user may select options for building an automobile.
  • Browser 24 transmits these user-selected options (i.e., the user input) to Web server 9, as shown in Figure 10.
  • assembly engine 25 determines which elements (e.g., images, text, applets, sound, etc.) are to be included on the Web page.
  • Assembly engine 25 then retrieves the appropriate elements from memory 28 (or any other database on which they reside) , and assembles the Web page therefrom.
  • Certification of the Web page may take place before, during or after this process.
  • each element on the Web page may be certified prior to assembly, as described above with respect to Figure 8 and in U.S. Patent Application No.
  • each element may be certified as part of the Web page on an ad hoc basis, i.e., during assembly.
  • certification may take place following assembly of the Web page.
  • pre-assembly rules 90 control certification prior to assembly
  • during-assembly rules 91 control certification during assembly
  • post-assembly rules 92 control certification post assembly.
  • each of these includes prologue rules, body rules, and epilogue rules, which can specify an order of execution for the rules.
  • step S506 assembly engine 25 extracts identification and certification information from each element of the Web page. For example, it extracts the URL of the Web page, the digital signature and/or content of each element (e.g., elements 43, 44 and 45 in Figure 4) in the Web page, an identification number of each element, etc.
  • assembly engine 25 issues a request to certification server 7. This is depicted graphically in Figure 11.
  • the request can be encrypted for security purposes, and includes the information extracted in step S506, together with a request for certification of the Web page .
  • step S508 determines whether the Web page is certified, meaning that the information contained therein is valid.
  • the certification process is performed in certification server 7 by certification engine 41.
  • the Web server and certification server functions may be implemented on the same computer, in which case the certification process would take place on that single computer.
  • FIG 12 depicts the certification process.
  • certification server 7 receives the request for certification from assembly engine 25 on Web server 9. Based on this request, and the information contained therein, certification engine 41 determines whether the information in the Web page complies with the set of rules stored therefor. To this end, certification engine 41 determines whether each of the elements that make up the Web page corresponds to at least one of the alternatives contained in the manifest for that Web page. This is done in step S1202, e.g., by comparing an assigned identification number or hash for each element to those contained in the manifest.
  • step S1203 certification engine 41 also determines whether that element is certified. This is done, e.g., by comparing one or more of the digital signature, content, etc. for that element to corresponding verification information therefor. If there is a match, then that individual element is considered certified. Alternatively, certification information can be included in the manifest, in which case the manifest can be consulted to determine whether each element is certified.
  • step S1204 certification engine 41 also determines whether that element is certified.
  • Each such element includes a manifest, and a requisite rule or rules are executed for that element. The results of these executions are certified by subsequent rules to see what form of certification is required for the entire Web page. This process is similar to that described above .
  • the certification of the entire page depends upon the epilogue rules working on the certification results of the prologue and the body. In the absence of any explicit global certification rules, rules from a zone or site manifest (described below) may be used.
  • the invention provides for several different levels of certification. For example, three such levels may be provided, including “high” (or “platinum”) indicating that the information is highly reliable, “medium” (or “gold”) indicating a relatively lower degree of reliability, and “low” (“silver” or “bronze”) indicating a still lower degree of reliability. Though only three levels of certification are described here, the invention is not limited to three. Rather, any number of certification levels may be used.
  • the level of certification for each alternative in a Web page manifest is preferably stored in the rule for that alternative. Accordingly, returning to Figure 5, if the Web page is certified in step S508, in step S509 certification engine 41 may extract a level of certification (not shown) for each element in the Web page using the manifest.
  • a level of certification for the entire Web page can be determined.
  • the level of certification of the entire Web page will correspond to the lowest level of certification of an element on that Web page.
  • other methods of determining the certification level of the entire Web page may also be used with the invention.
  • step S510 certification engine 41 issues a message 74 to assembly engine 25.
  • the message indicates that the Web page has been certified.
  • the message may also include a certificate that is transmitted to the user and displayed along with the Web page, as shown in Figure 13.
  • An example of such a certificate 78 is shown in Figure 14. Where more than one level of certification is provided, the message and/or certificate may also indicate the level of certification for the Web page.
  • step S508 in a case that the Web page has not been certified, message 74 is still output by certification engine 41 in step S511. This time, however, the message indicates that the Web page has not been certified.
  • the message may then be transmitted from Web server 9 to client 6 and/or to the Web site administrator. In a case that the message is provided to the site administrator, it may include instructions indicating exactly which portions of the Web page were not certified and why.
  • this message indicating that the Web page is not certified may be transmitted to the client, where it is displayed.
  • the Web site content may or may not be transmitted and displayed therewith, depending upon how the system is configured.
  • the certification process ends.
  • partial certification of a Web page may be provided. More specifically, to certify the contents of a Web page in accordance with the process shown in Figure 5, each element thereof must correspond to one alternative in the Web page manifest. If one element is not found on the manifest, the Web page will not be certified. In alternative embodiments, however, partial certification of a Web page may be provided if at least one element on the Web page corresponds to at least one alternative in the manifest for that Web page. In the case of partial certification, the output message and/or certificate would be changed accordingly.
  • certification engine 41 organizes individual Web pages on a Web site into zones. Which zone a particular Web page is in depends upon the rules stored in a manifest for that zone. For example, which zone a Web page is located in may depend upon a level of certification of that Web page. In this example, the level of certification of dynamic Web pages may be determined in the manner described above. However, since this aspect is not limited to use with dynamic Web pages, certification can be achieved using any method.
  • Figure 15 shows process steps for implementing this aspect of the system. These process steps may be executed to define a single zone. Other zones may be defined in the same manner.
  • the process of Figure 15 may be implemented on certification server 7 in certification engine 41 or, alternatively, on a similar program executing on Web server 9.
  • Step S1501 begins the process. More specifically, step S1501 stores a manifest containing one or more rules that define which pages may be included in the zone. As above, these rules may be defined and input by the administrator of a Web site. The rules may include a variety of factors.
  • the rules may define a specific level of certification required for Web pages in the zone, a "type" of Web page that may be included in the zone (e.g., products as defined by a URL such as "www.NovaSoft.com/products” or other means), and the like. Additional rules may also be provided to further differentiate the zones. For example, if a zone specifies "products for sale", a rule may be included in the manifest to specify that only products having a release date "less than or equal to today" may be included in the zone.
  • Figure 16 depicts an example of a "products for sale” manifest that may be used by the present invention to define such a zone.
  • certification engine 41 examines the content of Web pages in the Web site in order to determine which of those Web pages belong in the current zone.
  • a single Web page may be included in more than one zone; however, for the sake of clarity, the present description will assume that each Web page is included in only one zone.
  • Step S1502 thus selects each Web page, e.g., by its URL, and then step S1503 determines whether that page complies with the rules set forth in the zone manifest.
  • step S1503 may determine the certification level of the Web page by examining its certification information, as well as any other information required for the zone. That is, step S1503 may determine whether the Web page is related to a product by examining the page's URL, and whether the product has been released as of "today" by examining the content of the Web page. Other information may also need to be examined depending upon the number and type of rules specified in the zone manifest.
  • step S1504 concludes that the Web page belongs in the current zone. Accordingly, processing proceeds to step S1504.
  • Step S1504 associates each complying page with the current zone. This can be done in a number of ways. For example, step S1504 may incorporate, into a manifest of each complying Web page, a rule indicating that the Web page is part of the current zone. Instead of, or in addition to, incorporating a rule into the Web page's manifest, step S1504 may incorporate into the zone manifest one or more rules indicating which Web pages are part of the zone. For example, the URLs of Web pages included in a zone may be included in that zone's manifest.
  • Step S1505 determines whether any unexamined Web pages remain in the site. If there are such pages, processing returns to step S1502, whereafter steps S1503 to S1505 are repeated for the remaining images. Otherwise, processing for the current zone ends.
  • Figure 17 shows an abstract view of a Web site that has been divided into three zones -- a "products for sale” zone 80, an "unsupported tools” zone 81, and a "personal opinions” zone 82. In this example, all Web pages 84 in the "products for sale” zone have a "high" certification level
  • Web pages in a particular zone may contain visible certification (or other "type") indicators. Accordingly, a user can determine in which zone a Web page is located simply by looking at the indicator. In cases where the Web server and certi ication server are one in the same, certification engine 41 may simply incorporate the appropriate certification indicators into the appropriate Web pages. Where the two servers are different, certification server 7 may provide the certification indicators to Web server 9, which may then incorporate them into the Web pages for the site. In preferred embodiments, the invention also maintains a record of movement between zones. That is, each time a user enters a new URL via browser 24, there is the potential of movement to a different zone. Each time the user enters a new zone, Web server 9 and/or certification server 7 may issue a message to the user to that effect.
  • One or both of these servers may maintain a record of URLs and corresponding zones visited by the user during a predetermined period of time.
  • the present invention also can be used to define a manifest for an entire Web site.
  • the manifest for a Web site would be similar to that shown in Figure 16 for a zone. Accordingly, a detailed description thereof is omitted here for the sake of brevity. Suffice it to say, that rules for a site manifest may be based on certification, as described above, or any other relevant information. Only Web pages and zones that comply with the site manifest may be included in that site. Moreover, a site-wide certification, similar to that described above for zones can be provided for sites.

Abstract

The client-server system disclosed herein is used to certify computer-generated content (62), such as web pages. In operation, the client (6) generates content (62) and outputs information (64) corresponding thereto to the server. The server stores a set of rules that contains alternatives (54) for information (64) that may be included in the content (62), and determines whether the information (64) in the content (62) corresponds to at least one of the alternatives (54) contained in the set of rules. If the information (64) corresponds to at least one alternative (54), the server issues a certification confirming the validity of the content (62).

Description

DYNAMIC CONTENT CERTIFICATION
Cross Reference To Related Application U.S. Patent Application No. 09/248,370, filed
February 8, 1999 and entitled "Content Certification", is hereby incorporated by reference into the subject application as if set forth herein in full.
Background of the Invention
Field of the Invention
The present invention is related to certifying computer-generated content, such as Web pages.
Description of the Related Art
Various systems currently exist for certifying the content of computer-generated data, such as Web pages. For example, U.S. Patent Application No. 09/248,370 describes a certification system that incorporates digital signatures into Web pages, and that maintains a record associating each Web page with a corresponding digital signature. To certify a Web page, the system compares the digital signature of a displayed Web page to that maintained in the record. If the two match, the Web page is certified; otherwise it is not. Java JAR is example of a certification system that uses lists and digital signatures. Briefly, Java JAR is directed to ensuring the integrity of information in
"composite" files; that is, files which contain multiple components, each of which has its own guarantee of integrity. An example of composite is Web page 1 of Figure 1 which may include image element 2 , image element 4 , and image element 5. The Java JAR system confirms that the content is intact by comparing the content with a hash code generated therefrom by the sender and encrypted with a key to guarantee its authenticity.
While systems like those above go a long way toward increasing the reliability of computer-generated content such as Web pages, there is still room for improvement. In particular, conventional certification systems are limited to certifying "static content", meaning content that is specified absolutely in a page. In this regard, it is also possible to specify content generically. In this case, a content specification is mapped into actual content on a server. The specification may be a URL which is dynamically interpreted based on user context (such as identity or location) , a piece of code executed on the server, a construct such as an HTML form, a piece of code executed on a browser, or a database query executed on the server.
Some content, such as Web pages, is only specified generically. For example, a dynamic Web page is comprised of static and, possibly, dynamic elements. The Web page is dynamic if at least some of the static elements can be substituted for one another. A common example of a dynamic Web page is a page that "builds" an automobile in response to user selection of features such as model, year, color, etc., and that displays an image of the resulting automobile together with its price. In this example, different alternatives may be displayed on the same page depending on the user's selection of features.
Because the information contained in dynamic content, such as Web pages, databases, etc., can be changed, conventional certification systems are unable to certify such content. Accordingly, there exists a need for a certification system that is capable of certifying dynamic content . Summary of the Invention The present invention addresses the foregoing needs. Specifically, the invention is a system that certifies dynamically-generated content such as interactive Web pages. To this end, the invention stores a set of rules containing alternatives as to what information may be included in the content. For example, in the case of the automobile Web page noted above, the alternatives contained in the set of rules may correspond to models that are available from a particular manufacturer. Hence, the alternatives may indicate that information corresponding to those models (e.g, their images) may be included in the Web page.
When invoked at any point in the assembly process, the invention determines whether each element of information for which certification is required obeys the rules specified for it, and what the certification result for the element is. The certification result for content, such as a Web page, is then determined based on additional rules involving the certification results of the elements and the context of the page. All rules can take into consideration information from their context. This context includes the identity, authorization and location of the user, the date, parameters which may have been set by the user or by an authorized person or process on the server, or any other information that can be exposed programmatically as property. In one aspect, the certification process can be recursive. That is, the individual elements may have groups of rules for themselves and any of their subsidiary elements. This increases the utility of the system by allowing complex structures to be built.
Plural (e.g., two or more) levels of certification are provided in preferred embodiments of the invention. For example, different levels of certification may be provided for different alternatives, e.g., "high" indicating a high degree of reliability, "medium" indicating a relatively lower degree of reliability, and "low" indicating a low degree of reliability. Thus, the level of certification of particular content depends on which alternatives match the elements of information contained therein.
The invention is preferably implemented using a client-server architecture. Specifically, the client requests content (e.g., a Web page), and the server assembles information contained in the requested content and processes the information in the manner described above to determine whether or not to certify the content.
Thus, according to one aspect, the present invention is a system for certifying computer-generated content. The system includes a client which outputs information corresponding to the content . A server stores a set of rules that contains alternatives for information that may be included in the content, and determines whether the information from the content corresponds to at least one of the alternatives contained in the set of rules. The server issues a certification confirming the validity of the content in a case that the information corresponds to at least one alternative.
In preferred embodiments, the invention incorporates one or more of the following features/functions: The client requests content with dynamic components or engages in a dynamic interaction such as a form response or query. The determining performed by the server determines whether the result obeys its certification requirements. The determining performed by the server determines whether the plural elements of information correspond to the alternatives. The client includes a user interface, and the content is generated on the client in accordance with information input via the user interface. The content comprises a Web page. The alternatives in the set of rules apply to programs that may be executed via the content . The alternatives in the set of rules apply to individual objects such as images which may be incorporated into the content . The client (i) displays the content, and (ii) displays a certification along with the content, the certification indicating that the content has been certified. The content is not certified in a case that the information therein does not correspond to at least one alternative. Either the server outputs the message to the client and the client displays the message to the user or, if the server is working cooperatively with an assembly engine, it may output the message to the assembly engine. The client may display the content together with the message. Certification results may correspond to a plurality of certification levels and the issuing performed by the server certifies the information in the content at one of the plurality of certification levels based on a result of execution of rules for the content. The plurality of certification levels include "high" indicating a high degree of reliability, "medium" indicating a relatively lower degree of reliability, and "low" indicating a low degree of reliability. The client displays the content, and the determining performed by the server can be performed either before, during or after the content is assembled.
Advantages of the invention in addition to those set forth above will become apparent in view of the following description, including the figures, and the claims. Brief Description of the Drawings Figure 1 shows a composite Web page. Figure 2 shows a network system on which the certification process may be implemented. Figure 3 shows the graphical user interface of a Web browser that may be used with the certification process.
Figure 4 shows a dynamic Web page that can be certified by the certification process.
Figure 5 shows process steps for certifying a dynamic Web page.
Figure 6 shows an example of a manifest used by the certification process to certify a dynamic Web page.
Figure 7 shows a Web page that can be used to initiate certification of individual static elements of a dynamic Web page.
Figure 8 shows the process of certifying individual static elements of a dynamic Web page.
Figure 9 shows a client retrieving a dynamic Web page from a Web server. Figure 10 shows providing user input to a Web server.
Figure 11 shows requesting certification of a dynamic Web page.
Figure 12 shows process steps for certifying the content of dynamic Web pages and other dynamically-generated content .
Figure 13 shows issuing a certification message relating to a certification of a dynamic Web page.
Figure 14 shows a certificate that may be issued for certified Web pages.
Figure 15 shows process steps for organizing Web pages (or other content) into zones. Figure 16 shows an example of a manifest used to organize content into zones.
Figure 17 is an abstract view of Web pages on a Web site organized into zones.
Description of the Preferred Embodiments
The following description of the preferred embodiments of the invention relates to Web pages. It is noted up front, however, that the invention is not limited to use with Web pages. Rather, all aspects of the invention can be used with any computer-generated content including, but not limited to, rows in a database, an entire database, computer-generated queries, documents, and the like.
The present invention is preferably implemented using a client-server architecture, such as that shown in Figure 2. This architecture includes client 6, certification server 7, and Web server 9 connected via network 10. Network 10 may comprise any type of network or communications medium, including, but not limited to, one or more of the following: the Internet, a local area network ("LAN"), a wide area network ("WAN"), a wireless (e.g., ATM) network, a logical network within a single computer, some other form of programmatic communication such as interprocess communications or dynamic link libraries, or any combination thereof. Client 6 is preferably a personal computer ("PC") or similar data processing device. Client 6 includes network interface 11 for interfacing to network 10, display screen 12 for displaying information to a user, keyboard 14 for inputting text and user commands, mouse 15 for positioning a cursor on display screen 12 and for inputting user commands, disk drive 16 for reading from and writing to floppy disks installed therein, and CD-ROM drive 17 for accessing data stored on CD-ROM.
Close-up view 18 shows the internal structure of client 6. Client 6 includes memory 19 which is a computer- readable medium, such as a computer hard disk, for storing information. In the preferred embodiment memory 19 stores operating system 20, applications 21, and data 22. Microsoft™ Windows98™ is a one operating system that may be used with the invention; however, the invention is not limited to use therewith.
Applications 21 include Web browser 24, among others . An example of a Web browser that may be used with the invention is Netscape™ Navigator™. Web browser 24 displays a graphical user interface ("GUI") to a user, through which the user may access information via the
Internet (e.g., Web sites, individual Web pages, etc.). An example of such a GUI is shown in Figure 3.
Client 6 also includes display interface 26, keyboard interface 27, mouse interface 29, disk drive interface 30, CD-ROM drive interface 31, computer bus 32,
RAM 34, and processor 35. Processor 35 preferably comprises a microprocessor or the like for executing applications, such as those noted above, out of RAM 34. Such applications, including browser 24, may be stored in memory 19 as noted above or, alternatively, on a floppy disk in disk drive 16 or CD-ROM in CD-ROM drive 17. In this regard, processor 35 accesses applications and data stored on floppy disk via disk drive interface 30 and accesses applications and data stored on CD-ROM via CD-ROM interface 31. Web server 9 may comprise a computer having features similar to client 6 for providing remote access to the Web site of an organization. Web server 9 is connected to other computers (not shown) in the organization via LAN 36 (or network 10) . Web server 9 is also connected to certification server 7 via network 10 or other medium.
Web server likewise includes a processor 23 and a memory 28, among other things, as shown in close-up view 13. Stored in this memory is assembly engine 25 and Web page elements 33. Assembly engine 25 is a program that is executed by processor 23 to assemble Web pages. More specifically, a single Web page may be composed of a plurality of static and dynamic elements, such as images, applets, text, sound, other Web pages, etc. In response to requests received from client 6, assembly engine 25 retrieves those elements (e.g., from memory 28) and combines them in a predetermined manner so as to form the Web page . Representative examples of commercially-available assembly engines that may be used in connection with the present invention include ATG Dynamo, Servlets, JSP and ASP
Certification server 7 likewise preferably comprises a computer having features similar to client 6. As shown in close-up view 38, certification server 7 includes, among other things, memory 39 for storing both applications and certification information 48 which includes the manifests described below. Memory 39 may include one or more memory devices, such as a computer hard disk, redundant array of inexpensive disks ("RAID"), optical disk drive, and the like. Processor 40 is also included on certification server 7 so as to execute applications stored in memory 39 and to provide the resulting output to the network.
Among the applications stored in memory 39 is certification engine 41. Certification engine 41 comprises computer-executable code that runs on certification server 7 to certify Web.pages and other dynamic pages based on their content and/or certification information stored in their elements. Certification engine 41 also organizes sets of Web pages into plural zones based on their levels of certification, the type of information contained therein, or the like, as described in more detail below.
It is noted that certification server 7 and Web server 9 may be one in the same; however, since this is not a requirement, the more general case of separate Web and certification servers is depicted in Figure 2. For that matter, the invention may also be implemented, in its entirety, on a single computer. That is, the functions of client 6, certification server 7 and Web server 9 (or its equivalent) may be implemented on a single computer.
Dynamic Content Certification
Figures 4 to 14 depict the operation of certification engine 41 in the context of certifying dynamically-generated (or simply "dynamic") Web pages. At this point, it is repeated that although this embodiment of the invention is described with respect to Web pages, the invention is not limited to use with Web pages and can be used to certify any computer-generated content. As described in the "Background", a Web page is dynamic if any of its contents is specified generically or generated programmatically or by query or in any other situation where the content is not specified uniquely and immutably a priori. That is, many Web pages are composites, meaning that they are composed of plural elements such as images, applets, text, sound, etc. Each individual element may be static if all of its components are specified uniquely and immutably a priori; however, the Web page itself is still dynamic if the specification of the elements within the page are not so specified. It is also possible for the elements themselves to be dynamic because of their components or because they are programs or queries. The resolution of these dynamic objects to static objects generally occurs in the assembly engine, but it is also possible for this process to occur in the browser (e.g., with JavaScript) . In this regard, there is no reason, in principle, why some or all of the functions of the certification server could not take place in the client given the necessary integration with the browser.
By way of example, Figure 4 shows a hypothetical Web page 42 displayed by browser 24. Web page 42 "builds" an automobile based on user-selected features such as model, year, color, stereo, etc. That is, Web server 9 stores, in a manifest for Web page 42, plural alternatives for text element 43 and image elements 44 and 45. A user selects which features 46 are to be included in the automobile, and a program or applet resident on Web page 43 determines which of the text and images stored on Web server 9 should be displayed as elements 43, 44 and 45 based on the selected features. Browser 24 then transmits this information to Web server 9, where assembly engine 25 retrieves the appropriate text and images from memory 28 (or, more generally, any database on which they reside) and assembles them into Web page 42. Though text and images are depicted in Figure 4, the alternatives are not limited to these; that is, the alternatives may include sound, applets or any other type of information that can be incorporated into a Web page. Figure 5 shows process steps for certifying a dynamic Web page. Though the process steps of Figure 5 are directed to certification of a Web page, once armed with the disclosure herein, one of ordinary skill in the art could easily use these steps to certify any type of computer- generated dynamic content .
The process of Figure 5 begins in step S501 by defining a manifest for the Web page. The manifest is generally defined by the administrator of the Web site on which the Web page resides and provided to certification server 7 where it is indexed to the URL of the Web page and stored in memory. The manifest includes a set of rules that specify information to be included on the Web page. In the present invention, the set of rules includes alternatives for information that may be included on the Web page, though they may specify required information as well.
An example of a manifest 47 for Web page 42 is shown in Figure 6. As shown, manifest 47 includes a rule 49 requiring display of an automobile image, which defines alternatives 54 (e.g., an image of a convertible, an image of a 4-wheel drive vehicle, etc.). It also includes a rule 55 requiring validation of the certification results. This may be done in accordance with a program or applet on the Web page .
Certification information for the rules is provided in step S502 (which may be performed before or after step S501) . That is, step S502 confirms that each alternative element (e.g., image, applet, etc.) that could be included on the Web page is certified. For Web page 42, this means confirming that each image element 44 and 45, and any other information that Web page 42 may include, is certified. In the preferred embodiment of the invention, the certification of static elements in step S502 is performed by certification engine 41 in accordance with the process described in U.S. Patent Application No. 09/248,370. A brief description of this process is as follows.
Figure 7 shows a password protected Web page 57 for requesting certification of an element. On Web page 57, an element, such as an image, is submitted for certification simply by dragging and dropping it onto one or more of defined certification controls 59 and 60. The certification control that receives the element prepares and transmits a certification request to certification server 7 specifying the content of the element and the certification desired. As shown in Figure 8, a certification request 61 includes content 62 of the element submitted for certification, together with other information 64 such as the certification desired (e.g., site-wide certification, legal department certification, etc.), the author (s) of the element, and a uniform resource locator ("URL") that specifies a Web page on which the element is to be located. Request 61 may also include information such as an element revision number, content keywords, title, etc.
Certification server 7 processes the received certification requests by distributing content 62 to those in an organization that could potentially provide approval for certification. For example, certification server 7 may distribute the content to all members of the organization's legal department when a request is made for legal department certification. Workflow software, E-mail daemons, and other techniques, executing on computers other than the certification server, can alternatively be used to distribute the content for certification.
As shown in Figure 8, after an individual 65 receives and reviews the content, the individual can notify certification server 7 of his approval by sending a certification message 66. Certification message 66 can include the content and the other information included in the certification request. This message can also include information 67 that describes the individual transmitting the certification message, the type of certification granted (e.g., an individual may have the capacity to certify content for both the marketing and legal departments of the organization), and a level of approval (e.g., "for internal use only" or "for publication on the Internet") . Additionally, the certification message may include a digital signature 68 belonging to the individual submitting the certification message and information to confirm the digital signature (e.g., X.509), or it may include information used by other authentication techniques.
Certification engine 41 processes received certification messages in accordance with certifying instructions. These instructions may be embedded in certification engine 41 or retrieved thereby. In one embodiment of the invention, these certifying instructions authenticate a certification message to ensure that an individual claiming to have approved the submitted content was, in fact, the one who produced certification message 66. After authentication, the certifying instructions can determine whether certification message 66 satisfies the criteria for the certification requested. For example, the certifying instructions can determine whether certification message 66, alone or in combination with previously-received certification messages, is sufficient to obtain legal department certification.
If the received certification message 66 does not satisfy the requisite certification criteria, the certifying instructions can store the received certification and await further certification messages. The process may store a hash for submitted content awaiting further certification to ensure that subsequent certification is for the same content as the certification already received. The process can also attempt to certify any links or other objects referenced by the content.
If certification message 66 satisfies the requisite certification criteria, the certifying instructions determine verification information from the certified content or other information provided. In this regard, verification information includes data that identifies the certified content such as a URL, compressed or uncompressed portions of the content, and/or an assigned identification number. The verification information may also include one or more hash keys (e.g., an MD5 hash and an SHA hash) . A hash key is produced by a one-way function and typically requires little storage space (e.g., 160-bits) , and is nearly guaranteed to be unique for given content . After storing the content's certification and verification information, e.g., in memory 39, the certifying instructions can produce a digital signature (e.g., a W3C DSig (Digital Signature Group) compliant signature) for content 62. This digital signature can include computed hash, the content's URL, or any other verification or certification information (not shown) .
Once the digital signature has been generated, the certifying instructions determine whether content 62 can be dynamically modified to include the digital signature. For example, HTML and XML permit dynamic insertion of digital signatures into the content (e.g., as header information or as a newly defined tag) . Inclusion of the digital signature in content 62 ensures that the digital signature travels with the content. Thereafter, certified content 69, including the digital signature, is transmitted back to Web server 9, as shown in Figure 8.
Returning to Figure 5, following step S502 processing proceeds to step S503. In this regard, any page, even an initial page, may be subject to the certification process of the present invention. Thus steps S503 and S504 are not necessary, since any attempt to retrieve a page may start at step S505. Nevertheless, for illustration's sake, steps S503 and S504 are included in the process. In step S503, a user logs onto client 6, executes browser 24, and requests a Web page from Web server 9. In response to this request, Web server 9 transmits a Web page, such as that shown in Figure 4, to client 6. There, the Web page is displayed. This process is depicted graphically in Figure 9. At this point, it is noted that the invention does not require a user to have an initial page into which to put initial information. Any interaction with the user supplies at least authentication information and perhaps information from "cookies".
Next, in step S504, the user inputs information into the Web page. For example, in the case of Web page 42, the user may select options for building an automobile. Browser 24 transmits these user-selected options (i.e., the user input) to Web server 9, as shown in Figure 10. There, assembly engine 25 determines which elements (e.g., images, text, applets, sound, etc.) are to be included on the Web page. Assembly engine 25 then retrieves the appropriate elements from memory 28 (or any other database on which they reside) , and assembles the Web page therefrom.
Certification of the Web page may take place before, during or after this process.
More specifically, each element on the Web page may be certified prior to assembly, as described above with respect to Figure 8 and in U.S. Patent Application No.
09/248,370. Alternatively, each element may be certified as part of the Web page on an ad hoc basis, i.e., during assembly. As still another alternative, certification may take place following assembly of the Web page. With reference to Figure 6, pre-assembly rules 90 control certification prior to assembly, during-assembly rules 91 control certification during assembly, and post-assembly rules 92 control certification post assembly. As shown, each of these includes prologue rules, body rules, and epilogue rules, which can specify an order of execution for the rules.
Assuming that certification takes place following assembly of the Web page, in step S506 assembly engine 25 extracts identification and certification information from each element of the Web page. For example, it extracts the URL of the Web page, the digital signature and/or content of each element (e.g., elements 43, 44 and 45 in Figure 4) in the Web page, an identification number of each element, etc. Next, in step S507, assembly engine 25 issues a request to certification server 7. This is depicted graphically in Figure 11. The request can be encrypted for security purposes, and includes the information extracted in step S506, together with a request for certification of the Web page .
Thereafter, step S508 determines whether the Web page is certified, meaning that the information contained therein is valid. In the present embodiment, the certification process is performed in certification server 7 by certification engine 41. As noted above, however, in other embodiments of the invention, the Web server and certification server functions may be implemented on the same computer, in which case the certification process would take place on that single computer.
Figure 12 depicts the certification process. To begin, in step S1201, certification server 7 receives the request for certification from assembly engine 25 on Web server 9. Based on this request, and the information contained therein, certification engine 41 determines whether the information in the Web page complies with the set of rules stored therefor. To this end, certification engine 41 determines whether each of the elements that make up the Web page corresponds to at least one of the alternatives contained in the manifest for that Web page. This is done in step S1202, e.g., by comparing an assigned identification number or hash for each element to those contained in the manifest.
For each static element that corresponds to an alternative in the manifest, in step S1203 certification engine 41 also determines whether that element is certified. This is done, e.g., by comparing one or more of the digital signature, content, etc. for that element to corresponding verification information therefor. If there is a match, then that individual element is considered certified. Alternatively, certification information can be included in the manifest, in which case the manifest can be consulted to determine whether each element is certified.
Finally, for each dynamic element that corresponds to an alternative in the manifest, in step S1204 certification engine 41 also determines whether that element is certified. Each such element includes a manifest, and a requisite rule or rules are executed for that element. The results of these executions are certified by subsequent rules to see what form of certification is required for the entire Web page. This process is similar to that described above . Thus, following step S1204 if the Web page complies with the manifest stored on certification server 7, i.e., if each of its elements complies with a rule on the manifest and is certified, then the entire Web page is considered certified. Otherwise, it is not. In this regard, the certification of the entire page depends upon the epilogue rules working on the certification results of the prologue and the body. In the absence of any explicit global certification rules, rules from a zone or site manifest (described below) may be used.
In preferred embodiments, the invention provides for several different levels of certification. For example, three such levels may be provided, including "high" (or "platinum") indicating that the information is highly reliable, "medium" (or "gold") indicating a relatively lower degree of reliability, and "low" ("silver" or "bronze") indicating a still lower degree of reliability. Though only three levels of certification are described here, the invention is not limited to three. Rather, any number of certification levels may be used. The level of certification for each alternative in a Web page manifest is preferably stored in the rule for that alternative. Accordingly, returning to Figure 5, if the Web page is certified in step S508, in step S509 certification engine 41 may extract a level of certification (not shown) for each element in the Web page using the manifest. Of course, if only one level of certification is provided, then that level will be extracted in step S509. Based on the level of certification of each element, a level of certification for the entire Web page can be determined. Generally, the level of certification of the entire Web page will correspond to the lowest level of certification of an element on that Web page. However, other methods of determining the certification level of the entire Web page may also be used with the invention.
Following step S509, processing proceeds to step S510. In step S510, certification engine 41 issues a message 74 to assembly engine 25. This is depicted graphically in Figure 13. In this case, i.e., where the Web page has been certified, the message indicates that the Web page has been certified. The message may also include a certificate that is transmitted to the user and displayed along with the Web page, as shown in Figure 13. An example of such a certificate 78 is shown in Figure 14. Where more than one level of certification is provided, the message and/or certificate may also indicate the level of certification for the Web page. Following step S510, processing ends.
Returning to step S508, in a case that the Web page has not been certified, message 74 is still output by certification engine 41 in step S511. This time, however, the message indicates that the Web page has not been certified. The message may then be transmitted from Web server 9 to client 6 and/or to the Web site administrator. In a case that the message is provided to the site administrator, it may include instructions indicating exactly which portions of the Web page were not certified and why. In step S512, this message indicating that the Web page is not certified may be transmitted to the client, where it is displayed. The Web site content may or may not be transmitted and displayed therewith, depending upon how the system is configured. Following step S512, the certification process ends.
In alternative embodiments of the invention, partial certification of a Web page may be provided. More specifically, to certify the contents of a Web page in accordance with the process shown in Figure 5, each element thereof must correspond to one alternative in the Web page manifest. If one element is not found on the manifest, the Web page will not be certified. In alternative embodiments, however, partial certification of a Web page may be provided if at least one element on the Web page corresponds to at least one alternative in the manifest for that Web page. In the case of partial certification, the output message and/or certificate would be changed accordingly.
Defining Content Zones
This aspect of the system builds on the concept of different certification levels introduced above. Although this embodiment is described in the context of Web pages, the invention can be used with any computer-generated content. In this embodiment, certification engine 41 organizes individual Web pages on a Web site into zones. Which zone a particular Web page is in depends upon the rules stored in a manifest for that zone. For example, which zone a Web page is located in may depend upon a level of certification of that Web page. In this example, the level of certification of dynamic Web pages may be determined in the manner described above. However, since this aspect is not limited to use with dynamic Web pages, certification can be achieved using any method.
Figure 15 shows process steps for implementing this aspect of the system. These process steps may be executed to define a single zone. Other zones may be defined in the same manner. The process of Figure 15 may be implemented on certification server 7 in certification engine 41 or, alternatively, on a similar program executing on Web server 9. Step S1501 begins the process. More specifically, step S1501 stores a manifest containing one or more rules that define which pages may be included in the zone. As above, these rules may be defined and input by the administrator of a Web site. The rules may include a variety of factors. For example, the rules may define a specific level of certification required for Web pages in the zone, a "type" of Web page that may be included in the zone (e.g., products as defined by a URL such as "www.NovaSoft.com/products" or other means), and the like. Additional rules may also be provided to further differentiate the zones. For example, if a zone specifies "products for sale", a rule may be included in the manifest to specify that only products having a release date "less than or equal to today" may be included in the zone. Figure 16 depicts an example of a "products for sale" manifest that may be used by the present invention to define such a zone. Once a set of rules has been defined for the zone, certification engine 41 examines the content of Web pages in the Web site in order to determine which of those Web pages belong in the current zone. In this regard, a single Web page may be included in more than one zone; however, for the sake of clarity, the present description will assume that each Web page is included in only one zone.
Step S1502 thus selects each Web page, e.g., by its URL, and then step S1503 determines whether that page complies with the rules set forth in the zone manifest. For example, step S1503 may determine the certification level of the Web page by examining its certification information, as well as any other information required for the zone. That is, step S1503 may determine whether the Web page is related to a product by examining the page's URL, and whether the product has been released as of "today" by examining the content of the Web page. Other information may also need to be examined depending upon the number and type of rules specified in the zone manifest.
In the case that a Web page complies with the rules in the zone's manifest, step S1503 concludes that the Web page belongs in the current zone. Accordingly, processing proceeds to step S1504. Step S1504 associates each complying page with the current zone. This can be done in a number of ways. For example, step S1504 may incorporate, into a manifest of each complying Web page, a rule indicating that the Web page is part of the current zone. Instead of, or in addition to, incorporating a rule into the Web page's manifest, step S1504 may incorporate into the zone manifest one or more rules indicating which Web pages are part of the zone. For example, the URLs of Web pages included in a zone may be included in that zone's manifest.
Following step S1504, or in a case that a Web page does not comply with the rules of the current zone, processing proceeds to step S1505. Step S1505 determines whether any unexamined Web pages remain in the site. If there are such pages, processing returns to step S1502, whereafter steps S1503 to S1505 are repeated for the remaining images. Otherwise, processing for the current zone ends. However, other zones may be defined, as desired. Figure 17 shows an abstract view of a Web site that has been divided into three zones -- a "products for sale" zone 80, an "unsupported tools" zone 81, and a "personal opinions" zone 82. In this example, all Web pages 84 in the "products for sale" zone have a "high" certification level
(e.g., the information in those pages is guaranteed accurate by the site owner) ; all Web pages in the "unsupported tools" zone have a "medium" certification level (e.g., the information in those pages is deemed useful by the site owner, but its accuracy is not guaranteed) ; and all Web pages in the "personal opinion" zone have a "low" certification level (e.g., the site owner has no opinion concerning the accuracy of the information on those pages) . By virtue of this setup, a user is able to determine, simply by what zone of the Web site the user is in, the reliability of the information contained therein.
In this regard, Web pages in a particular zone may contain visible certification (or other "type") indicators. Accordingly, a user can determine in which zone a Web page is located simply by looking at the indicator. In cases where the Web server and certi ication server are one in the same, certification engine 41 may simply incorporate the appropriate certification indicators into the appropriate Web pages. Where the two servers are different, certification server 7 may provide the certification indicators to Web server 9, which may then incorporate them into the Web pages for the site. In preferred embodiments, the invention also maintains a record of movement between zones. That is, each time a user enters a new URL via browser 24, there is the potential of movement to a different zone. Each time the user enters a new zone, Web server 9 and/or certification server 7 may issue a message to the user to that effect.
One or both of these servers may maintain a record of URLs and corresponding zones visited by the user during a predetermined period of time.
In addition to defining manifests for individual pages and zones, the present invention also can be used to define a manifest for an entire Web site. The manifest for a Web site would be similar to that shown in Figure 16 for a zone. Accordingly, a detailed description thereof is omitted here for the sake of brevity. Suffice it to say, that rules for a site manifest may be based on certification, as described above, or any other relevant information. Only Web pages and zones that comply with the site manifest may be included in that site. Moreover, a site-wide certification, similar to that described above for zones can be provided for sites.
Finally, it is noted that the invention is not limited to use in the exact manner set forth herein. For example, the process steps of Figures 5, 12 and 15 need not be executed in the exact order shown, so long as the functionality of the system is maintained. Also, the invention is not limited to use with the hardware described herein, or to use with the types of images described above. In this regard, the present invention has been described with respect to particular illustrative embodiments. It is to be understood that the invention is not limited to the above-described embodiments and modifications thereto, and that various changes and/or modifications are within the scope of the appended claims. What is claimed is:

Claims

1. A method of certifying computer-generated content, the method comprising: storing a set of rules that contains alternatives for information that may be included in the content; determining whether information in the content corresponds to at least one of the alternatives contained in the set of rules; and issuing a certification confirming the validity of the content in a case that the information corresponds to at least one alternative.
2. A method according to claim 1, wherein the content is generated dynamically from plural elements of information.
3. A method according to claim 2, wherein the determining comprises determining whether the plural elements of information correspond to the alternatives.
4. A method according to claim 3, wherein the set of rules is stored on a central server and the content is generated based on a user input to a client of the central server.
5. A method according to claim 4, wherein the content comprises a Web page; and wherein the elements of information are obtained in response to user inputs on the Web page .
6. A method according to claim 1, wherein the alternatives in the set of rules include programs that may be executed via the content.
7. A method according to claim 1, wherein the alternatives in the set of rules include individual images that may be incorporated into the content .
8. A method according to claim 1, further comprising: displaying the content; and displaying a certification along with the content, the certification indicating that the content has been certified.
9. A method according to claim 1, wherein the information in the content is not certified in a case that the information therein does not correspond to at least one alternative.
10. A method according to claim 9, further comprising, in a case that the content has not been certified, outputting a message indicating that the content has not been certified.
11. A method according to claim 10, further comprising displaying the message to a user.
12. A method according to claim 11, further comprising displaying the content together with the message,
13. A method according to claim 1, wherein each alternative in the set of rules corresponds to one of a plurality of certification levels; and wherein- the issuing comprises certifying the information in the content at one of the plurality of certification levels based on to which of the alternatives the information in the content corresponds.
14. A method according to claim 13, wherein the plurality of certification levels include "high" indicating a high degree of reliability, "medium" indicating a relatively lower degree of reliability, and "low" indicating a low degree of reliability.
15. A method according to claim 1, further comprising assembling the content; wherein determining can be performed either before, during or after the assembling.
16. A system for certifying computer-generated content, the system comprising: a client which outputs information corresponding to the content ; and a server which (i) stores a set of rules that contains alternatives for information that may be included in the content, (ii) determines whether the information from the content corresponds to at least one of the alternatives contained in the set of rules, and (iii) issues a certification confirming the validity of the content in a case that the information corresponds to at least one alternative.
17. A system according to claim 16, wherein the client generates the content dynamically using plural elements of information.
18. A system according to claim 17, wherein the determining performed by the server determines whether the plural elements of information correspond to the alternatives.
19. A system according to claim 18, wherein the client includes a user interface, and the content is generated in accordance with information input via the user interface.
20. A system according to claim 19, wherein the content comprises a Web page.
21. A system according to claim 16, wherein the alternatives in the set of rules include programs that may be executed via the content .
22. A system according to claim 16, wherein the alternatives in the set of rules include individual images that may be incorporated into the content .
23. A system according to claim 16, wherein the client (i) displays the content, and (ii) displays a certification along with the content, the certification indicating that the content has been certified.
24. A system according to claim 16, wherein the content is not certified in a case that the information therein does not correspond to at least one alternative.
25. A system according to claim 24, wherein, in a case that the content has not been certified, the server outputs a message indicating that the content has not been certified.
26. A system according to claim 25, wherein the server outputs the message to the client, and the client displays the message to a user.
27. A system according to claim 26, wherein the client displays the content together with the message.
28. A system according to claim 16, wherein each alternative in the set of rules corresponds to one of a plurality of certification levels; and wherein the issuing performed by the server comprises certifying the information in the content at one of the plurality of certification levels based on to which of the alternatives the information from the content corresponds .
29. A system according to claim 28, wherein the plurality of certification levels include "high" indicating a high degree of reliability, "medium" indicating a relatively lower degree of reliability, and "low" indicating a low degree of reliability.
30. A system according to claim 16, wherein the determining performed by the server can be performed either before, during or after an assembly of the content.
31. A computer program stored on a computer- readable medium to certify computer-generated content, the computer program comprising: code to store a set of rules that contains alternatives for information that may be included in the content ; code to determine whether information in the content corresponds to at least one of the alternatives contained in the set of rules; and code to issue a certification confirming the validity of the content in a case that the information corresponds to at least one alternative.
32. A computer program according to claim 31, wherein the content is generated dynamically from plural elements of information.
33. A computer program according to claim 32, wherein the determining code determines whether the plural elements of information correspond to the alternatives.
34. A computer program according to claim 33, wherein the set of rules is stored on a central server and the content is generated based, at least in part, on a user input to a client of the central server.
35. A computer program according to claim 34, wherein the content comprises a Web page; and wherein the elements of information are obtained in response to user inputs on the Web page.
36. A computer program according to claim 31, wherein the alternatives in the set of rules include programs that may be executed via the content .
37. A computer program according to claim 31, wherein the alternatives in the set of rules include individual images that may be incorporated into the content .
38. A computer program according to claim 31, further comprising: code to output the content; and code to output a certification along with the content, the certification indicating that the content has been certified.
39. A computer program according to claim 31, wherein the information in the content is not certified in a case that the information therein does not correspond to at least one alternative.
40. A computer program according to claim 39, further comprising code to output a message indicating that the content has not been certified in a case that the content has not been certified.
41. A computer program according to claim 40, wherein the outputting code outputs the message to a user.
42. A computer program according to claim 41, wherein the outputting code outputs the content together with the message.
43. A computer program according to claim 31, wherein each alternative in the set of rules corresponds to one of a plurality of certification levels; and wherein the issuing code certifies the information in the content at one of the plurality of certification levels based on to which of the alternatives the information in the content corresponds.
44. A computer program according to claim 43, wherein the plurality of certification levels include "high" indicating a high degree of reliability, "medium" indicating a relatively lower degree of reliability, and "low" indicating a low degree of reliability.
45. A computer program according to claim 31, wherein the determining code executes either before, during or after an assembly of the content.
PCT/US2001/009581 2001-03-26 2001-03-26 Dynamic content certification WO2002078259A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2001/009581 WO2002078259A1 (en) 2001-03-26 2001-03-26 Dynamic content certification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2001/009581 WO2002078259A1 (en) 2001-03-26 2001-03-26 Dynamic content certification

Publications (1)

Publication Number Publication Date
WO2002078259A1 true WO2002078259A1 (en) 2002-10-03

Family

ID=21742439

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/009581 WO2002078259A1 (en) 2001-03-26 2001-03-26 Dynamic content certification

Country Status (1)

Country Link
WO (1) WO2002078259A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7003661B2 (en) 2001-10-12 2006-02-21 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7114177B2 (en) 2001-03-28 2006-09-26 Geotrust, Inc. Web site identity assurance
US7694135B2 (en) 2004-07-16 2010-04-06 Geotrust, Inc. Security systems and services to provide identity and uniform resource identifier verification

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5894554A (en) * 1996-04-23 1999-04-13 Infospinner, Inc. System for managing dynamic web page generation requests by intercepting request at web server and routing to page server thereby releasing web server to process other requests
US6018801A (en) * 1998-02-23 2000-01-25 Palage; Michael D. Method for authenticating electronic documents on a computer network
US6131162A (en) * 1997-06-05 2000-10-10 Hitachi Ltd. Digital data authentication method
US6236978B1 (en) * 1997-11-14 2001-05-22 New York University System and method for dynamic profiling of users in one-to-one applications

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5894554A (en) * 1996-04-23 1999-04-13 Infospinner, Inc. System for managing dynamic web page generation requests by intercepting request at web server and routing to page server thereby releasing web server to process other requests
US6131162A (en) * 1997-06-05 2000-10-10 Hitachi Ltd. Digital data authentication method
US6236978B1 (en) * 1997-11-14 2001-05-22 New York University System and method for dynamic profiling of users in one-to-one applications
US6018801A (en) * 1998-02-23 2000-01-25 Palage; Michael D. Method for authenticating electronic documents on a computer network

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7114177B2 (en) 2001-03-28 2006-09-26 Geotrust, Inc. Web site identity assurance
US7552466B2 (en) 2001-03-28 2009-06-23 Geotrust, Inc. Web site identity assurance
US7003661B2 (en) 2001-10-12 2006-02-21 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7120929B2 (en) 2001-10-12 2006-10-10 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7562212B2 (en) 2001-10-12 2009-07-14 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US8028162B2 (en) 2001-10-12 2011-09-27 Geotrust, Inc. Methods and systems for automated authentication, processing and issuance of digital certificates
US7694135B2 (en) 2004-07-16 2010-04-06 Geotrust, Inc. Security systems and services to provide identity and uniform resource identifier verification

Similar Documents

Publication Publication Date Title
KR100851710B1 (en) Lateral search
US5864871A (en) Information delivery system and method including on-line entitlements
JP3771822B2 (en) Data retrieval method, system, and program
US20020059364A1 (en) Content certification
JP4738708B2 (en) Evidence-based security policy manager
US20040117376A1 (en) Method for distributed acquisition of data from computer-based network data sources
US20120117171A1 (en) Delivering electronic content
US20020059369A1 (en) Method and apparatus for creating and distributing non-sensitized information summaries to users
US20040012626A1 (en) Method for creating configurable and customizable web user interfaces
US20010054153A1 (en) System and method for determining user identity fraud using similarity searching
JP2005242586A (en) Program, apparatus, system and method for providing document view
AU2007203146A1 (en) Use of extensible markup language in a system and method for influencing a position on a search result list generated by a computer network search engine
KR20010092785A (en) System and method of presenting channelized data
US7502774B2 (en) Ring method, apparatus, and computer program product for managing federated search results in a heterogeneous environment
US8050980B2 (en) Secure downloading of a file from a network system and method
JP2006512693A (en) A knowledge management system for law firms.
WO1997046950A1 (en) Information delivery system and method
AU2010201642A1 (en) Remote module incorporation into a container document
WO2001040920A1 (en) Data processing system for targeted content
US20100122179A1 (en) Visual cabinet system for data display method using its system
US8095873B2 (en) Promoting content from one content management system to another content management system
US20020165940A1 (en) Computer system, a method and a program for providing a Web page appropriate to a user
WO2000046681A1 (en) Content certification
JP2002117215A (en) Patent management system
GB2397915A (en) User editable server side web page editor

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP