WO2002102011A3 - System and method for maintaining state between a client and server - Google Patents

System and method for maintaining state between a client and server Download PDF

Info

Publication number
WO2002102011A3
WO2002102011A3 PCT/US2002/018254 US0218254W WO02102011A3 WO 2002102011 A3 WO2002102011 A3 WO 2002102011A3 US 0218254 W US0218254 W US 0218254W WO 02102011 A3 WO02102011 A3 WO 02102011A3
Authority
WO
WIPO (PCT)
Prior art keywords
client
server
maintaining state
web applications
identifier
Prior art date
Application number
PCT/US2002/018254
Other languages
French (fr)
Other versions
WO2002102011A8 (en
WO2002102011A2 (en
Inventor
Mark Seiler
Barry J Glick
Ronald S Karpf
Original Assignee
Mark Seiler
Barry J Glick
Ronald S Karpf
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mark Seiler, Barry J Glick, Ronald S Karpf filed Critical Mark Seiler
Priority to AU2002312425A priority Critical patent/AU2002312425A1/en
Publication of WO2002102011A2 publication Critical patent/WO2002102011A2/en
Publication of WO2002102011A8 publication Critical patent/WO2002102011A8/en
Publication of WO2002102011A3 publication Critical patent/WO2002102011A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0492Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/142Managing session states for stateless protocols; Signalling session states; State transitions; Keeping-state mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/535Tracking the activity of the user
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2111Location-sensitive, e.g. geographical location, GPS
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/101Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying security measures for digital rights management

Abstract

A method and apparatus for maintaining state between a client (100) and a server( 130) while protecting security and privacy allows the server (130) to monitor and maintain a record of the client's current transaction status via a unique identifier. Generally, the client (100) generates a unique identifier, which it transmits to web applications (134) on remote servers (134) during transactions. The web applications (134) can track a series of continuous and related requests using this identifier to better serve the client (100). Thus, by maintaining state with web applications (134), the clients (100) can take advantage of increased services than otherwise possible operating in a stateless protocol. However, the client (100) is able to periodically change this identifier when the user desires anonymity.
PCT/US2002/018254 2001-06-13 2002-06-05 System and method for maintaining state between a client and server WO2002102011A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002312425A AU2002312425A1 (en) 2001-06-13 2002-06-05 System and method for maintaining state between a client and server

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/880,308 2001-06-13
US09/880,308 US20020051541A1 (en) 2000-10-30 2001-06-13 System and method for maintaining state between a client and server

Publications (3)

Publication Number Publication Date
WO2002102011A2 WO2002102011A2 (en) 2002-12-19
WO2002102011A8 WO2002102011A8 (en) 2003-04-24
WO2002102011A3 true WO2002102011A3 (en) 2003-07-24

Family

ID=25376002

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/018254 WO2002102011A2 (en) 2001-06-13 2002-06-05 System and method for maintaining state between a client and server

Country Status (3)

Country Link
US (1) US20020051541A1 (en)
AU (1) AU2002312425A1 (en)
WO (1) WO2002102011A2 (en)

Families Citing this family (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8218766B2 (en) * 2001-10-17 2012-07-10 Sirf Technology, Inc. Systems and methods for facilitating transactions in accordance with a region requirement
US20030220901A1 (en) * 2002-05-21 2003-11-27 Hewlett-Packard Development Company Interaction manager
US20060075399A1 (en) * 2002-12-27 2006-04-06 Loh Choo W System and method for resource usage prediction in the deployment of software applications
US7185238B2 (en) * 2003-09-30 2007-02-27 Sap Ag Data loss prevention
US7472190B2 (en) * 2003-10-17 2008-12-30 International Business Machines Corporation Method, system and program product for preserving a user state in an application
US20050138571A1 (en) * 2003-12-18 2005-06-23 Keskar Dhananjay V. Dynamic detection of device characteristics
US20070100968A1 (en) * 2005-10-27 2007-05-03 Nokia Corporation Proprietary configuration setting for server to add custom client identity
US8126778B2 (en) 2007-03-19 2012-02-28 Ebay Inc. Network reputation and payment service
US9524496B2 (en) * 2007-03-19 2016-12-20 Hugo Olliphant Micro payments
EP2153609A4 (en) * 2007-06-01 2010-09-22 Research In Motion Ltd Method and apparatus for communicating compression state information for interactive compression
US20090089420A1 (en) * 2007-10-01 2009-04-02 Michael Caruso Flash tracking system and method
US8583810B2 (en) * 2008-01-04 2013-11-12 Red Hat, Inc. Session affinity cache and manager
US7937383B2 (en) * 2008-02-01 2011-05-03 Microsoft Corporation Generating anonymous log entries
KR100928315B1 (en) * 2008-04-25 2009-11-25 주진용 Web browsing system
AU2009319665B2 (en) 2008-11-26 2015-08-20 Calgary Scientific Inc. Method and system for providing remote access to a state of an application program
US9741084B2 (en) 2011-01-04 2017-08-22 Calgary Scientific Inc. Method and system for providing remote access to data for display on a mobile device
EP2661654A4 (en) 2011-01-04 2014-07-09 Calgary Scient Inc A method and system of controlling a remote controlled device in a remote controlled surgical procedure
CA2844871C (en) 2011-08-15 2021-02-02 Calgary Scientific Inc. Non-invasive remote access to an application program
WO2013046015A1 (en) * 2011-09-30 2013-04-04 Calgary Scientific Inc. Uncoupled application extensions including interactive digital surface layer for collaborative remote application sharing and annotating
US9294572B2 (en) 2011-11-11 2016-03-22 Calgary Scientific Inc. Session transfer and suspension in a remote access application framework
CN104040946B (en) 2011-11-23 2017-07-14 卡尔加里科学公司 For shared and meeting the method and system of the remote application that cooperates
US9274780B1 (en) 2011-12-21 2016-03-01 Amazon Technologies, Inc. Distribution of applications with a saved state
US9152820B1 (en) * 2012-03-30 2015-10-06 Emc Corporation Method and apparatus for cookie anonymization and rejection
CN103093126A (en) * 2013-01-18 2013-05-08 上海大唐移动通信设备有限公司 Software licensing method and software licensing system
JP6020353B2 (en) * 2013-05-29 2016-11-02 コニカミノルタ株式会社 Information processing apparatus, image forming apparatus, remote operation method, remote control method, remote operation program, and remote control program
US9871875B2 (en) * 2015-04-14 2018-01-16 Vasona Networks Inc. Identifying browsing sessions based on temporal transaction pattern
US10423475B2 (en) 2016-09-30 2019-09-24 Microsoft Technology Licensing, Llc Stateful tokens for communicating with external services
US10826691B2 (en) * 2017-05-30 2020-11-03 Servicenow, Inc. Edge encryption
US10275235B2 (en) * 2017-09-18 2019-04-30 International Business Machines Corporation Adaptable management of web application state in a micro-service architecture

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000041090A1 (en) * 1999-01-08 2000-07-13 Micro-Integration Corporation Search engine database and interface
WO2001022201A1 (en) * 1999-09-20 2001-03-29 Ethentica, Inc. Context sensitive dynamic authentication in a cryptographic system

Family Cites Families (40)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4418425A (en) * 1981-08-31 1983-11-29 Ibm Corporation Encryption using destination addresses in a TDMA satellite communications network
US4887296A (en) * 1984-10-26 1989-12-12 Ricoh Co., Ltd. Cryptographic system for direct broadcast satellite system
US4709266A (en) * 1985-01-14 1987-11-24 Oak Industries Inc. Satellite scrambling communication network using geographically separated uplinks
US4860352A (en) * 1985-05-20 1989-08-22 Satellite Financial Systems Corporation Satellite communication system and method with message authentication suitable for use in financial institutions
US4993067A (en) * 1988-12-27 1991-02-12 Motorola, Inc. Secure satellite over-the-air rekeying method and system
US5241594A (en) * 1992-06-02 1993-08-31 Hughes Aircraft Company One-time logon means and methods for distributed computing systems
US5243652A (en) * 1992-09-30 1993-09-07 Gte Laboratories Incorporated Location-sensitive remote database access control
US5532838A (en) * 1993-12-27 1996-07-02 Barbari; Edward P. Method & apparatus for dynamically creating and transmitting documents via facsimile equipment
US5659617A (en) * 1994-09-22 1997-08-19 Fischer; Addison M. Method for providing location certificates
DE69637733D1 (en) * 1995-02-13 2008-12-11 Intertrust Tech Corp SYSTEMS AND METHOD FOR SAFE TRANSMISSION
US5943422A (en) * 1996-08-12 1999-08-24 Intertrust Technologies Corp. Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels
US5982897A (en) * 1995-04-26 1999-11-09 Itt Corporation Selective denial of encrypted high precision data by indirect keying
US5640452A (en) * 1995-04-28 1997-06-17 Trimble Navigation Limited Location-sensitive decryption of an encrypted message
US6181867B1 (en) * 1995-06-07 2001-01-30 Intervu, Inc. Video storage and retrieval system
US6003030A (en) * 1995-06-07 1999-12-14 Intervu, Inc. System and method for optimized storage and retrieval of data on a distributed computer network
GB9516762D0 (en) * 1995-08-16 1995-10-18 Phelan Sean P Computer system for identifying local resources
US5754657A (en) * 1995-08-31 1998-05-19 Trimble Navigation Limited Authentication of a message source
US5757916A (en) * 1995-10-06 1998-05-26 International Series Research, Inc. Method and apparatus for authenticating the location of remote users of networked computing systems
US5740252A (en) * 1995-10-13 1998-04-14 C/Net, Inc. Apparatus and method for passing private demographic information between hyperlink destinations
JPH09190236A (en) * 1996-01-10 1997-07-22 Canon Inc Method, device and system for processing information
US5991876A (en) * 1996-04-01 1999-11-23 Copyright Clearance Center, Inc. Electronic rights management and authorization system
US5919239A (en) * 1996-06-28 1999-07-06 Fraker; William F. Position and time-at-position logging system
US5790074A (en) * 1996-08-15 1998-08-04 Ericsson, Inc. Automated location verification and authorization system for electronic devices
US5799083A (en) * 1996-08-26 1998-08-25 Brothers; Harlan Jay Event verification system
US6006332A (en) * 1996-10-21 1999-12-21 Case Western Reserve University Rights management system for digital media
US5898680A (en) * 1996-11-05 1999-04-27 Worldspace, Inc. System for providing location-specific data to a user
CA2287379C (en) * 1997-01-10 2005-10-04 Silicon Gaming-Nevada Method and apparatus for providing authenticated, secure on-line communication between remote locations
US5920861A (en) * 1997-02-25 1999-07-06 Intertrust Technologies Corp. Techniques for defining using and manipulating rights management data structures
US5884312A (en) * 1997-02-28 1999-03-16 Electronic Data Systems Corporation System and method for securely accessing information from disparate data sources through a network
US6041411A (en) * 1997-03-28 2000-03-21 Wyatt; Stuart Alan Method for defining and verifying user access rights to a computer information
US5796634A (en) * 1997-04-01 1998-08-18 Bellsouth Corporation System and method for identifying the geographic region of a geographic area which contains a geographic zone associated with a location
US5987136A (en) * 1997-08-04 1999-11-16 Trimble Navigation Ltd. Image authentication patterning
US6057779A (en) * 1997-08-14 2000-05-02 Micron Technology, Inc. Method of controlling access to a movable container and to a compartment of a vehicle, and a secure cargo transportation system
US6070174A (en) * 1997-09-30 2000-05-30 Infraworks Corporation Method and apparatus for real-time secure file deletion
US6460071B1 (en) * 1997-11-21 2002-10-01 International Business Machines Corporation System and method for managing client application state in a stateless web browser environment
US5991739A (en) * 1997-11-24 1999-11-23 Food.Com Internet online order method and apparatus
US6731612B1 (en) * 1998-06-29 2004-05-04 Microsoft Corporation Location-based web browsing
US6046689A (en) * 1998-11-12 2000-04-04 Newman; Bryan Historical simulator
US6237033B1 (en) * 1999-01-13 2001-05-22 Pitney Bowes Inc. System for managing user-characterizing network protocol headers
US6668322B1 (en) * 1999-08-05 2003-12-23 Sun Microsystems, Inc. Access management system and method employing secure credentials

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000041090A1 (en) * 1999-01-08 2000-07-13 Micro-Integration Corporation Search engine database and interface
WO2001022201A1 (en) * 1999-09-20 2001-03-29 Ethentica, Inc. Context sensitive dynamic authentication in a cryptographic system

Also Published As

Publication number Publication date
WO2002102011A8 (en) 2003-04-24
AU2002312425A1 (en) 2002-12-23
WO2002102011A2 (en) 2002-12-19
US20020051541A1 (en) 2002-05-02

Similar Documents

Publication Publication Date Title
WO2002102011A8 (en) System and method for maintaining state between a client and server
WO2003032575A3 (en) Method and system for providing client privacy when requesting content from a public server
EP1089516A3 (en) Method and system for single sign-on user access to multiple web servers
EP1267548A3 (en) Method and system for integrating security mechanisms into session initiation protocol request messages for client-proxy authentication
WO2002035314A3 (en) Method and system for sharing anonymous user information
AU2378801A (en) Optical flow and image forming
WO2001071498A3 (en) Server monitoring using virtual points of presence
CA2327078A1 (en) Secure session management and authentication for web sites
WO2004008675A3 (en) System and method for managing bandwidth utilization
EP0967765A3 (en) Network connection controlling method and system thereof
EP1263186A3 (en) Method of establishing a secure tunnel through a proxy server between a user device and a secure server
WO2002044828A3 (en) System and method for media stream adaptation
CA2378757A1 (en) System and method for reducing the amount of repetitive data sent by a server to a client for vehicle navigation
WO2003029916A3 (en) Method and system for managing data traffic in wireless networks
WO2004034192A3 (en) Methods and systems for communicating over a client-server network
WO2002043404A3 (en) Method and system for providing interactive services over a wireless communications network
WO2003027848A3 (en) Backup-restoration system and right management server
WO2001080064A3 (en) System and method for providing distributed database services
FI20001078A (en) Shared application access to data services for wireless communication systems
CA2329480A1 (en) Method and apparatus in a wireless communication system for splitting a browser functionality between a wireless client and an infrastructure portion
CA2422334A1 (en) Authentication of network users
WO2003091861A3 (en) Identity management system using single sign-on
GB2347832B (en) Communications system
EP1115049A3 (en) Secure data transmission over a client-server network
CA2322597A1 (en) Method and apparatus for cryptographic stateless protocol using asymmetric encryption

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
CFP Corrected version of a pamphlet front page
CR1 Correction of entry in section i

Free format text: IN PCT GAZETTE 51/2002 UNDER (22) REPLACE "3 JUNE 2002 (03.06.2002)" BY "5 JUNE 2002 (05.06.2002)"

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP