公开(公告)号：US07634570B2

公开(公告)日：2009-12-15

申请号：US10425516

申请日：2003-04-29

申请人： Ismail Cem Paya ,  Trevin Chow ,  Stephen J. Purpura

发明人： Ismail Cem Paya ,  Trevin Chow ,  Stephen J. Purpura

IPC分类号： G06F15/16

CPC分类号： G06F17/30902

摘要： Managing state information across communication sessions between a client and a server via a stateless protocol. The server delivers to the client a cacheable web page with a hyperlink to non-cacheable embedded content. In the hyperlink to the non-cacheable embedded content, the server adds a token or an identifier uniquely associated with the user. When the user obtains embedded content from the cached web page via the hyperlink, the identifier is also sent to the server. Upon receipt of the identifier from the client, the server accesses the stored state information. In this manner, the server manages state information related to the client across communication sessions without the use of cookies as long as the client caches the web page with the unique identifier.

摘要翻译： 通过无状态协议在客户端和服务器之间的通信会话中管理状态信息。 服务器向客户端发送可缓存的网页，其中包含超高速缓存的嵌入式内容。 在到不可缓存的嵌入式内容的超链接中，服务器添加与用户唯一相关联的令牌或标识符。 当用户通过超链接从缓存的网页获取嵌入的内容时，该标识符也被发送到服务器。 当从客户端接收到标识符时，服务器访问所存储的状态信息。 以这种方式，只要客户端使用唯一标识符缓存网页，服务器就不需要使用cookie来管理与客户端相关的状态信息。

公开(公告)号：US07555781B2

公开(公告)日：2009-06-30

申请号：US11276722

申请日：2006-03-10

申请人： Yehuda Feuerstein ,  Jared E. Pfost ,  Stephen J. Purpura

发明人： Yehuda Feuerstein ,  Jared E. Pfost ,  Stephen J. Purpura

IPC分类号： H04L9/00 ,  H04L9/32 ,  G06F7/04

CPC分类号： G06F21/55 ,  G06F21/64 ,  G06F2221/2101 ,  G06Q30/0609 ,  Y10S707/99932 ,  Y10S707/99933

摘要： A security component determines whether a request for a resource poses a security risk to a computing device and verifies the integrity of the requested resource before the request is allowed. For a request having arguments and a resource path with a filename that identifies the resource, the security component determines that the request does not pose a security risk if the resource path does not exceed a maximum number of characters, individual arguments do not exceed a maximum number of characters, the arguments combined do not exceed a maximum number of characters, and the filename has a valid extension. The security component verifies the integrity of a requested resource by formulating a descriptor corresponding to the resource and comparing the descriptor with a cached descriptor corresponding to the resource.

公开(公告)号：US08166406B1

公开(公告)日：2012-04-24

申请号：US10187389

申请日：2002-06-28

申请人： Aaron Goldfeder ,  Cem Paya ,  Joseph J. Gallagher ,  Roberto A. Franco ,  Stephen J. Purpura ,  Darren Mitchell ,  Frank M. Schwieterman ,  Viresh Ramdatmisier

发明人： Aaron Goldfeder ,  Cem Paya ,  Joseph J. Gallagher ,  Roberto A. Franco ,  Stephen J. Purpura ,  Darren Mitchell ,  Frank M. Schwieterman ,  Viresh Ramdatmisier

IPC分类号： G06F3/00

CPC分类号： H04L67/02 ,  G06F21/6263 ,  H04L63/102

摘要： A method and system that provide an intuitive user interface and related components for making Internet users aware of Internet cookie-related privacy issues, and enabling users to control Internet privacy through automatic cookie handling. Default privacy settings for handling cookies are provided, and through the user interface, the privacy settings may be customized to a user's liking. Further, through the user interface, for each individual site that forms a page of content, the site's privacy policy may be reviewed and/or the privacy controlled by specifying how cookies from that site are to be handled. To make users aware, the user interface provides an active alert on a first instance of a retrieved web site's content that fails to include satisfactory privacy information, and thereafter, provides a distinctive passive alert to allow the user selective access to privacy information, per-site cookie handling and cookie handling settings.

摘要翻译： 一种提供直观用户界面和相关组件的方法和系统，用于使互联网用户了解与互联网Cookie相关的隐私问题，并使用户能够通过自动Cookie处理来控制互联网隐私。 提供用于处理Cookie的默认隐私设置，通过用户界面，可以根据用户的喜好自定义隐私设置。 此外，通过用户界面，对于形成内容页面的每个单独站点，可以通过指定如何处理来自该站点的cookie来审查和/或隐私控制。 为了使用户意识到，用户界面在检索到的网站的内容的第一实例上提供了活动警报，该内容未能包含满意的隐私信息，此后，提供了独特的被动警报以允许用户选择性地访问隐私信息， 网站Cookie处理和Cookie处理设置。

公开(公告)号：US06959420B1

公开(公告)日：2005-10-25

申请号：US09999175

申请日：2001-11-30

申请人： Darren Mitchell ,  Cem Paya ,  Rajeev Dujari ,  Stephen J. Purpura ,  Aaron R. Goldfeder ,  Frank M. Schwieterman

发明人： Darren Mitchell ,  Cem Paya ,  Rajeev Dujari ,  Stephen J. Purpura ,  Aaron R. Goldfeder ,  Frank M. Schwieterman

IPC分类号： G06F21/00 ,  G09G5/00 ,  H04L9/00 ,  H04L29/06 ,  H04L29/08

CPC分类号： G06F21/6245 ,  H04L63/102 ,  H04L67/02

摘要： A system and method that evaluates privacy policies from web sites to determine whether each site is permitted to perform operations (e.g., store, retrieve or delete) directed to cookies on a user's computer. Various properties of each cookie and the context in which it is being used are evaluated against a user's privacy preference settings to make the determination. An evaluation engine accomplishes the evaluation and determination via a number of criteria and considerations, including the cookie properties, its current context, the site, the zone that contains the site, and any P3P data (compact policy) provided with the site's response. The user privacy preferences are evaluated against these criteria to determine whether a requested cookie operation is allowed, denied or modified. A formalized distinction between first-party cookies versus third-party cookies may be used in the determination, along with whether the cookie is a persistent cookie or a session cookie.

摘要翻译： 一种从网站评估隐私策略以确定每个站点是否被允许执行针对用户计算机上的cookie的操作（例如，存储，检索或删除）的系统和方法。 根据用户的隐私偏好设置评估每个Cookie的各种属性及其使用的上下文以进行确定。 评估引擎通过许多标准和注意事项完成评估和确定，包括Cookie属性，其当前上下文，站点，包含站点的区域以及站点响应提供的任何P3P数据（紧凑策略）。 根据这些标准评估用户隐私偏好，以确定是否允许，拒绝或修改所请求的Cookie操作。 第一方Cookie与第三方Cookie之间的正式区分可能会用于确定，以及Cookie是持久性Cookie还是会话cookie。

公开(公告)号：US07614002B2

公开(公告)日：2009-11-03

申请号：US11174259

申请日：2005-07-01

申请人： Aaron R. Goldfeder ,  Cem Paya ,  Frank M. Schwieterman ,  Darren Mitchell ,  Rajeev Dujari ,  Stephen J. Purpura

发明人： Aaron R. Goldfeder ,  Cem Paya ,  Frank M. Schwieterman ,  Darren Mitchell ,  Rajeev Dujari ,  Stephen J. Purpura

IPC分类号： G06F3/00 ,  G06F21/00 ,  H04L29/06

CPC分类号： G06F21/6245 ,  H04L63/102 ,  H04L67/02

摘要： A system and method that evaluates privacy policies from web sites to determine whether each site is permitted to perform operations (e.g., store, retrieve or delete) directed to cookies on a user's computer. Various properties of each cookie and the context in which it is being used are evaluated against a user's privacy preference settings to make the determination. An evaluation engine accomplishes the evaluation and determination via a number of criteria and considerations, including the cookie properties, its current context, the site, the zone that contains the site, and any P3P data (compact policy) provided with the site's response. The user privacy preferences are evaluated against these criteria to determine whether a requested cookie operation is allowed, denied or modified. A formalized distinction between first-party cookies versus third-party cookies may be used in the determination, along with whether the cookie is a persistent cookie or a session cookie.

摘要翻译： 一种从网站评估隐私策略以确定每个站点是否被允许执行针对用户计算机上的cookie的操作（例如，存储，检索或删除）的系统和方法。 根据用户的隐私偏好设置评估每个Cookie的各种属性及其使用的上下文以进行确定。 评估引擎通过许多标准和注意事项完成评估和确定，包括Cookie属性，其当前上下文，站点，包含站点的区域以及站点响应提供的任何P3P数据（紧凑策略）。 根据这些标准评估用户隐私偏好，以确定是否允许，拒绝或修改所请求的Cookie操作。 第一方Cookie与第三方Cookie之间的正式区分可能会用于确定，以及Cookie是持久性Cookie还是会话cookie。

公开(公告)号：US20120240050A1

公开(公告)日：2012-09-20

申请号：US13450193

申请日：2012-04-18

申请人： Aaron Goldfeder ,  Cem Paya ,  Joseph J. Gallagher ,  Roberto A. Franco ,  Stephen J. Purpura ,  Darren Mitchell ,  Frank M. Schwieterman ,  Viresh Ramdatmisier

发明人： Aaron Goldfeder ,  Cem Paya ,  Joseph J. Gallagher ,  Roberto A. Franco ,  Stephen J. Purpura ,  Darren Mitchell ,  Frank M. Schwieterman ,  Viresh Ramdatmisier

IPC分类号： G06F3/048

CPC分类号： H04L67/02 ,  G06F21/6263 ,  H04L63/102

摘要： A method and system that provide an intuitive user interface and related components for making Internet users aware of Internet cookie-related privacy issues, and enabling users to control Internet privacy through automatic cookie handling. Default privacy settings for handling cookies are provided, and through the user interface, the privacy settings may be customized to a user's liking. Further, through the user interface, for each individual site that forms a page of content, the site's privacy policy may be reviewed and/or the privacy controlled by specifying how cookies from that site are to be handled. To make users aware, the user interface provides an active alert on a first instance of a retrieved web site's content that fails to include satisfactory privacy information, and thereafter, provides a distinctive passive alert to allow the user selective access to privacy information, per-site cookie handling and cookie handling settings.

摘要翻译： 一种提供直观用户界面和相关组件的方法和系统，用于使互联网用户了解与互联网Cookie相关的隐私问题，并使用户能够通过自动Cookie处理来控制互联网隐私。 提供用于处理Cookie的默认隐私设置，通过用户界面，可以根据用户的喜好自定义隐私设置。 此外，通过用户界面，对于形成内容页面的每个单独站点，可以通过指定如何处理来自该站点的cookie来审查和/或隐私控制。 为了使用户意识到，用户界面在检索到的网站的内容的第一实例上提供了活动警报，该内容未能包含满意的隐私信息，此后，提供了独特的被动警报以允许用户选择性地访问隐私信息， 网站Cookie处理和Cookie处理设置。

公开(公告)号：US07058978B2

公开(公告)日：2006-06-06

申请号：US09751016

申请日：2000-12-27

申请人： Yehuda Feuerstein ,  Jared E. Pfost ,  Stephen J. Purpura

发明人： Yehuda Feuerstein ,  Jared E. Pfost ,  Stephen J. Purpura

IPC分类号： G06F7/04 ,  G06F17/30 ,  G06K9/00 ,  H03M1/68 ,  H04K1/00

CPC分类号： G06F21/55 ,  G06F21/64 ,  G06F2221/2101 ,  G06Q30/0609 ,  Y10S707/99932 ,  Y10S707/99933

摘要： A security component determines whether a request for a resource poses a security risk to a computing device and verifies the integrity of the requested resource before the request is allowed. For a request having arguments and a resource path with a filename that identifies the resource, the security component determines that the request does not pose a security risk if the resource path does not exceed a maximum number of characters, individual arguments do not exceed a maximum number of characters, the arguments combined do not exceed a maximum number of characters, and the filename has a valid extension. The security component verifies the integrity of a requested resource by formulating a descriptor corresponding to the resource and comparing the descriptor with a cached descriptor corresponding to the resource.

公开(公告)号：US06421768B1

公开(公告)日：2002-07-16

申请号：US09305423

申请日：1999-05-04

申请人： Stephen J. Purpura

发明人： Stephen J. Purpura

IPC分类号： G06F1200

CPC分类号： H04L63/0815 ,  G06F21/41

摘要： Cryptographically assured data structures are created to enable a single sign on and/or authentication method for securely transferring user authentication information from a first computer to a second computer to allow the user to seamlessly interact with the second computer without necessarily re-authenticating himself thereto. Thus, if a second computer trusts the methods used by a first computer to authenticate a user, then the second computer can use a cryptographically assured cookie created by the first computer to authenticate the user, without requiring the user to perform an explicit authentication step at the second computer. More particularly, a cryptographically assured cookie is made by creating a cryptographically assured voucher of a user characteristic at the first computer, and embedding the voucher into a cookie for transmission to the user's computer and hence to the second computer.

摘要翻译： 创建加密保证的数据结构以使得能够将用户认证信息从第一计算机安全地传送到第二计算机，以允许用户与第二计算机无缝地交互，而不必重新认证自己的单一登录和/或认证方法。 因此，如果第二计算机信任第一计算机用于认证用户的方法，则第二计算机可以使用由第一计算机创建的密码保证的cookie来认证用户，而不需要用户执行明确的认证步骤 第二台电脑。 更具体地，通过在第一计算机上创建用户特征的密码保证凭证并将凭证嵌入到cookie中以传送到用户的计算机，并因此嵌入到第二计算机中来进行加密保证的cookie。