-
公开(公告)号:US09979726B2
公开(公告)日:2018-05-22
申请号:US14894912
申请日:2014-07-04
申请人: Jscrambler S.A.
发明人: Antonio Pedro Freitas FOrtuna dos Santos , Rui Miguel Silvares Ribeiro , Filipe Manuel Gomes Silva
CPC分类号: H04L63/0876 , G06F17/2247 , G06F21/554 , H04L63/1466 , H04L63/168
摘要: A system for detection and mitigation of client-side initiated security attack(s) to a web application is disclosed. A server component (SC) of the system is configured to intercept at least partially a web application code and/or data exchanged between a web server and one or more web browsers running on client devices respectively. The SC installs a script in the web application code intercepted from a web server before forwarding a transformed web application code to the a web browser. The CS when executed in a web browser of a client, causes the web browser to execute a loop which sweeps the document object model (DOM) structure of the webpage. Further, the CS sends a report containing the DOM structure and/or details on data to the SC. Using the received reports, SC concludes if tampering occurred at the client-side.
-
公开(公告)号:US20160132667A1
公开(公告)日:2016-05-12
申请号:US14894919
申请日:2014-05-30
申请人: JSCRAMBLER S.A.
发明人: Antonio Pedro Freitas Fortuna dos Santos , Rui Miguel Silvares Ribeiro , Filipe Manuel Gomes Silva
CPC分类号: G06F21/12 , G06F21/10 , G06F21/125 , G06F21/14 , G06F2221/0704 , G06F2221/0748 , H04L9/0822 , H04L9/0866 , H04L9/14
摘要: A method and system for generating a protected version of the digital content is disclosed. The method includes obfuscating the digital content to yield a functionally equivalent obfuscated digital content, encrypting the obfuscated digital content using at least one device or non-device parameter, generating a decryption logic to be used for generating a decryption key based upon the at least one device or non-device parameter, and concatenating the encrypted digital content and the decryption logic to generate the protected version of the digital content.
摘要翻译: 公开了一种用于产生数字内容的受保护版本的方法和系统。 该方法包括对数字内容进行模糊处理以产生功能上等效的模糊数字内容,使用至少一个设备或非设备参数对混淆的数字内容进行加密,生成解密逻辑,用于基于至少一个设备生成解密密钥 设备或非设备参数,并且连接加密的数字内容和解密逻辑以产生数字内容的受保护版本。
-
公开(公告)号:US10102384B2
公开(公告)日:2018-10-16
申请号:US14894931
申请日:2014-05-30
申请人: Jscrambler S.A.
发明人: Antonio Pedro Freitas Fortuna dos Santos , Rui Miguel Silvares Ribeiro , Filipe Manuel Gomes Silva
摘要: The present disclosure provides a method and system for generating digital content for a computing device which will function on the computing device only after successful validation. The system installs one or more checks in the digital content that restrict the execution of the digital content to a specific device for which the digital content is generated. The checks pertain to at least one or more parameters of a device including without limitation, a device ID, a device model, or any device specific feature. In addition, the system generates a protected version of the digital content with the one or more installed checks to be transmitted to a client.
-
公开(公告)号:US20160117511A1
公开(公告)日:2016-04-28
申请号:US14894931
申请日:2014-05-30
申请人: Jscrambler S.A.
发明人: Antonio Pedro Freitas Fortuna dos Santos , Rui Miguel Silvares Ribeiro , Filipe Manuel Gomes Silva
CPC分类号: G06F21/602 , G06F21/10 , G06F21/125 , G06F21/54 , G06F2221/033 , H04L9/0819 , H04L63/0435 , H04L67/02 , H04L67/34 , H04L2209/24 , H04L2463/041 , H04W4/50
摘要: The present disclosure provides a method and system for generating digital content for a computing device which will function on the computing device only after successful validation. The system installs one or more checks in the digital content that restrict the execution of the digital content to a specific device for which the digital content is generated. The checks pertain to at least one or more parameters of a device including without limitation, a device ID, a device model, or any device specific feature. In addition, the system generates a protected version of the digital content with the one or more installed checks to be transmitted to a client.
摘要翻译: 本公开提供了一种用于为计算设备生成数字内容的方法和系统,其仅在成功验证之后将在计算设备上起作用。 该系统在数字内容中安装一个或多个检查,该检查将数字内容的执行限制到产生数字内容的特定设备。 检查涉及设备的至少一个或多个参数,包括但不限于设备ID,设备模型或任何设备特定特征。 另外,该系统利用一个或多个安装的检查产生数字内容的受保护版本,以将其发送给客户端。
-
公开(公告)号:US10095846B2
公开(公告)日:2018-10-09
申请号:US14894919
申请日:2014-05-30
申请人: Jscrambler S.A.
发明人: Antonio Pedro Freitas Fortuna dos Santos , Rui Miguel Silvares Ribeiro , Filipe Manuel Gomes Silva
摘要: A method and system for generating a protected version of the digital content is disclosed. The method includes obfuscating the digital content to yield a functionally equivalent obfuscated digital content, encrypting the obfuscated digital content using at least one device or non-device parameter, generating a decryption logic to be used for generating a decryption key based upon the at least one device or non-device parameter, and concatenating the encrypted digital content and the decryption logic to generate the protected version of the digital content.
-
公开(公告)号:US20160119344A1
公开(公告)日:2016-04-28
申请号:US14894912
申请日:2014-07-04
申请人: JSCRAMBLER S.A.
发明人: Antonio Pedro Freitas Fortuna dos Santos , Rui Miguel Silvares Ribeiro , Filipe Manuel Gomes Silva
CPC分类号: H04L63/0876 , G06F17/2247 , G06F21/554 , H04L63/1466 , H04L63/168
摘要: A system for detection and mitigation of client-side initiated security attack(s) to a web application is disclosed. A server component (SC) of the system is configured to intercept at least partially a web application code and/or data exchanged between a web server and one or more web browsers running on client devices respectively. The SC installs a script in the web application code intercepted from a web server before forwarding a transformed web application code to the a web browser. The CS when executed in a web browser of a client, causes the web browser to execute a loop which sweeps the document object model (DOM) structure of the webpage. Further, the CS sends a report containing the DOM structure and/or details on data to the SC. Using the received reports, SC concludes if tampering occurred at the client-side.
摘要翻译: 公开了一种用于检测和减轻客户端发起的安全攻击到Web应用程序的系统。 该系统的服务器组件(SC)被配置为至少部分地拦截web应用程序代码和/或在web服务器和在客户端设备上运行的一个或多个web浏览器之间交换的数据。 在将转换后的Web应用程序代码转发到Web浏览器之前,SC将从Web服务器拦截的Web应用程序代码中安装一个脚本。 CS在客户端的Web浏览器中执行时,导致Web浏览器执行一个循环,扫描网页的文档对象模型(DOM)结构。 此外,CS向SC发送包含DOM结构和/或数据细节的报告。 使用收到的报告,SC总结说,客户端是否发生篡改。
-
-
-
-
-
搜索结果
6 条记录 (耗时 0.01 秒)
