Web server security
US11444958B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Apr 27, 2018 |
| Grant date | Sep 13, 2022 |
| Priority date | — |
| Expiry date | May 30, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/205
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A system (30) for protecting a server (20) from network attacks is provided. The system (30) comprises a data splitter (31) and a parameter extractor (33). The data splitter (31) is configured to receive network communications from a client (10); send network data comprising at least payload information included in the received network communications to the parameter extractor (33); and send network data comprising at least communication state information included in the received network communications to the server (20). The parameter extractor (33) is configured to apply predefined parameter extraction rules to network data received from the data splitter (31) in order to extract parameters, and to forward extracted parameters to the server (20). The system (30) is also configured to enforce unidirectional dataflow over at least part of the network connection path to the server (20) via the parameter extractor (33), such that dataflow to the server (20) over the network connection path is allowed, but dataflow in the opposite direction is not allowed for at least part of the network connection path. A server (20), data splitter (31) and parameter extractor (33) for use with the s…
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.