Patent · US Active

Hierarchical rule development and binding for web application server firewall

US9237130B2 · kind B2 · utility

5Cited by

10References

9Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Peng Ji · Nanjing, CN
Lin Luo · Sugar Land, US
Vugranam C. Sreedhar · Yorktown Heights, US
Shun Xiang Yang · Beijing, CN
Yu Zhang · Hangzhou City, CN

Key dates

Filing date	Jan 6, 2014
Grant date	Jan 12, 2016
Priority date	—
Expiry date	Jan 6, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/02
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

At least one of an HTTP request message and an HTTP response message is intercepted. A corresponding HTTP message model includes a plurality of message model sections. A representation of the at least one of an HTTP request message and an HTTP response message is parsed into message sections in accordance with the message model sections of the HTTP message model. A plurality of security rules are bounds to the message model sections. The plurality of security rules each specify at least one action to be taken in response to a given condition, which is based, at least in part, on a corresponding given one of the message sections. The at least one of an HTTP request message and an HTTP response message is processed in accordance with the plurality of security rules. Techniques for developing rules for a web application server firewall are also provided.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.