Web server/web application server security management apparatus and method
US9444830B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Sep 5, 2014 |
| Grant date | Sep 13, 2016 |
| Priority date | — |
| Expiry date | Dec 4, 2034 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1441
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A security management apparatus and method for a web server/web application server is provided. The security management apparatus includes a connection state table storage unit for, as a web client accesses a web server/web application server, storing connection state information, an access time, and a connection policy. A connection state information inspection unit inspects whether current connection state information is present in connection state information of the connection state table storage unit in which the connection policy is set to blocking. If current connection state information is not present, a web session reuse attack determination unit determines whether a current connection is a web session reuse attack. If the current connection is not the web session reuse attack, an attack pattern analysis unit analyzes whether an attack pattern is present. A blocking unit blocks a connection between the web client and the web server/web application server.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.