Patent · US Active

Hierarchical rule development and binding for web application server firewall

US9992166B2 · kind B2 · utility

4Cited by

11References

4Claims

0Family size

Assignee

International Business Machines Corporation · US

Inventors

Peng Ji · Nanjing, CN
Lin Luo · Sugar Land, US
Vugranam C. Sreedhar · Yorktown Heights, US
Shun Xiang Yang · Beijing, CN
Yu Zhang · Hangzhou City, CN

Key dates

Filing date	Dec 5, 2015
Grant date	Jun 5, 2018
Priority date	—
Expiry date	Dec 5, 2035

Classification

Technology area (CPC H)Electricity
CPC primaryH04L67/02
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

At least one of an HTTP request message and an HTTP response message is intercepted. A corresponding HTTP message model includes a plurality of message model sections. A representation of the at least one of an HTTP request message and an HTTP response message is parsed into message sections in accordance with the message model sections of the HTTP message model. A plurality of security rules are bounds to the message model sections. The plurality of security rules each specify at least one action to be taken in response to a given condition, which is based, at least in part, on a corresponding given one of the message sections. The at least one of an HTTP request message and an HTTP response message is processed in accordance with the plurality of security rules. Techniques for developing rules for a web application server firewall are also provided.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.