Browse Prior Art Database

Prefetching and transmitting web pages for secure web sessions

IP.com Disclosure Number: IPCOM000015117D
Original Publication Date: 2001-Nov-09
Included in the Prior Art Database: 2003-Jun-20
Document File: 1 page(s) / 35K

Publishing Venue

IBM

Abstract

Secure web transactions require cookies or session tokens. The processing of session security and session data requires processing power from the web server. Also, the retention of the session data requires extensive memory if thousands of sessions are in progress. I propose that much of the secure data could be processed in a "sessionless" transaction. This could be done by transmitting data that has a high likelyhood of being requested, in the initial web request. This would be at the time when the user submits the logon password. The data could be cached with the user until requested, and then displayed immediately without resuming a session with the web server. Artificial Intelligence data from previous use of the individual customer could be used to determine what additional data to transmit. The use under consideration involves an online banking application. The server is running out of capacity. About eighty percent of the secure sessions are simply a logon, account summary, checking details, then logoff. I propose this could be done as a secure but sessionless transaction, consolidating the sequence into a single web request. This will also provide a faster response to the customer when the customer requests the additional data. The problem is typically solved by adding more hardware capacity to the solution. Sometimes the complexity of creating and maintaining a server farm is introduced. This solution is less expensive and provides better internet response times to the end user.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 94% of the total text.

Page 1 of 1

Prefetching and transmitting web pages for secure web sessions

Secure web transactions require cookies or session tokens. The processing of session security and session data requires processing power from the web server. Also, the retention of the session data requires extensive memory if thousands of sessions are in progress. I propose that much of the secure data could be processed in a "sessionless" transaction. This could be done by transmitting data that has a high likelyhood of being requested, in the initial web request. This would be at the time when the user submits the logon password. The data could be cached with the user until requested, and then displayed immediately without resuming a session with the web server. Artificial Intelligence data from previous use of the individual customer could be used to determine what additional data to transmit. The use under consideration involves an online banking application. The server is running out of capacity. About eighty percent of the secure sessions are simply a logon, account summary, checking details, then logoff. I propose this could be done as a secure but sessionless transaction, consolidating the sequence into a single web request. This will also provide a faster response to the customer when the customer requests the additional data. The problem is typically solved by adding more hardware capacity to the solution. Sometimes the complexity of creating and maintaining a server farm is introduced. Thi...