Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Using Client System Reputation Information with Web Applications

IP.com Disclosure Number: IPCOM000228044D
Publication Date: 2013-Jun-04
Document File: 4 page(s) / 281K

Publishing Venue

The IP.com Prior Art Database

Related People

Anand Sankruthi: INVENTOR [+2]

Abstract

This publication proposes appending the reputation of a client system to Hypertext Transfer Protocol (HTTP) responses from the system to secure websites. Based on this reputation score, the websites can restrict activities that can be performed in that site from that system. This publication also proposes using a computer hygiene rating to determine whether fields in a website form (such as password fields or credit card fields) need to be disabled. If the hygiene is low, these fields of the website may be disabled and a virtual keyboard presented for the user to enter the details.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 43% of the total text.

Page 01 of 4

 Using Client System Reputation Information with Web Applications

Anand Sankruthi Yadvinder Bhatia

Symantec Corporation

Abstract

This publication proposes appending the reputation of a client system to Hypertext Transfer Protocol (HTTP) responses from the system to secure websites. Based on this reputation score, the websites can restrict activities that can be performed in that site from that system. This publication also proposes using a computer hygiene rating to determine whether fields in a website form (such as password fields or credit card fields) need to be disabled. If the hygiene is low, these fields of the website may be disabled and a virtual keyboard presented for the user to enter the details. Copyright © 2013 Symantec Corporation. All rights reserved.

1


Page 02 of 4

Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. For a full list of Symantec trademarks, please visit http://www.symantec.com/about/profile/policies/trademarks/currentlist.jsp

Any Symantec products described in this document are distributed under licenses restricting their use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.

Symantec Corporation 350 Ellis Street Mountain View, CA 94043 United States

http://www.symantec.com 2

Copyright © 2013 Symantec Corporation. All rights reserved.


Page 03 of 4

Using Client System Reputation Information with Web Applications

Problem Statement

Secure websites typically attempt to protect their customers from cyber-crimes. While they are often configured to protect confidential data in their servers, they do not have much control on the client side which may expose confidential data to malicious programs that may be installed in that system. Furthermore, with ever growing keylogger techniques, such as hypervisor-based keyloggers or those residing in the kernel itself, detecting and remediating these threats has become a near impossible task. Users are currently left with no option to even save off important data from reaching this malicious code.

Publication Description

This method first includes calcu...