Secure content delivery on a domain portal
阅读说明:本技术 域门户上的安全内容传递 (Secure content delivery on a domain portal ) 是由 西蒙·A·布莱克斯坦 奥伦·哈菲夫 伊泰·杜乌德瓦尼 俄林·阿尔夫·埃林森 于 2017-03-02 设计创作,主要内容包括:在一个实施例中,一种方法包括:响应于登录请求,生成第一标识符和第一派生标识符;向客户端设备发送第一标识符和第一派生标识符;从客户端设备接收对网页的请求,其中,该请求包括第二标识符;响应于内容请求,生成第二派生标识符;以及提供内容框架和可信框架用于显示在客户端设备上,其中,内容框架包括第二派生标识符。第一派生标识符可以存储在可信框架可访问而内容框架不可访问的位置。可信框架可以被配置为访问存储在可信框架可访问的位置中的第一派生标识符,并验证从内容框架接收的第二派生标识符与第一派生标识符匹配。(In one embodiment, a method comprises: generating a first identifier and a first derived identifier in response to the login request; sending the first identifier and the first derivative identifier to the client device; receiving a request for a web page from a client device, wherein the request includes a second identifier; generating a second derivative identifier in response to the content request; and providing the content framework and the trusted framework for display on the client device, wherein the content framework includes the second derivative identifier. The first derivative identifier may be stored in a location accessible to the trusted frame and inaccessible to the content frame. The trusted framework may be configured to access a first derivative identifier stored in a location accessible to the trusted framework and verify that a second derivative identifier received from the content framework matches the first derivative identifier.)
1. a method, comprising:
Receiving, by a computing device, a login request from a client device of a user;
generating, by the computing device, a first identifier and a first derivative identifier in response to the login request, wherein the first derivative identifier is generated by applying a function to the first identifier;
sending, by the computing device, the first identifier and the first derivative identifier to the client device for storage;
Receiving, by the computing device, a content request for a web page from the client device, wherein the content request includes a second identifier;
Generating, by the computing device and in response to the content request, a second derivative identifier by applying the function to the second identifier; and
Providing, by the computing device, a content framework and a trusted framework for display on the client device, wherein the content framework includes the second derivative identifier;
Wherein the first identifier is stored in a location accessible to the content frame and the first derivative identifier is stored in a location accessible to the trusted frame and not accessible to the content frame;
Wherein the content framework is configured to:
requesting the trusted framework to verify whether the second derived identifier matches the first derived identifier; and
displaying the requested web page upon receiving a validation confirmation from the trusted framework;
Wherein the trusted framework is configured to:
accessing the first derivative identifier stored in a location accessible to the trusted frame; and
Verifying that the second derivative identifier received from the content framework matches the first derivative identifier.
2. The method of claim 1, wherein the function is a one-way function.
3. The method of claim 1, wherein a match between the first derivative identifier and the second derivative identifier indicates that no security breach has occurred.
4. The method of claim 1, wherein a mismatch between the first derivative identifier and the second derivative identifier indicates that a security breach has occurred.
5. The method of claim 1, wherein the trusted frame or the content frame is further configured to allow the content frame to display the web page if the second derivative identifier matches the first derivative identifier.
6. The method of claim 1, wherein the trusted framework or the content framework is further configured to terminate a current session associated with the first identifier if the second derived identifier does not match the first derived identifier.
7. The method of claim 1, wherein the trusted framework or the content framework is further configured to request a new first identifier for a user if the second derived identifier does not match the first derived identifier.
8. The method of claim 1, wherein the login request comprises a request to access a third party website via an online application.
9. The method of claim 1, wherein the content frame is an inline frame of the trusted frame on a display screen associated with the client device of a user.
10. The method of claim 1, further comprising:
Deleting one or more cookies stored on the computing device and associated with a user if the second derivative identifier does not match the first derivative identifier.
11. The method of claim 1, wherein the content framework includes content from a third party entity.
12. The method of claim 1, wherein the first identifier is stored as a cookie.
13. The method of claim 1, wherein the first derivative identifier is stored as a value associated with a source of the trusted framework.
14. the method of claim 1, wherein the first and second light sources are selected from the group consisting of,
Wherein the trusted framework is associated with a first source and the content framework is associated with a second source different from the first source; and is
wherein the first source and the second source have the same domain.
15. the method of claim 14, wherein the first and second light sources are selected from the group consisting of,
Wherein the requested web page has an associated web address; and is
Wherein the second source is generated using the web address of the requested web page.
16. A method, comprising:
Receiving, by a computing device, a login request from a client device of a user;
Generating, by the computing device, a first identifier and a first derivative identifier in response to the login request, wherein the first derivative identifier is generated by applying a function to the first identifier;
sending, by the computing device, the first identifier and the first derivative identifier to the client device for storage;
Receiving, by the computing device, a content request for a web page from the client device, wherein the content request includes a second identifier;
Generating, by the computing device and in response to the content request, a second derivative identifier by applying the function to the second identifier; and
Providing, by the computing device, a content framework and a trusted framework for display on the client device, wherein the content framework includes the second derivative identifier;
wherein the first identifier is stored in a location accessible to the content frame and the first derivative identifier is stored in a location accessible to the trusted frame and not accessible to the content frame;
wherein the content framework is configured to:
Requesting the trusted framework to verify whether the second derived identifier matches the first derived identifier; and
Displaying the requested web page upon receiving a validation confirmation from the trusted framework;
Wherein the trusted framework is configured to:
accessing the first derivative identifier stored in a location accessible to the trusted frame; and
Verifying that the second derivative identifier received from the content framework matches the first derivative identifier.
17. The method of claim 16, wherein the function is a one-way hash function.
18. The method of claim 16 or 17, wherein a match between the first derivative identifier and the second derivative identifier indicates that no security breach has occurred.
19. The method of any of claims 16 to 18, wherein a mismatch between the first derivative identifier and the second derivative identifier indicates that a security breach has occurred.
20. The method of any of claims 16-19, wherein the trusted frame or the content frame is further configured to allow the content frame to display the web page if the second derivative identifier matches the first derivative identifier.
21. The method of any of claims 16 to 21, wherein the trusted framework or the content framework is further configured to terminate a current session associated with the first identifier if the second derived identifier does not match the first derived identifier.
22. The method of any of claims 16 to 21, wherein the trusted framework or the content framework is further configured to request a new first identifier for a user if the second derived identifier does not match the first derived identifier.
23. The method of any of claims 16 to 22, wherein the login request comprises a request to access a third party website via an online application.
24. The method of any of claims 16 to 23, wherein the content framework is an inline framework of the trusted framework on a display screen associated with the client device of a user.
25. The method of any of claims 16 to 24, further comprising:
Deleting one or more cookies stored on the computing device and associated with a user if the second derivative identifier does not match the first derivative identifier.
26. The method of any of claims 16 to 25, wherein the content framework includes content from a third party entity.
27. the method of any of claims 16 to 26, wherein the first identifier is stored as a cookie.
28. The method of any of claims 16 to 27, wherein the first derivative identifier is stored as a value associated with a source of the trusted framework.
29. The method of any one of claims 16 to 28,
wherein the trusted framework is associated with a first source and the content framework is associated with a second source different from the first source; and is
Wherein the first source and the second source have the same domain.
30. The method of any one of claims 16 to 29,
Wherein the requested web page has an associated web address; and is
Wherein the second source is generated using the web address of the requested web page.
Technical Field
The present disclosure relates generally to internet security.
Background
An online application (e.g., a website) may enable people to access the internet in places that may not afford access to the internet via a traffic package (data plan). Online applications may, like portals (portals), allow third-party content and service providers to provide content and services to people who otherwise cannot access their websites. Any content provided through the online application, including third-party website content, is provided under the domain of the online application.
a mobile computing device (e.g., a smartphone, tablet computer, or laptop computer) may include functionality for determining its position, direction, or orientation, such as a GPS receiver, compass, gyroscope, or accelerometer. Such devices may also include functionality for wireless communications, such as bluetooth communications, Near Field Communications (NFC), or Infrared (IR) communications, or communications with a Wireless Local Area Network (WLAN) or a cellular telephone network. Such devices may also include one or more cameras, scanners, touch screens, microphones, or speakers. The mobile computing device may also execute software applications, such as games, web browsers, or social networking applications. Using social networking applications, users can connect (connect), communicate, and share information with other users in their social networks.
summary of the specific embodiments
online applications may allow third-party content and service providers to provide content and services to people who otherwise cannot access their websites. These third party entities may own a website whose web address may be considered a subdomain in the domain of the online application. For example, if the website's conventional web address is http:// www.domainA.com and the online application's aggregation of websites (aggrerate) is performed under a home domain called xyz.com, the website address of the third party website displayed by the online application may be presented as https:// inner-http-www-domainA-com.xyz.com. The web address or host of the third party website may be used to generate a subdomain of the domain of the online application. In this way, the online application may act as a "portal" for other websites and online services. These websites and online services may be free (e.g., not requiring data charges) and include content on topics like news, employment, health, education, and local information. Com, the domain of the online application may be xyz, by way of example and not by way of limitation. In particular embodiments, the third party content provided by the online application may be provided under a domain (e.g., xyz. For example, when a third party website such as HTTP:// WWW.GMAIL.COM is accessed through an online application, the URL representing the third party website may be HTTPS:// inner-HTTP-www-gmail.com. The subdomain in this example is "inner-http-www-GMAIL-com," which is derived from the actual address of GMAIL.
When a user accesses a website via an online application, the online application may automatically create an identifier for the user. The identifier may be understood as a userID, an encryption key, or both. The identifier may be unique to each user and may be stored in a cookie on the user's client device (e.g., in a browser on the client device). The client device may be any suitable computing device, such as a smartphone, desktop or laptop computer, tablet, wearable device (e.g., smart watch), or virtual reality headset (headset). The stored cookie may be used for communication between the user device and the online application to identify the session. In particular embodiments, the information within the cookie may be associated with a cookie jar on a server of the online application. When a user browses various third-party websites through an online application, associated cookies may be stored in the user's cookie jar on the server.
One security risk of the above-described online application is that a hacker may alter the userID and gain access to the user's browsing activities. In particular embodiments, the online application may not be in the common suffix list. Thus, it may not provide sufficient separation between subfields. Com, a malicious third party page may potentially be able to alter any cookies associated with a domain of the online application, including cookies associated with a subdomain of the domain. This problem does not typically exist because client browsers typically only allow a web page to change cookies associated with the web page's domain, meaning that a malicious third party web page can only change cookies associated with its own domain. As an example and not by way of limitation, a malicious web page hosted on a malicious.com may be able to set and change a cookie associated with the malicious.com, but not any other domain. But if the user accesses malicious. com through an online application xyz. com, the URL of the malicious web page may appear as HTTPS:// inner-http-www-malicious-com. In this case, the client browser may allow the web page hosted on mallicous. This may be accomplished by a JavaScript code block or by any other suitable mechanism. This is because browsers typically allow a domain administrator to change a sub-domain to a less-specific (less-specific) version of the current domain. Because xyz.com is a less specific version of malicious-com.xyz.com, the browser may allow such changes to occur. Thus, it is envisioned that through a client-side script hosted on malicious. Then, in subsequent communication with the online application, the attacker's ID may be unknowingly used by the user, meaning that the user's browsing activity may be accessible to the attacker. Com, if the user accesses the domain b.through an online application after being hacked, any cookie associated with the communication may be stored in the cookie jar associated with the attacker's ID. Thus, an attacker can use his own ID to communicate with the online application and use cookies stored in cookie jar (including the user's cookie for domain b.com) and view any private information that the user has access to on domain b-com.xyz.com. For example, if domain b-com.xyz.com contains the user's email account, an attacker may be able to view the messages in the account. This may pose a risk to many users.
To protect the user from an attacker, in particular embodiments, the online application may generate a first identifier and a first derivative identifier when the user first accesses the third-party content using the online application. In particular embodiments, the first derivative identifier may be generated by applying a function to the first identifier. In particular embodiments, the online application may associate the user with the first identifier and the first derivative identifier. In particular embodiments, the online application may send the first identifier and the first derivative identifier to a client device of the user for storage. In particular embodiments, the first identifier may be stored as a cookie. In particular embodiments, when a user sends a request for content to an online application (which may or may not be at initial login), the user's client device may send a second identifier along with the request. In particular embodiments, in response to the content request and the second identifier, the online application may generate a second derivative identifier by applying a function to the second identifier. In particular embodiments, the online application may provide a content frame (content frame) and a trusted frame (trusted frame) for display on the client device. In particular embodiments, the second derivative identifier may be embedded in the content frame. In particular embodiments, the trusted framework may be able to access the first derivation identifier, but the content framework may not be able to access the first derivation identifier. In particular embodiments, the content framework may be configured to request the trusted framework to verify whether the second derived identifier matches the first derived identifier. In particular embodiments, the content framework may also be configured to display the requested content (e.g., a web page) when a validation confirmation is received from the trusted framework. In particular embodiments, the trusted framework may be configured to access the first derivative identifier and verify that the second derivative identifier matches the first derivative identifier.
The embodiments disclosed herein are merely examples, and the scope of the present disclosure is not limited to them. Particular embodiments may include all, some, or none of the components, elements, features, functions, operations, or steps of the above-disclosed embodiments. Embodiments in accordance with the present invention are specifically disclosed in the accompanying claims directed to methods, storage media, systems, and computer program products, wherein any feature referred to in one claim category (e.g., method) may also be claimed in another claim category (e.g., system). The dependencies or back-references in the appended claims are chosen for formal reasons only. However, any subject matter resulting from an intentional back-reference (especially multiple references) to any preceding claim may also be claimed, such that any combination of a claim and its features is disclosed and may be claimed, irrespective of the dependencies chosen in the appended claims. The subject matter which can be claimed comprises not only the combination of features as set forth in the appended claims, but also any other combination of features in the claims, wherein each feature mentioned in the claims can be combined with any other feature or combination of other features in the claims. Furthermore, any of the embodiments and features described or depicted herein may be claimed in a separate claim and/or in any combination with any of the embodiments or features described or depicted herein or in any combination with any of the features of the appended claims.
In an embodiment according to the invention, a method may comprise:
Receiving, by a computing device, a login request from a client device of a user;
Generating, by the computing device, a first identifier and a first derivative identifier in response to the login request, wherein the first derivative identifier is generated by applying a function to the first identifier;
Sending, by the computing device, the first identifier and the first derivative identifier to the client device for storage;
Receiving, by the computing device, a content request for the web page from the client device, wherein the content request includes the second identifier;
generating, by the computing device and in response to the content request, a second derived identifier by applying a function to the second identifier; and
Providing, by the computing device, a content frame and a trusted frame for display on the client device, wherein the content frame includes a second derivative identifier;
Wherein the first identifier is stored in a location accessible to the content frame and the first derivative identifier is stored in a location accessible to the trusted frame and not accessible to the content frame;
Wherein the content framework is configured to:
Requesting the trusted framework to verify whether the second derived identifier matches the first derived identifier; and
Displaying the requested web page upon receiving a validation confirmation from the trusted framework;
Wherein the trusted framework is configured to:
Accessing a first derivation identifier stored in a location accessible to the trusted framework; and
verifying that the second derivative identifier received from the content framework matches the first derivative identifier.
The function may be a one-way function.
a match between the first derivative identifier and the second derivative identifier may indicate that no security breach has occurred.
A mismatch between the first derivative identifier and the second derivative identifier may indicate that a security breach has occurred.
the trusted frame or the content frame may be further configured to allow the content frame to display the web page if the second derivative identifier matches the first derivative identifier.
The trusted framework or the content framework may be further configured to terminate the current session associated with the first identifier if the second derived identifier does not match the first derived identifier.
The trusted framework or the content framework may be further configured to request a new first identifier for the user if the second derived identifier does not match the first derived identifier.
The login request may include a request to access a third party website via an online application.
the content frame may be an inline frame (inline frame) of a trusted frame on a display screen associated with a client device of a user.
In an embodiment according to the invention, a method may comprise: if the second derivative identifier does not match the first derivative identifier, one or more cookies stored on the computing device and associated with the user are deleted.
The content framework may include content from third party entities.
The first identifier may be stored as a cookie.
The first derivative identifier may be stored as a value associated with a source (origin) of the trusted framework.
an embodiment consistent with the invention may be a method, wherein a trusted framework is associated with a first source and a content framework is associated with a second source different from the first source; and wherein the first source and the second source have the same domain.
An embodiment according to the invention may be a method,
Wherein the requested web page has an associated web address; and is
Wherein the second source is generated using the web address of the requested web page.
In embodiments according to the invention, one or more computer-readable non-transitory storage media may embody software that is operable when executed to perform a method according to the invention or any of the above-mentioned embodiments.
in an embodiment according to the invention, a system may comprise: one or more processors; and at least one memory coupled to the processor and comprising instructions executable by the processor, the processor being operable when executing the instructions to perform a method according to the invention or any of the above mentioned embodiments.
in an embodiment according to the invention, a computer program product, preferably comprising a computer-readable non-transitory storage medium, may be operable when executed on a data processing system to perform a method according to the invention or any of the above-mentioned embodiments.