[특허]Method and system for extracting application protocol characteristics

Method and system for extracting application protocol characteristics 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-029/06 G06F-017/30
출원번호	UP-0909645 (2004-08-02)
등록번호	US-7774835 (2010-08-30)
발명자 / 주소	Raanan, Gil Moran, Tal Galant, Yaron El-Hanani, Yuval Reshef, Eran
출원인 / 주소	F5 Networks, Inc.
대리인 / 주소	Frommer Lawrence & Haug LLP
인용정보	피인용 횟수 : 0 인용 특허 : 45

초록 ▼

A method and computer program for automatically and continually extracting application protocols (i.e., defining a set of allowable or authorized actions) for any application. The method involves receiving a message from a server before it is sent or in parallel with sending to a client. The message may be in response to a specific request for it from the client. The program then extracts the application protocol data from the server message. Working with a copy of the message, the program strips off the communications protocol(s) from the message and parses the remaining message to identify user-selectable options contained in the message such as commands, fields, etc. These items represent the set of allowable or authorized user actions for the particular “stage” of the current version of the application as set forth in the message. The set of allowable user actions is then stored by the extraction program in a protocol database accessible to a gateway or filter module.

대표청구항 ▼

What is claimed is: 1. A method executed on a gateway device for defining a set of allowable actions that may be taken by a client in communication with an application program residing on a server, the method comprising: receiving a server communication addressed to the client; extracting application protocol data from the server communication to determine the set of allowable actions which may be taken in response to the server communication, the set of allowable actions being for a particular communication session between the client and the application program residing on the server; stripping communication protocol data from the server communication; parsing the stripped communication protocol data to extract a network address of the client; and storing the extracted application protocol data in a protocol database in association with the communication protocol data representing the network address of the client to thereby enable the particular communication session with the client. 2. The method of claim 1, further comprising parsing the stripped communication protocol data to extract an input field in the server communication. 3. The method of claim 1, further comprising parsing the stripped communication protocol data to identify a command in the server communication, wherein the client is allowed to use the command in communication with the application program. 4. The method of claim 1, wherein storing the extracted application protocol data in a protocol database comprises storing an input field with associated data type and length, the input field having been extracted from the server communication. 5. The method of claim 1, further comprising parsing the stripped communication protocol data to identify a hyperlink in the server communication. 6. The method of claim 1, further comprising using the stored application protocol data to filter communications between the client and the server. 7. The method of claim 1, wherein stripping communication protocol data from the server communication comprises stripping communication protocol data for multiple protocols. 8. The method of claim 1, wherein extracting application protocol data from the server communication is performed in real-time. 9. A computer-readable storage medium having instructions stored thereon that when executed by a computer causes the computer to: receive a server communication addressed to a client; extract application protocol data from the server communication to determine a set of allowable actions which may be taken in response to the server communication, the set of allowable actions being for a particular communication session between the client and the server; strip communication protocol data from the server communication; parse the stripped communication protocol data to extract a network address of the client; and store the extracted application protocol data in a protocol database in association with the communication protocol data representing the network address of the client to thereby enable the particular communication session with the client. 10. The computer-readable storage medium of claim 9, wherein the extracted application protocol data stored in the protocol database comprises an input field with associated data type and length, the input field having been extracted from the server communication. 11. The computer-readable storage medium of claim 9, wherein the stored application protocol data is used to filter communications between the client and the server. 12. The computer-readable storage medium of claim 9, wherein the communication protocol data comprises data for multiple protocols. 13. A communication system comprising: a server having an application stored thereon for use by a client; a protocol extraction module for extracting application protocol data for a plurality of protocols from a message sent by the server to the client, after stripping communication protocol data from the message, wherein the extracted application protocol data include a hyperlink; a protocol database for storing the extracted application protocol data; and a filter module for selectively allowing actions by the client in communication with the application, the allowed actions being based on the application protocol data stored on the protocol database. 14. The communication system of claim 13, wherein the communication protocol data are used for a particular communication session between a particular client and the server. 15. The communication system of claim 13, wherein the communication protocol data is used to filter communications between the client and the server. 16. A computing apparatus, that includes computer hardware modules to perform actions for defining a set of actions by a client, comprising: a protocol extraction module that extracts application protocol data in real-time for a particular communication session between the client and an application residing on a server, the application protocol data being extracted for a plurality of protocols from a message sent by the server to the client, after stripping communication protocol data from the message, wherein the extracted application protocol data include a hyperlink; a protocol database that stores the extracted application protocol data; and a filter module that selectively allows the actions by the client in communication with the application, the allowed actions being based on the application protocol data stored on the protocol database. 17. The computing apparatus of claim 16, wherein the protocol extraction module, the protocol database, and the filter module reside on the server. 18. The computing apparatus of claim 16, wherein the communication protocol data is used to filter communications between the client and the server. 19. The communication system of claim 13, wherein the communication protocol data are sent in the message from the server to the client. 20. The computing apparatus of claim 16, wherein the communication protocol data are sent in the message from the server to the client.

이 특허에 인용된 특허 (45)

Vu Hung T. (Ottawa CAX), Apparatus and method for providing a secure gateway for communication and data exchanges between networks.
상세보기
Skeen Marion D. (3826 Magnolia Dr. Palo Alto CA 94306) Bowles Mark (30 Tripp Ct. Woodside CA 94062), Apparatus and method for providing decoupling of data exchange details for providing high performance communication betw.
상세보기
Skeen Marion D. (Palo Alto CA) Bowles Mark (Woodside CA), Apparatus and method for providing decoupling of data exchange details for providing high performance communication betw.
상세보기
Gupta Sarbari (Rockville MD) Gligor Virgil D. (Chevy Chase MD), Automated penetration analysis system and method.
상세보기
Amstein Peter R. ; Blumer Thomas P. ; Coburn ; IV Arthur L. ; Forgaard Randy J. ; Schulert Andrew J. ; Stefanik Ted ; Mauceri Robert J., Computer system and computer-implemented process for creation and maintenance of online services.
상세보기
Duxbury Paul (Sandbach GB2), Computer system security.
상세보기
Hirsch Thomas S. (Bedford MA) Bianchi Richard S. (Billerica MA) Perry Ron B. (Wilton NH) Buck Kenneth J. (Tyngsboro MA), Copy file mechanism for transferring files between a host system and an emulated file system.
상세보기
Teng Henry Shao-Lin, Expert system having a plurality of security inspectors for detecting security flaws in a computer system.
상세보기
Cheng Josephine M. ; Shen HongHai ; Watts Steven John, Generic SQL query agent.
상세보기
Botz Patrick Samuel ; Moskalik Thomas Michael ; Snyder Devon Daniel ; Woodbury Carol Jean, Generic user authentication for network computers.
상세보기
Curtis Bryce Allen, Method and apparatus for creating a secure connection between a java applet and a web server.
상세보기
Klaus Christopher W., Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication sy.
상세보기
Abraham Dalen M. ; Barnes Todd A. ; Bouche Paul F. ; Bougetz Thomas P. ; Gosselin Tracy A. ; Grieve Mark G. ; Langdon Brent A. ; Allison Robert C. ; Nikkel Michael S., Method and apparatus for managing internetwork and intranetwork activity.
상세보기
Rechef Eran,ILX ; Raanan Gil,ILX ; Solan Eilon,ILX, Method and system for maintaining restricted operating environments for application programs or operating systems.
상세보기
Reshef Eran,ILX ; Raanan Gil,ILX ; Solan Eilon,ILX, Method and system for protecting operations of trusted internal networks.
상세보기
Chiu Suet Mui ; Dockter Michael Jon ; Farber Joel Frank ; Pauser Michael Leon ; Richardt Randal James, Method for creating a hypertext language for a distributed computer network.
상세보기
Rogers Richard Michael (Beacon NY) Lagarde Konrad Charles (Milford CT), Method for fulfilling requests of a web browser.
상세보기
Crozier Keith (Acton MA), Method for mapping, translating, and dynamically reconciling data between disparate computer platforms.
상세보기
Todd ; Sr. Robert E. ; Glahe Aaron C. ; Pendleton Adam H., Method for network self security assessment.
상세보기
Bruno Richard Frank ; Katseff Howard Paul ; Markowitz Robert Edward ; Perea Carlos Alberto ; Robinson Bethany Scott ; Suresh Sethuraman ; Williams Hugh L., Network access to internet and stored multimedia services from a terminal supporting the H.320 protocol.
상세보기
Anderson Craig D. ; Anderson Mark B. ; Cookmeyer Eugene N. ; Daniels Ralph A. ; Wheat Lee E. ; Lingle Roger A., Protocol analyzer for monitoring digital transmission networks.
상세보기
Ross Jay B. (Pennington NJ), Protocol converter for a secure FAX transmission system.
상세보기
Autrey Kevin ; Gessel Robert J., Protocol interface gateway and method of connecting an emulator to a network.
상세보기
Mousseau Gary P. (Waterloo CAX) Lazaridis Mihal (Waterloo CAX) Little Herb A. (Waterloo CAX) Barnstijn Michael A. (Waterloo CAX), Remote control of gateway functions in a wireless data communication network.
상세보기
Jacobs Dwayne C. (Austin TX) Wangler James A. (Cedar Park TX), Remote password administration for a computer network among a plurality of nodes sending a password update message to al.
상세보기
Scarr James L. (Akron OH) Karolick Katherine (Brecksville OH) Reid Nacine M. (Parma Hights OH) Pressler Armin (Indianapolis IN) Bartkus Sandy J. (Midland MI), Script-based system for testing a multi-user computer system.
상세보기
Leshem Eran,ILX ; Weinberg Amir,ILX, Software system and associated methods for facilitating the analysis and management of web sites.
상세보기
Holden James M. (Valley Center CA) Levin Stephen E. (Poway CA) Wrench ; Jr. Edwin H. (San Diego CA), Support of limited write downs through trustworthy predictions in multilevel security of computer network communications.
상세보기
Brown Ross M. ; Greenberg Richard G., System and method for controlling access to data entities in a computer network.
상세보기
Kimura Nobuko,JPX ; Onodera Takashi,JPX ; Yokoshi Noriyuki,JPX, System and method for converting communication protocols.
상세보기
Paul Sunil, System and method for filtering unsolicited electronic mail messages using data matching and heuristic processing.
상세보기
Seitz Greg, System and method for optimal multiplexed message aggregation between client applications in client-server networks.
상세보기
Pepe David Mathew (Middletown NJ) Blitzer Lisa B. (Manalapan NJ) Brockman James Joseph (Perrineville NJ) Cruz William (Eatontown NJ) Hakim Dwight Omar (Matawan NJ) Hovey Richard Reid (Somerville NJ) , System and method for providing protocol translation and filtering to access the world wide web from wireless or low-ban.
상세보기
Wied William J. ; Loa Kanchei, System and method of communicating between trusted and untrusted computer systems.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
상세보기
Kiyohara Toshimi (Nara JPX) Yamaguchi Tomohisa (Ikoma JPX), System for accessing peripheral devices connected in network.
상세보기
Schneck Paul B. ; Abrams Marshall D., System for controlling access and distribution of digital property.
상세보기
Held Andrew G. (Kirkland WA) Jung Edward (Seattle WA) Zbikowski Mark (Woodinville WA), System for selectively setting a server node, evaluating to determine server node for executing server code, and downloa.
상세보기
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Okamoto Toshio,JPX ; Shimbo Atsushi,JPX ; Ishiyama Masahiro,JPX, User identification data management scheme for networking computer systems using wide area network.
상세보기
Stewart Gordon Gregory, Web server mechanism for processing function calls for dynamic data queries in a web page.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Method and system for extracting application protocol characteristics 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (45)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Method and system for extracting application protocol characteristics 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (45)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트