Information security – Prevention of unauthorized use of data including prevention...
Reexamination Certificate
2006-06-06
2006-06-06
Sheikh, Ayaz (Department: 2131)
Information security
Prevention of unauthorized use of data including prevention...
C726S025000, C726S004000, C726S005000, C726S006000, C726S022000, C726S024000, C726S030000, C713S165000, C713S187000, C709S216000, C709S225000, C707S793000, C707S793000, C707S793000, C705S026640
Reexamination Certificate
active
07058978
ABSTRACT:
A security component determines whether a request for a resource poses a security risk to a computing device and verifies the integrity of the requested resource before the request is allowed. For a request having arguments and a resource path with a filename that identifies the resource, the security component determines that the request does not pose a security risk if the resource path does not exceed a maximum number of characters, individual arguments do not exceed a maximum number of characters, the arguments combined do not exceed a maximum number of characters, and the filename has a valid extension. The security component verifies the integrity of a requested resource by formulating a descriptor corresponding to the resource and comparing the descriptor with a cached descriptor corresponding to the resource.
REFERENCES:
patent: 5359659 (1994-10-01), Rosenthal
patent: 6415280 (2002-07-01), Farber et al.
patent: 2002/0004917 (2002-01-01), Malcolm et al.
patent: 2002/0083178 (2002-06-01), Brothers
patent: 2002/0103712 (2002-08-01), Rollins et al.
Brothers (U.S. Appl. No. 60/224,907 “System and Method for the Management of Secure Content on an HTTP Distribution Infrastructure”, Aug. 11, 2000).
E. Smith, Dr., “Sidewinder: Defense in Depth using Type Enforcement”, International Journal of Network Management pp. 219-229 (Jul.-Aug. 1995).
E. Smith, “Mandatory Protection for Internet Server Software”, IEEE Computer Security Applications Conference pp. 178-184 (Dec. 1996).
M. Curtin, “On Guard Fortifying Your Site Against Attack”, www.webtechniques.com pp. 46-50 (Apr. 2000).
D. Bruschi et al., “A Tool for Pro-Active Defense Against the Buffer Overrun Attack”, ESORICS (Computer Security) pp. 17-31 (Sep. 1998).
K. Juszczyszyn, “Domain and Type Enforcement Access Control Model in Firewall Systems”, Information Systems Architecture and Technology (ISAT) (1998).
Feuerstein Yehuda
Pfost Jared E.
Purpura Stephen J.
Chai Longbit
Lee & Hayes PLLC
Microsoft Corporation
Sheikh Ayaz
LandOfFree
Security component for a computing device does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Security component for a computing device, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Security component for a computing device will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3708950