Data processing: software development – installation – and managem – Software program development tool
Reexamination Certificate
1999-01-15
2003-10-07
Courtenay III, St. John (Department: 2126)
Data processing: software development, installation, and managem
Software program development tool
C709S241000, C707S793000
Reexamination Certificate
active
06631512
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to database access over the Internet and, more particularly, to Web page development, deployment, and execution conducive to database access and manipulation over the Internet.
BACKGROUND OF THE INVENTION
The World Wide Web, commonly referred to as the “Web,” has become a valuable Internet resource for business, scientific, and personal research and promotion. Individuals and businesses alike create and post Web pages containing all types of information. The files defining such Web pages are typically stored on a “server” computer which is accessible to “client” computers via the Internet or some other network. Once associated with a server, a Web page can be accessed and viewed on a client computer using commercially-available Web browsers, such as Netscape Navigator and Microsoft Explorer.
As the Web has become more popular, Web pages have become more complex and businesses have asked Web page developers to provide more and more information display capabilities. One such capability, which has become a highly-desirable Web application, is the capability to remotely access and manipulate data. For example, a company may want its sales personnel to have Internet access to the company's databases while those sales personnel are in the field. As is described in detail below, prior art systems struggle with Internet database applications, specifically in the areas of efficiency, security, state management, and data “briefcasing.”
As used herein, a “database” refers to a collection of information organized in tables and stored on a server computer or accessible to a server computer via a database manager. A “table” refers to a collection of data which organizes similar things together. For example, in a company database, one table might keep track of employee information and another table might keep track of sales activities. Every table contains columns and rows. For the purposes of this description, a column defines what type of information is gathered (e.g., name, hire date, salary) and a row stores that information (e.g., a row exists for each salesperson). A row of data is also referred to herein as a “record,” and a column of data is referred to herein as a “field.” A “relational database” is a database having multiple tables whose records are linked together by keys.
Early in the Web's history, the HyperText Markup Language, commonly referred to as “HTML,” was developed. HTML is a language that describes a Web page, and it is interpretable by virtually all commercially-available Web browsers.
One disadvantage to using an HTML document for database access applications is that HTML document based access is very inefficient. If an HTML document is being used to display information from a database lookup, then each time the user requests a different set of data, the server must invoke a “Common Gateway Interface” or “CGI” script which interacts with the database manager to obtain the data. Then the server must send all information on the page to the browser. Even though the information in only a single field is different (i.e., the field containing the new set of data), all static and unmodified page information must also be downloaded. This HTML limitation leads to slow and inefficient database access. In addition, the CGI scripts add a layer of processing between the server and the database, thus adding a level of inefficiency to the system.
Another problem with using pure HTML documents for database applications springs from the interactive nature of such applications. Database access is considered an interactive Web application because it often requires a client computer to interchange many messages with a server. This is particularly true when a user wants to access, via a Web page, a large number of records within a database table.
HTML was developed primarily as a language to enable text displays, and it is not well-suited to interactive applications, including database access and manipulation applications. Therefore, many Web pages, including database-oriented Web pages, have added Java, JavaScript, and ActiveX controls to their HTML documents in order to provide better interactive capabilities. Unfortunately, however, the use of Java, JavaScript, and Active X controls pose serious security problems to the integrity of computers and computer networks.
Java is a programming language which is specially adapted to support the development of Internet applications. Java enables an application designer to transport objects across the Internet, hence enabling database access. During an interactive session with a Web page, Java, JavaScript, and Active X operate similarly. In the interests of brevity, only Java is discussed, although the security problems pertaining to Java exist also with JavaScript and ActiveX.
A Java “applet” is a Java program specifically designed for incorporation by an HTML document. Rather than including the actual applet code within an HTML document, “canned” applet code is often downloaded from somewhere else on the Web and then executed on the client machine. Such an applet is referred to generically as a “downloaded executable.” In order to download an applet, an HTML document would include, among other things, the Uniform Resource Locator, or “URL,” identifying the location of the applet on the Web. For example, an HTML document could invoke an applet called “Clock” stored at http://java.sun.com/openstudio/index.html. During operation of a Web page which invokes that applet, compiled “Clock” applet code is downloaded from “java.sun.com” to the client machine. The client's browser then executes the applet on the client machine.
One enormous problem which faces Web page users is the security risks created by allowing downloaded executables to be run on the client machine. The Java applet is a major culprit, although similar security problems exist with JavaScript and ActiveX. Java applets, which can be downloaded from anywhere, may include “malicious” code. Upon execution of the downloaded applet, such applet could, for example, perform unauthorized file operations on the client machine.
Several solutions have been developed to deal with the threat of the malicious Java applet, but none have yet proved to be efficient and foolproof. For example, Finjan Software has developed the “SurfinShield Xtra” tool which, when a browser attempts to download an applet or control, scans the item in a fashion similar to an antivirus program. Unfortunately, many Web pages include numerous applets, and the scanning operation can substantially increase the time necessary to download and display a page. In addition, any antivirus-type tool is only as good as the level of ingenuity of the malicious-code creators at the time the antivirus tool is released. Therefore, it is likely that a user would need to update its antivirus-type software on a regular basis.
Microsoft recently released a similar antivirus-like solution called “Dynamic HTML,” or “DHTML,” which is intended to replace ActiveX. DHTML is more secure than ActiveX because it is interpreted by the browser, which can override the code and prevent system violations. However, as with HTML, DHTML requires a server to dynamically create a Web page each time an update to the page is requested. For example, if a user interacting with a DHTML-generated page requests a new piece of data in a single field within the page, a CGI script would be invoked at the server to regenerate the entire page, even though only one piece of data changed. Thus, DHTML may reduce some security risks, but it requires developers to create server-side CGI scripts, and DHTML also has efficiency problems when used in database applications.
Besides the security risks associated with using downloaded executables within an HTML document, another challenge to providing interactive database access is that the nature of Web communications makes state management difficult. “State management” refers to the maintenance of information which describes the particular state that a p
Courtenay III St. John
Goltry Michael W.
Parsons Robert A.
Parsons & Goltry
LandOfFree
Method and system for database-driven, scalable web page... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for database-driven, scalable web page..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for database-driven, scalable web page... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3163581