-
公开(公告)号:US20160337320A1
公开(公告)日:2016-11-17
申请号:US14708925
申请日:2015-05-11
Applicant: salesforce.com, inc.
Inventor: Paul Anthony Mason , Harsimranjit Singh Chabbewal
CPC classification number: H04L63/0428 , G06F17/30887 , H04L63/0442 , H04L63/108 , H04L67/02
Abstract: Techniques are disclosed relating to protecting sensitive data in references to network resources. In some embodiments, a host system receives a request for a stored resource, where a first portion of the request is encrypted by a client device using a particular encryption technique and a second portion of the request is not encrypted using the particular encryption technique and where the first portion of the request includes a reference to the resource. In some embodiments, the host decrypts the reference to the resource and provides the resource to the requesting device based on the decrypted reference.
Abstract translation: 公开了关于在引用网络资源时保护敏感数据的技术。 在一些实施例中,主机系统接收对存储的资源的请求,其中请求的第一部分由客户端设备使用特定的加密技术加密,并且请求的第二部分不使用特定的加密技术进行加密,并且其中 请求的第一部分包括对资源的引用。 在一些实施例中,主机解密对资源的引用,并且基于解密的引用将资源提供给请求设备。
-
公开(公告)号:US10187403B2
公开(公告)日:2019-01-22
申请号:US14957490
申请日:2015-12-02
Applicant: salesforce.com, inc.
Inventor: Amalkrishnan Chemmany Gopalakrishnan , Angel Prado , Sun Hwan Kim , Omkar Ramesh Kulkarni , Harsimranjit Singh Chabbewal
IPC: H04L29/06
Abstract: A system detects a security attack through a network-based application. The system receives a runtime request for invocation of a function and dynamically determines if the request for invocation of the function is associated with a cross-site scripting attack. In response to determine the function is associated with a cross-site scripting attack, the system stores information associated with the request, which is used for determining if the request is a legitimate request or a cross-site scripting attack.
-
公开(公告)号:US09774572B2
公开(公告)日:2017-09-26
申请号:US14708925
申请日:2015-05-11
Applicant: salesforce.com, inc.
Inventor: Paul Anthony Mason , Harsimranjit Singh Chabbewal
CPC classification number: H04L63/0428 , G06F17/30887 , H04L63/0442 , H04L63/108 , H04L67/02
Abstract: Techniques are disclosed relating to protecting sensitive data in references to network resources. In some embodiments, a host system receives a request for a stored resource, where a first portion of the request is encrypted by a client device using a particular encryption technique and a second portion of the request is not encrypted using the particular encryption technique and where the first portion of the request includes a reference to the resource. In some embodiments, the host decrypts the reference to the resource and provides the resource to the requesting device based on the decrypted reference.
-
公开(公告)号:US20170163663A1
公开(公告)日:2017-06-08
申请号:US14957490
申请日:2015-12-02
Applicant: salesforce.com, inc.
Inventor: Amalkrishnan Chemmany Gopalakrishnan , Angel Prado , Sun Hwan Kim , Omkar Ramesh Kulkarni , Harsimranjit Singh Chabbewal
IPC: H04L29/06
CPC classification number: H04L63/1416 , H04L63/1483 , H04L67/02
Abstract: A system detects a security attack through a network-based application. The system receives a runtime request for invocation of a function and dynamically determines if the request for invocation of the function is associated with a cross-site scripting attack. In response to determine the function is associated with a cross-site scripting attack, the system stores information associated with the request, which is used for determining if the request is a legitimate request or a cross-site scripting attack.
-
-
-
Search Results
4
records
(took 0.014 seconds)
