Elevated security execution mode for network-accessible devices
US-2024411878-A1 · Dec 12, 2024 · US
Render engine, and method of using the same, to verify data for access and/or publication via a computer system
US9501642B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9501642-B2 |
| Application number | US-201414280222-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 16, 2014 |
| Priority date | Jun 21, 2004 |
| Publication date | Nov 22, 2016 |
| Grant date | Nov 22, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method and system to verify active content at a server system include receiving, at the server system a communication (e.g., an e-mail message or e-commerce listing) that includes active content that is to be made accessible via the server system. At the server system, the active content is rendered to generate rendered active content. The rendered active content presents a representation of information and processes to which an end user will be subject. At the server system, the rendered active content is verified as not being malicious.
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: performing a first validation, based on a configuration of an active content security system associated with a hosting server, that active content does not create a security risk upon publication by the hosting server; publishing, by the hosting server as an online publication, the active content in response to validation that publication does not create a security risk; performing a second validation, subsequent to publishing the active content by the hosting server, of the active content to ensure that the active content continues not to create a security risk; and removing, using the hosting server, the active content based on, subsequent to initial publishing, the active content being found to create a security risk. 2. The method of claim 1 , wherein the first validation of the active content includes validating a mark-up language document. 3. The method of claim 1 , wherein the first validation of the active content includes validating executable code including determining that the executable code is not malicious. 4. The method of claim 1 , further comprising storing the active content in a database, and wherein the second validation of the active content includes extracting the active content from the database and setting a flag in the database associated with the active content based on the active content being free of malicious content. 5. The method of claim 4 , wherein publishing the active content includes extracting the active content from the database and checking the flag associated with the active content before publishing the active content as the online publication. 6. The method of claim 1 , wherein the first validation of the active content includes validating a link to a storage location included within the active content, and validating the link includes accessing external data referenced by the link and retrieving the external data to verify the external data is free of malicious content. 7. The method of claim 6 , wherein the second validation of the active content includes repeatedly re-downloading the external data to validate the external data remains free of malicious content after initial publication to the online publication. 8. The method of claim 1 , further comprising generating, in response to the first or second validation of the active content, a notification if the active content is found to contain a security risk. 9. A system comprising: a server including one or more processors and a network interface communicatively coupled to a network, the server hosting a publication system, the publication system including: an interface module to receive active content from a user over the network, the active content to be published by the publication system over the network; a verification module, executed on the one or more processors, to, verify, based on a configuration of verification module, that the active content does not create a security risk upon publication over the network, and perform a first validation of the active content after an initial publication to verify that the active content continues not to create a security risk, and subsequent to the initial publication, retrieve the active content at regular, predefined intervals to validate it remains free of malicious content; and a publication module, executed on the one or more processors, to publish, based on the active content being determined not to create a security risk, the active content. 10. The system of claim 9 , wherein the interface module receives a mark-up language document as at least a portion of the active content. 11. The system of claim 9 , wherein the interface module receives executable code as at least a portion of the active content; and wherein the verification module verifies that the executable code is not malicious. 12. The system of claim 9 , further comprising a database to store the active content, wherein the verification module extracts the active content from the database to validate after initial publication. 13. The system of claim 12 , wherein the publication module extracts the active content from the database to publish the active content over the network. 14. The system of claim 9 , wherein the interface module receives a reference to a storage location as at least a portion of the active content; and wherein the verification module accesses the reference to retrieve data referenced and to initially verify, or subsequent to initial publication validate, the data referenced does not create a security risk. 15. The system of claim 14 , wherein the storage location contains executable code to be retrieved and published as a portion of the active content. 16. The system of claim 15 , wherein the storage location is external to the server; and wherein the verification module communicates over the network to retrieve the executable code. 17. The system of claim 9 , further comprising a notification module to provide an automated notification in response to the verification module verifying or validating the active content. 18. A non-transitory machine-readable storage medium including instructions that, when executed by an online publication system, cause the online publication system to perform operations comprising: performing a first validation, based on a configuration of an active content security system associated with a hosting server within the online publication system, that active content does not create a security risk upon publication by the hosting server; publishing, by the hosting server as an online publication, the active content in response to validation that publication does not create a security risk; performing a second validation, subsequent to publishing the active content by the hosting server, of the active content to ensure that the active content continues not to create a security risk; and removing, using the hosting server, the active content based on, subsequent to initial publishing, the active content being found to create a security risk. 19. The machine-readable storage medium of claim 18 , wherein the instructions that cause the online publication system to perform the second validation of the active content further include instructions that verify that any links to external data within the active content do not link to malicious content. 20. The machine-readable storage medium of claim 18 , wherein the instructions that cause the online publication system to perform the second validation of the publication data repeatedly validates that any links to external data within the publication data do not link to malicious content.
Assignees
Inventors
Classifications
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
Time stamp · CPC title
Authenticating web pages, e.g. with suspicious links · CPC title
Protecting data · CPC title
at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9501642B2 cover?
- A method and system to verify active content at a server system include receiving, at the server system a communication (e.g., an e-mail message or e-commerce listing) that includes active content that is to be made accessible via the server system. At the server system, the active content is rendered to generate rendered active content. The rendered active content presents a representation of …
- Who is the assignee on this patent?
- Paypal Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/56. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 22 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).