Analyzing security of applications
US-9652617-B1 · May 16, 2017 · US
Web application security access method, server, and client
US9830454B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9830454-B2 |
| Application number | US-201414898995-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 17, 2014 |
| Priority date | Jun 27, 2013 |
| Publication date | Nov 28, 2017 |
| Grant date | Nov 28, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A web application security access method, including periodically detecting, by an application store server, if the locally stored source code is inconsistent with the source code that is corresponding to the web application and that is in the web server, adding an exception identifier to a version parameter stored on the application store server; receiving, by the application store server, an access request that is for accessing the web application and that is sent by a user by using a client, where the access request includes a user version parameter of source code corresponding to the web application installed on the client; and if detecting that the exception identifier exists in the version parameter, returning, by the application store server to the client, prompt information used to indicate to the user that there is a security risk in accessing the web application.
First claim
Opening claim text (preview).
What is claimed is: 1. An application store server for web application security access, comprising: a memory comprising instructions; and a processor coupled to the memory, wherein the instructions cause the processor to be configured to: periodically detect whether a first source code of a web application in the application store server is consistent with a second source code of the web application in a web server; add an exception identifier to a version parameter of the first source code stored-on the application store server when the first source code is inconsistent with the second source code; receive an access request for accessing the web application from a client, wherein the access request comprises a user version parameter for third source code for the web application installed on the client; transmit prompt information to the client indicating a security risk in accessing the web application when detecting the exception identifier in the version parameter of the first source code and associated with the user version parameter; send, to the client, a push message indicating that the second source code has changed, and in response, receiving from the client an operation instruction; and execute the operation instruction on the web application, wherein the operation instruction causing to modify a second network address of the second source code to a first network address of the first source code stored on the application store server, thereby switching a network address of the web application to a secure version of the web application in the application store server. 2. The application store server according to claim 1 , wherein the instructions further cause the processor to be configured to: store approved source code of the web application that is approved as the first source code; and initialize the version parameter of the first source code on the application store server. 3. The application store server according to claim 1 , wherein the instructions further cause the processor to be configured to: separately obtain, through calculation according to a preset hash algorithm, a first hash value corresponding to the first source code and a second hash value corresponding to the second source; and determine, by means of comparison, whether the first hash value is equal to the second hash value; and determine that the first source code is inconsistent with the second source code when the first hash value is not equal to the second hash value. 4. The application store server according to claim 1 , wherein the instructions further cause the processor to be configured to push, to the client, a push message indicating that the second source code displayed on the client has changed, wherein the push message comprises the operation instruction for confirmation by the client. 5. A web application security access method, comprising: storing, by an application store server, approved source code of a web application as a first source code; periodically detecting, by the application store server, whether the first source code of the web application in the application store server is consistent with a second source code of the web application in a web server; adding an exception identifier to a version parameter of the first source code stored on the application store server when the first source code is inconsistent with the second source code; receiving, by the application store server, an access request for accessing the web application from a client, wherein the access request comprises a user version parameter for a third source code of the web application installed on the client; and transmitting, by the application store server, prompt information to the client indicating a security risk in accessing the web application when detecting the exception identifier in the version parameter of the first source code on the application store server and associated with the user version parameter; sending, by the application store server to the client, a push message indicating that the second source code has changed and, in response, receiving, by the application store server, an operation instruction from the client; and executing, by the application store server, the operation instruction causing to modify a second network address of the second source code to a first network address of the first source code stored on the application store server thereby switching a network address of the web application to a secure version of the web application in the application store server. 6. The web application security access method according to claim 5 , wherein the prompt information comprises information that indicates whether to continue to access the web application. 7. The web application security access method according to claim 5 , wherein the prompt information comprises changed content of the web application. 8. The web application security access method according to claim 5 , further comprising: initializing, on the application store server, the version parameter of the stored first source code. 9. The web application security access method according to claim 5 , wherein periodically detecting, by the application store server, whether the first source code is consistent with the second source code comprises: separately obtaining, through calculation according to a preset hash algorithm, a first hash value corresponding to the first source code and a second hash value corresponding to the second source code; and determining, by means of comparison, whether the first hash value is equal to the second hash value; and determining that the first source code is inconsistent with the second source code when the first hash value is not equal to the second hash value. 10. The web application security access method according to claim 5 , comprising, forwarding, by the application store server, the access request to the web server and receiving a response from the web server that subsequent access to the web application is allowed. 11. The web application security access method according to claim 5 , comprising, responding, by the application store server, to the access request using the first source code corresponding to the web application on the application store server. 12. The web application security access method according to claim 5 , further comprising: periodically performing, by the application store server, virus detection on the second source code of the web application; and prohibiting the client from accessing the web application in the web server when a virus is detected.
Assignees
Inventors
Classifications
the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms · CPC title
Vulnerability analysis · CPC title
using a third party · CPC title
- G06F21/563Primary
by source code analysis · CPC title
Electricity · mapped topic
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9830454B2 cover?
- A web application security access method, including periodically detecting, by an application store server, if the locally stored source code is inconsistent with the source code that is corresponding to the web application and that is in the web server, adding an exception identifier to a version parameter stored on the application store server; receiving, by the application store server, an a…
- Who is the assignee on this patent?
- Huawei Device Co Ltd, Huawei Device (Dongguan) Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification G06F21/563. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Nov 28 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).