ENHANCING SECURITY OF SENSITIVE DATA IN HTTP/2 AND HTTP/3 CONNECTIONS

Organization Name

International Business Machines Corporation

Inventor(s)

Leonid Rodniansky of Allston MA (US)

Tania Butovsky of Needham MA (US)

Mikhail Shpak of New York NY (US)

ENHANCING SECURITY OF SENSITIVE DATA IN HTTP/2 AND HTTP/3 CONNECTIONS - A simplified explanation of the abstract

This abstract first appeared for US patent application 17963379 titled 'ENHANCING SECURITY OF SENSITIVE DATA IN HTTP/2 AND HTTP/3 CONNECTIONS

Simplified Explanation

The patent application describes a method for processing HTTP requests and responses, specifically focusing on version 2 requests. When an HTTP settings request is detected, a protected dynamic dictionary is allocated in a protected memory area, and an application dynamic dictionary in the server is prevented. When an HTTP header request is detected, the fields of the header are decompressed into the protected dynamic dictionary, the request is updated based on the dictionary content, and then sent to the server.

• HTTP requests and responses processing method:

   - Focuses on version 2 requests
   - Allocates protected dynamic dictionary in memory
   - Prevents allocation of application dynamic dictionary
   - Decompresses header fields into protected dictionary
   - Updates header request based on dictionary content

Potential Applications

This technology could be applied in web servers, security solutions, and network infrastructure to enhance the processing of HTTP requests and responses.

Problems Solved

- Efficient processing of HTTP requests and responses - Enhanced security measures for protecting dynamic dictionaries - Prevention of unauthorized access to application space in servers

Benefits

- Improved performance and speed in handling HTTP traffic - Enhanced security and protection against potential threats - Streamlined management of dynamic dictionaries in server environments

Potential Commercial Applications

Optimizing web server performance, enhancing cybersecurity solutions, and improving network infrastructure efficiency could be potential commercial applications for this technology.

Possible Prior Art

One possible prior art could be the use of dynamic dictionaries in network protocols for data compression and decompression processes.

Unanswered Questions

How does this technology compare to existing HTTP processing methods?

This article does not provide a direct comparison with existing HTTP processing methods, leaving the reader to wonder about the specific advantages and differences this technology offers.

What are the potential limitations or challenges in implementing this technology in real-world scenarios?

The article does not address any potential limitations or challenges that may arise when implementing this technology, leaving room for uncertainty regarding its practical application and scalability.

Original Abstract Submitted

An approach is disclosed for processing one or more HTTP requests and responses, by a protection solution, where a version of the plurality of HTTP requests and responses is at least version 2. When an HTTP settings request is detected in the one or more HTTP requests, by the protection solution, a protected dynamic dictionary is allocated in a protected memory area and an allocation of an application dynamic dictionary in application space in an HTTP server is prevented. When an HTTP header request is detected in the one or more HTTP requests, fields of the HTTP header are decompressed into the protected dynamic dictionary, the HTTP header request is updated to form an updated header request based on content in the protected dynamic dictionary, and the updated header request is sent to the HTTP server.