Security service for receiving sensitive information through nested iframes

• Main Authors: LAHOZ MARIA EUGENIA TORNOS, CHU-SUMIDA ANNA, KOOLAR NIKUNJ, RAMAKRISHNAN BINU, DUTTA SURAJIT, GUNDLAPALLI ADITI SINHA, DHARMAR VENKATESH, CHAN PETER
• Format: Patent
• Language: Chinese; English
• Published: 05.10.2016
• Subjects: CALCULATING; COMPUTING; COUNTING; ELECTRIC DIGITAL DATA PROCESSING; PHYSICS

Methods and systems for receiving sensitive information include receiving a request for entering sensitive information, the request received from a user interface rendered on a client device. The methods and systems rely upon nested iframes, each of which is hosted by a different server. An inner iframe is hosted by a server within a secure zone, such as a digital vault. A middle iframe is hosted within the secure zone and is invoked by an intermediate server. An outer iframe is hosted by a server that provides the user interface. The server that provides the user interface may be hosted by a cloud service provider, for example. Using the nested iframes and the network topology described in the present disclosure, users are able to exchange sensitive information with a server within the secure zone through a user interface provided outside the secure zone. 本公开涉及用于通过嵌套式内联框架接收敏感信息的安全服务。用于接收敏感信息的方法和系统包括接收用于输入敏感信息的请求，从用户界面接收到的请求在客户端设备上被渲染。该方法和系统取决于嵌套式内联框架，每个内联框架由不同的服务器托管。内部内联框架由安全区内的服务器(例如，数字电子仓库)托管。中级内联框架在安全区内被托