CSRFToken defense system and method for CSRF attack

The invention provides a CSRFToken defense system and method for a CSRF attack. The CSRFToken defense system and method for the CSRF attack comprises an HTTP request information collection module, a user identity authentication module, a user authority authorization module, a Csrftoken-verify-list.x...

Full description

Saved in:
Bibliographic Details
Main Authors WANG SHUN, NIE CHANGHAI
Format Patent
LanguageChinese
English
Published 26.01.2018
Subjects
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:The invention provides a CSRFToken defense system and method for a CSRF attack. The CSRFToken defense system and method for the CSRF attack comprises an HTTP request information collection module, a user identity authentication module, a user authority authorization module, a Csrftoken-verify-list.xml module and a CSRFTokenManager module. A performance request of a user can be prevented, the CSRFattack can be effectively identified, the CSRF attack can be defended, and the effective protection can be achieved efficiently and rapidly. 本发明提出种CSRF攻击的CSRFToken防御系统和方法,种CSRF攻击的CSRFToken防御系统,包括有:HTTP请求信息收集模块,用户身份认证模块,用户权限授权模块,Csrftoken-verify-list.xml模块,CSRFTokenManager模块,能够阻止用户的执行请求,并能够有效识别CSRF攻击,并对CSRF攻击进行防御,更高效快速做到有效防护。
Bibliography:Application Number: CN201710974140