Abstract: Method and system for centralized control of data transfers between a Web client and a Web application by receiving a response from the Web application. After determining an offending character is present, cloaking the response from the Web application to a request from a Web client, and sending the cloaked response to the Web client through a security product which otherwise rejects the offending character.

Abstract: Method and system for dynamically checking an access control list during the data transfers between a client web browser and a web server. The method and system allow checking of access control list by an application firewall, independent from the web application. The rules, upon which the checking is based, can be easily updated without affecting the web application.

Abstract: Mechanisms for external and distributed protection of Web application data against prying, tampering, and impersonation using cryptographic mechanisms are provided. The protection is offered opaquely so as to not expose the cryptographic mechanism to the Web application. Protection against prying prevents users from looking at data the Web application considers private. When protected against prying, protect data may be sent to the client but the user will not be able to understand it. Protection against tampering, guaranties the Web application that the data it is receiving originated from a trusted source, usually the Web application itself. A user session state stored client-side is a good candidate for tampering protection. Protection against impersonation ensures the Web application that the data it is receiving comes from a specific user.

Abstract: Method and system for dynamically checking an access control list during the data transfers between a client web browser and a web server. The method and system allow checking of access control list by an application firewall, independent from the web application. The rules, upon which the checking is based, can be easily updated without affecting the web application.

Abstract: Method for dynamically checking an access control list during the data transfers between a client web browser and a web server. The method allows checking of access control list by an application firewall, independent from the web application. The rules, upon which the checking is based, can be easily updated without affecting the web application.

Abstract: A system and method for permitting a user of a business intelligence reporting system to be authenticated against one or more logon IDs and concurrently using access rights associated with those logon IDs in a terminal session. The user in a single terminal session is allowed to access the system with one of the logon IDs, a first logon ID, which gives that user access rights to data sources (or authorities) related to the first logon ID. The user may then add or remove further access rights by logging on or off with subsequent logon IDs. Each subsequent logon ID gives that user additional access rights to data sources related to the subsequent logon IDs. No attempt is made to reduce the number or change the nature of these logon IDs.

Abstract: Method and system for centralized control of data transfers between a Web client and a Web application by receiving a response from the Web application. After determining an offending character is present, cloaking the response from the Web application to a request from a Web client, and sending the cloaked response to the Web client through a security product which otherwise rejects the offending character.

Abstract: A method and a system for external and distributed protection of Web application data against prying, tempering, and impersonation using cryptographic mechanisms. The protection is offered opaquely so as to not expose the cryptographic mechanism to the Web application. Protection against prying prevents users from looking at data the Web application considers private. When protected against prying, protect data may be sent to the client but the user will not be able to understand it. Protection against tempering, guaranties the Web application that the data it is receiving originated from a trusted source, usually the Web application itself. A user session state stored client-side is a good candidate for tempering protection. Protection against impersonation ensures the Web application that the data it is receiving comes from a specific user.

Abstract: Method and system for dynamically checking an access control list during the data transfers between a client web browser and a web server. The method and system allow checking of access control list by an application firewall, independent from the web application. The rules, upon which the checking is based, can be easily updated without affecting the web application.

Abstract: A system and method for permitting a user of a business intelligence reporting system to be authenticated against one or more logon IDs and concurrently using access rights associated with those logon IDs in a terminal session. The user in a single terminal session is allowed to access the system with one of the logon IDs, a first logon ID, which gives that user access rights to data sources (or authorities) related to the first logon ID. The user may then add or remove further access rights by logging on or off with subsequent logon IDs. Each subsequent logon ID gives that user additional access rights to data sources related to the subsequent logon IDs. No attempt is made to reduce the number or change the nature of these logon IDs.