Abstract: Systems and methods for web application firewall tunneling are disclosed. In one embodiment, the method may include (1) receiving a plurality of characters entered by a user into a field of a HTML page that is executed in a client runtime environment of a client device; (2) executing a client tunneling application to encode at least some of the characters; (3) passing the plurality of characters through the web application firewall; (4) executing a server tunneling application to decode the encoded characters; and (5) providing the plurality of characters, including the decoded characters, to a host application. Parts of the method may be performed by at least one computer processor.

Abstract: Systems and methods for web application firewall tunneling are disclosed. In one embodiment, the method may include (1) receiving a plurality of characters entered by a user into a field of a HTML page that is executed in a client runtime environment of a client device; (2) executing a client tunneling application to encode at least some of the characters; (3) passing the plurality of characters through the web application firewall; (4) executing a server tunneling application to decode the encoded characters; and (5) providing the plurality of characters, including the decoded characters, to a host application. Parts of the method may be performed by at least one computer processor.

Abstract: A technique for providing message authenticity includes accepting transaction information, accepting a first data item used for authenticating an originating user, cryptographically processing the transaction information using only a second data item, wherein the entropy of the first data item is less than the entropy of the second data item, and authenticating the originating user using the first data item. The first data item can be a sequence of digits corresponding to those displayed on an external device, such as, for example, an RSA authorization token, credit card, etc.

Abstract: A technique for providing message authenticity includes accepting transaction information, accepting a first data item used for authenticating an originating user, cryptographically processing the transaction information using only a second data item, wherein the entropy of the first data item is less than the entropy of the second data item, and authenticating the originating user using the first data item. The first data item can be a sequence of digits corresponding to those displayed on an external device, such as, for example, an RSA authorization token, credit card, etc.

Abstract: A technique for providing message authenticity includes accepting transaction information, accepting a first data item used for authenticating an originating user, cryptographically processing the transaction information using only a second data item, wherein the entropy of the first data item is less than the entropy of the second data item, and authenticating the originating user using the first data item. The first data item can be a sequence of digits corresponding to those displayed on an external device, such as, for example, an RSA authorization token, credit card, etc. In general, the first data item will be a short alphanumeric string and the second data item will generally be much larger, e.g., a 128 bit sequence to be used principally for data authentication. According to another aspect of the present invention, consequential evidence of the transaction may be secured to provide after-the-fact evidence of the transaction.