Abstract: A computer-implemented method includes generating two tensile circles based on a common circle created by overlapping two tensile spheres. An angle is determined using a modulo function and a predefined value. The angle is applied to both tensile circles. Next, multiplicands are determined for both tensile circles based on the angle applied to both tensile circles. The method then encrypts and/or decrypts data using a symmetric cryptography technique and the multiplicands.

Abstract: The disclosure is directed to garbage cleaning of cookies in a web browser. A computer-implemented process according to embodiments includes: determining a presence of a first cookie and a second cookie in the web browser, the first cookie and the second cookie representing a cleanliness status of the web browser; in response to determining that the first cookie and the second cookie are both present in the web browser, indicating a status of the web browser as clean and taking no further cleaning action; and in response to determining that only the first cookie is present in the web browser, indicating the status of the web browser as needs cleaning, and performing garbage collection of cookies in the web browser.

Abstract: Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: A cookie directive file may include an exclusion directive specifying sub domain names associated with the server specified in disjointed form. A hardware processor may request the cookie directive file from a server computer and store the cookie directive file locally with the hardware processor. Responsive to detecting a browser request to send to the server computer, the hardware processor may cull existing cookies based on cookie setting attributes associated with the existing cookies, and remove from the culled list of existing cookies to be sent with the browser request, a cookie that matches the exclusion directive.

Abstract: Systems and computer program products implement methods for detecting a man-in-the-middle (MITM) during HTTPS communications. The methods include establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: Various methods for detecting a man-in-the-middle (MITM) during HTTPS communications are disclosed including, in some aspects, establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: The disclosure is directed to garbage cleaning of cookies in a web browser. A computer-implemented process according to embodiments includes: determining a presence of a first cookie and a second cookie in the web browser, the first cookie and the second cookie representing a cleanliness status of the web browser; in response to determining that the first cookie and the second cookie are both present in the web browser, indicating a status of the web browser as clean and taking no further cleaning action; and in response to determining that only the first cookie is present in the web browser, indicating the status of the web browser as needs cleaning, and performing garbage collection of cookies in the web browser.

Abstract: A client including: a processor to implement a browser; a network interface; and a cookie manager to reduce transmission bandwidth, wherein prior to transmitting a request to a Uniform Resource Identifier (URI), the browser to use the cookie manager to access a list of cookies used by the URI to prepare a response and to remove from the request to the URI any cookies not on the list.

Abstract: The disclosure is directed to garbage cleaning of cookies in a web browser. A computer-implemented process according to embodiments includes: determining a presence of a first cookie and a second cookie in the web browser, the first cookie and the second cookie representing a cleanliness status of the web browser; in response to determining that the first cookie and the second cookie are both present in the web browser, indicating a status of the web browser as clean and taking no further cleaning action; and in response to determining that only the first cookie is present in the web browser, indicating the status of the web browser as needs cleaning, and performing garbage collection of cookies in the web browser.

Abstract: Various methods for detecting a man-in-the-middle (MITM) during HTTPS communications are disclosed including, in some aspects, establishing a TCP connection for the retrieval of a web page from a domain name using an alternate IP address that is different from the IP address of the target domain where receipt of the target web page in response to a HTTP GET message indicates that a MITM is present, using a domain name as the SNI in a TLS connection and an alternate domain name in a HTTP GET message where receipt of a target web page of the alternate domain name indicates that a MITM is present, and generating an alternate domain name using a domain generation algorithm and using the generated alternate domain name as the SNI in the TLS message where receipt of a certificate for the generated alternate domain name indicates that a MITM is present.

Abstract: A method for transferring session data includes receiving a hypertext transfer protocol (HTTP) request that includes user credential data from a client computer program; determining whether to apply a filter that includes data inclusion condition(s) or data exclusion condition(s) to data pertaining to a session between a first application and the client computer program; storing a data structure containing the user credential data in response to the client computer program not meeting the data inclusion condition(s) or the session meeting the data exclusion condition(s); transmitting an HTTP response that includes an identifier of the data structure and an identifier of a second computer program function, which utilizes the identifier of the data structure to retrieve data to authenticate the client computer program; and erasing the data structure from the memory to prevent replay attacks.

Abstract: A cookie directive file may include an exclusion directive specifying sub domain names associated with the server specified in disjointed form. A hardware processor may request the cookie directive file from a server computer and store the cookie directive file locally with the hardware processor. Responsive to detecting a browser request to send to the server computer, the hardware processor may cull existing cookies based on cookie setting attributes associated with the existing cookies, and remove from the culled list of existing cookies to be sent with the browser request, a cookie that matches the exclusion directive.

Abstract: The disclosure is directed to garbage cleaning of cookies in a web browser. A computer-implemented process according to embodiments includes: determining a presence of a first cookie and a second cookie in the web browser, the first cookie and the second cookie representing a cleanliness status of the web browser; in response to determining that the first cookie and the second cookie are both present in the web browser, indicating a status of the web browser as clean and taking no further cleaning action; and in response to determining that only the first cookie is present in the web browser, indicating the status of the web browser as needs cleaning, and performing garbage collection of cookies in the web browser.

Abstract: Embodiments for enforced registry of cookies in a tiered delivery network by at least a portion of a processor. Information of a cookie may be extracted at a reverse proxy providing access to an application server. Cookie registration rules provided to the registry by an application on the application server may be obtained such that the registry enables the reverse proxy to enforce compliance with the cookie registration rules for each cookie requesting access to the application. The extracted information of the cookie may be compared against the cookie registration rules provided to the registry by the application. The cookie may be suppressed from being relayed to the application upon determining the extracted information is non-compliant with the cookie registration rules.

Abstract: Embodiments for verifying trustworthiness of redirection targets in a tiered delivery computing network by at least a portion of a processor. A degree of trustworthiness for a uniform resource locator (URL) is determined by validating at least one attribute of the URL to establish a reputation score of the URL. The URL is classified, using the reputation score, into one of a plurality of classifications to indicate the degree of trustworthiness.

Abstract: Embodiments for enforced registry of cookies through a theme template in a computing network by at least a portion of a processor. A theme template associated with an application may be downloaded. Cookie registration information may be obtained from a registry such that the registry enables an enforcement proxy downloaded with the theme template to enforce compliance with the cookie registration information for each cookie requesting access to the application.

Abstract: A domain is identified from a communication address. The domain corresponds to a host name. Resource records associated with the host name are caused to be queried for a public key reference. The public key reference is received in response to the caused resource record query. A public key associated with the communication address is identified based on the public key reference.

Abstract: Embodiments for verifying trustworthiness of redirection targets in a tiered delivery computing network by at least a portion of a processor. A degree of trustworthiness for a uniform resource locator (URL) is determined by validating at least one attribute of the URL to establish a reputation score of the URL. The URL is classified, using the reputation score, into one of a plurality of classifications to indicate the degree of trustworthiness.

Abstract: Embodiments for enforced registry of cookies through a theme template in a computing network by at least a portion of a processor. A theme template associated with an application may be downloaded. Cookie registration information may be obtained from a registry such that the registry enables an enforcement proxy downloaded with the theme template to enforce compliance with the cookie registration information for each cookie requesting access to the application.

Abstract: Embodiments for enforced registry of cookies in a tiered delivery network by at least a portion of a processor. Information of a cookie may be extracted at a reverse proxy providing access to an application server. Cookie registration rules provided to the registry by an application on the application server may be obtained such that the registry enables the reverse proxy to enforce compliance with the cookie registration rules for each cookie requesting access to the application. The extracted information of the cookie may be compared against the cookie registration rules provided to the registry by the application. The cookie may be suppressed from being relayed to the application upon determining the extracted information is non-compliant with the cookie registration rules.