| CPC G06F 21/577 (2013.01) [G06F 21/51 (2013.01); G06F 21/602 (2013.01); G06F 21/64 (2013.01); G06F 2221/033 (2013.01); G06F 2221/2119 (2013.01)] | 19 Claims |
|
1. A computer-implemented method comprising:
obtaining, by a browser of a client device, an electronic resource comprising code for a web application;
rendering, by the browser, the electronic resource, including processing the code of the web application, wherein the code causes the browser to initiate a request to a remote server;
in response to processing the code:
generating the request;
modifying the request to include at least a portion of an integrity element for the web application; and
sending the modified request to the remote server;
receiving, from the remote server, a response to the request based on the remote server verifying that the web application is trustworthy using the integrity element; and
displaying data based on the response,
wherein the integrity element comprises a signed approval element comprising a set of integrity data and a digital signature generated based on the set of integrity data, wherein the set of integrity data comprises:
a trusted cryptographic hash calculated using a cryptographic hash function and trusted code of the web application;
an identity of a trusted signer; and
a timestamp indicating a time at which the digital signature is generated,
wherein the portion of the integrity element comprises the set of integrity data and the digital signature.
|