Search

US-12627641-B2 - System and method for securing messages

US12627641B2US 12627641 B2US12627641 B2US 12627641B2US-12627641-B2

Abstract

A secure method for opening network communication link/address (URL), at computer device, including identifying initiation for opening network communication link by designated browsing application, wherein the designated browsing application is configured only for presenting content of website addressed by the communication link using limited HTML code not including commands which includes at least one of: script language codes or CSS (cascading style); creating or extracting image or text of webpage associated with network communication link and presenting user with image and/or text.

Inventors

  • Danny Kalish

Assignees

  • Kalibro Technologies Ltd.

Dates

Publication Date
20260512
Application Date
20211210

Claims (18)

  1. 1 . A secure method for opening network communication link/address (URL), at computer device, said method implemented by one or more processors operatively coupled to a non-transitory computer readable storage device, on which are stored modules of instruction code that when executed cause the one or more processors to perform: identifying initiation for opening network communication link, by designated browsing application, wherein the designated browsing application is configured only for reading and presenting content of website addressed by the communication link reading only limited HTML code, said content including only content objects of text, image, audio and video, excluding commands including script language codes or CSS (cascading style); reading by the designated browsing application from the original HTML code only limited HTML code including only basic HTML code including only script of pre-defined commands for displaying image and text and audio and video from the webpage associated with network communication link and presenting a user with the created limited HTML; and presenting to the user the video and audio as appears in the webpage.
  2. 2 . The method of claim 1 wherein in case of unknown communication link checking technical properties of communication link address and technical properties of the web site/page the commination link is addressing, estimating risk factor for the communication link, wherein in case the risk is above predefined value blocking said link.
  3. 3 . The method of claim 1 further comprising the steps of checking URL by using white/black list, wherein in case of black list block access, in case of white list enable access using default browser.
  4. 4 . The method of claim 1 further comprising the steps of downloading content of a designated website of requested hyperlink by safe browser.
  5. 5 . The method of claim 1 further comprising the steps of downloading content of a designated website of requested hyperlink at secure server and checking content of the designated website, creating image or text of at least the first page of the designated website sending to the mobile device and at secure state using secure browser enabling user to view text or image of designated website, enabling uploading of the designated website at a default browser upon request.
  6. 6 . The method of claim 1 further comprising the steps of: enabling the user to click on image or text simulating hyperlink of the web site identifying click relative image location on the image, identifying click position on the image to identify the corresponding hyperlink and executing identified clicked hyperlink in default browser and retrieving corresponding web page elements to the mobile device.
  7. 7 . The method of claim 1 wherein checking technical characteristics of the web site include at least one of geo location of servers, owner ID hosting server site, and IP address characteristics.
  8. 8 . The method of claim 1 further comprising the steps of checking website script for malicious code.
  9. 9 . The secure method of claim 1 , wherein in case link is not whitelist or black list open link in secure server, otherwise open link at default browser, wherein the secure webserver performs analysis of technical properties of communication link address and technical properties of the web site/page the commination link is addressing.
  10. 10 . A secure system for opening network communication link/address (URL), comprising a computer device implemented by one or more processors operatively coupled to a non-transitory computer readable storage device, which causes a module to perform: a designated browsing application configured for identifying initiation for opening network communication link, wherein the designated browsing application is configured only for reading and presenting the user with image/digital object having no active code, reading by the designated browsing application from the original HTML code only limited HTML including only basic HTML code including only script of pre-defined commands for displaying only image and text and audio and video from a webpage associated with the network communication link and not including script language codes or CSS (cascading style), and presenting to the user the video and audio as appears in the webpage.
  11. 11 . The system of claim 10 wherein in case of unknown communication link checking technical properties of communication link address and technical properties of the web site/page the commination link is addressing, estimating risk factor for the communication link, wherein in case the risk is above predefined value blocking said link.
  12. 12 . The system of claim 10 wherein the designated browsing application further checks the URL using white/black list and analyzing name of URL.
  13. 13 . The system of claim 10 wherein the designated browsing application further perform downloading content of a designated website of requested hyperlink by safe browser.
  14. 14 . The system of claim 10 wherein the designated browsing application further perform downloading content of a designated website of requested hyperlink at secure server and checking content of the designated website of requested hyperlink.
  15. 15 . The system of claim 10 wherein checking technical characteristics of the web site include at least one of geo location, of servers, owner ID, hosting server site, name, IP address characteristics, structure of web page.
  16. 16 . The system of claim 10 wherein the designated browsing application further checks website script for malicious code, which enables access to phone memory.
  17. 17 . The system of claim 10 wherein the designated browsing application further estimates hyper link risk factor based on analysis of link technical characteristics, wherein in case of risk factor above predefined threshold uploading website using default browser, otherwise open website in secure browser.
  18. 18 . The secure system of claim 10 wherein in case link is not a whitelist, open link in secure server, otherwise open link at default browser, wherein the secure webserver performs analysis of technical properties of communication link address and technical properties of the web site/page the commination link is addressing.

Description

FIELD OF THE INVENTION The present invention relates generally to security of electronic message. BACKGROUND The known art discloses different methods which provide solution for evaluating the risk of hyperlinks, by analyzing different parameters related with network communication links. Other prior art disclose browser having safe mode which restrict user from using different functions, such as the following applications and patents: EP2532136B, US2017070509 U.S. Pat. Nos. 8,869,271, 930,068, 9,300,686, 8,521,667, US20140380472, GB2550657A, or US2018084002. U.S. Pat. No. 9,055,048 disclose a method for interacting with a user, comprising communicating with at least one cooperative server through a normal browser, automatically receiving encrypted data having an associated received type code indicative of a requirement for a secure browser having restricted functionality with respect to a functionality of the normal browser; selectively and automatically invoking the secure browser for handling of the received encrypted data based on the received type code associated with the received encrypted data; receiving the encrypted data with the invoked secure browser for handling thereof, wherein the received encrypted data is not available for use by the user in the normal browser and the invoked secure browser imposes restrictions on availability outside of the secure browser of decrypted data derived from the encrypted data; and communicating an input from the user, through the secure browser, to the at least one cooperative server. The secure web browser prevents use of one or more of the following functions: save, copy, and navigate to unrestricted documents. EP application No. 2975534, disclose a method for securely accessing web pages, the method comprises: transmitting from a client browser a request for retrieving a web page; receiving the request from the client browser by a server browser; gathering, by the server browser, a source code and one or more embedded objects of the requested web page, wherein the one or more embedded objects are gathered only if the web page comprises at least one or more embedded objects; rendering, by the server browser, the source code of the web page and generating a DOM, document object model, tree for creating a first visual representation of the web page, wherein the first visual representation comprises the DOM tree and said embedded objects; and transmitting said DOM tree and said embedded objects of the web page from the server browser to the client browser, so that the client browser is able to create a second visual representation of the webpage, wherein the second visual representation is substantially the same as the first visual representation US application No. 2017070509, disclose a system for providing secure browsing via a transparent network proxy is disclosed. The system may receive, from a client, a request to access a resource. The request may include an identifier that may be utilized to locate the resource. Once the request is received, the system may determine if the resource is not trusted, such as if the identifier is determined to be unknown or suspicious. If the resource is determined to not be trusted by the system, the system may forward the request to a virtual machine manager that may select a browser virtual machine from a pool of browser virtual machines. After the browser virtual machine is selected, the browser virtual machine may stream a rendering of the resource to the client based on the request. The rendering of the resource may be provided in lieu of the actual resource. US application No. US2011191849, disclose A method in one example implementation includes sending a first request to a first network address on a first server and determining whether the first network address has been redirected on the server to a second network address. The method further includes searching a memory element for a predetermined risk rating associated with the second network address if the first network address has been redirected to the second network address. The method also includes providing a risk response to a client if a predetermined risk rating is found. In more specific embodiments, the risk response includes sending an alert to the client or blocking the client from accessing the second network address if the predetermined risk rating indicates the second network address is malicious. US application No. US2015007312, disclose in response to receiving a plurality of uniform resource locator (URL) links for malicious determination, any known URL links are removed from the URL links based on a list of known link signatures. For each of remaining URL links that are unknown, a link analysis is performed on the URL link based on link heuristics to determine whether the URL link is suspicious. For each of the suspicious URL links, a dynamic analysis is performed on a resource of the suspicious URL link. It is classified whether the suspicious URL