Patent Number: 8,819,787

Title: Securing asynchronous client server transactions

Abstract: A method for securing asynchronous client server transactions is provided in the illustrative embodiments. A request including an application identifier and a version of a second application is received at a first application. A service identifier is generated if a session with the second application is valid. A registry is generated at the first application. A catalog is generated based on the registry and the service identifier and the catalog are sent to the second application. A sub-request including the service identifier is received as part of an asynchronous client server transaction. Validity of the sub-request is determined by determining whether the service identifier has expired, whether the sub-request requests a service that is permissible according to the catalog, whether the service identifier is used in conjunction with the second application, or a combination thereof. If the sub-request is valid, the service is provided.

Inventors: Bade; Steven A (Sharon Springs, NY), Moss; Harold (Danvers, MA), Zurko; Mary Ellen (Groton, MA)

Assignee: International Business Machines Corporation

International Classification: G06F 21/00 (20130101)

Expiration Date: 8/26/12018