1. Field of the Invention
The present invention relates generally to software systems, and, more particularly, but not by way of limitation, to a method and system for providing security to a client computing system operating a browser in communication with a network, such as the Internet.
2. Background of the Invention
Software systems or applications, such as websites, include two aspects, one that is visible and one that is invisible. Visible aspects of a website includes a graphical user interface (GUI) and provides for an operator of the website to present information and/or services to users of the website. The invisible aspects of the website include an infrastructure for operating the website. The architecture of the website includes the components, such as a web server and a database, for enabling the graphical user interface to be functional for a user and operate on a system and/or network.
While the graphical user interface of the website is an important aspect of the website and provides the developer with a sense of accomplishment, the underlying architecture of the website is often the more difficult and time consuming part of the development to procure. In addition to the underlying architecture being more difficult to procure, developers of the website often find it challenging to adequately convey the technical aspects that are required in developing the underlying architecture to non-technical people, such as managers and customers.
One reason that software system developers have difficulty in adequately conveying underlying architecture development to non-technical people is that the website may be viewed as having two modes of operations, a static and a dynamic mode. The static mode of the website may include the content provided on the website, such as text, graphics, and data, and the dynamic mode may include operations that may be performed on the website, such as purchasing, computing, and searching. Each of these modes is very important to the full operation of the website from both a visual and functional aspect. However, in order to understand and appreciate the full operation of the website during concept, prototype, and deployment, both modes of the underlying architecture must be understood. Another reason for having difficulties in conveying the underlying architecture of the website to non-technical people may be due to having a complex underlying architecture that has different modes and utilizes different components (e.g., software and hardware) based on user website operating conditions.
To better understand the difference between website statics and dynamics, an analogy of a building may be considered. The building facade and floor plans may be considered part of the statics of the building, and the transient states, such as elevators, escalators, and temperature control systems may be considered part of the dynamics of the building. Applying the building analogy to a website, a model of the underlying architecture relates to blueprints of a building.
To reduce development time for website development, various software modeling languages have been developed. Such languages include the unified modeling language (UML), OMT, BOOCH, Rumbaugh, and Jacobson, for example. The unified modeling language, is generally considered to be a blueprint language by the software community.
While it is possible for the unified modeling language to provide a full understanding of the dynamics of the website, the actual code of the unified modeling language is often difficult to understand and provides little meaning to non-technical people. Additionally, there is no single standard architectural language throughout the software industry. Even though one website developer may understand one modeling language, such as the unified modeling language, other website developers may be accustomed to utilizing a different language for website development and modeling.
In general, development projects utilize graphical modeling tools to assist in the prototyping, modeling, testing, and monitoring phases of a development project. However, those developing websites may produce a graphical model or representation of the underlying architecture for the particular website being developed, but the graphical model oftentimes may be nothing more than a blueprint or static representation of the website. Furthermore, because the graphical representation is unique to the particular website being developed, the graphical representation is generally unusable for future development projects.
Another important issue arises in the security aspects of preventing an unauthorized user from gaining access to an intranet server when a user of the intranet server utilizes a browser on the Internet. As firewalls are universally utilized to prevent unwelcome and untrusted access to a secure intranet server, hosting an interactive software application on a host computer operating on the Internet for general access is problematic due to the interactive software application making requests of resources or relaying events to a client computer from the host computer. In other words, a client firewall classifies a response from the host computer as an untrusted request and blocks the response from penetrating the client firewall to get inside the client intranet.
One technique commonly utilized to avoid blocking desired requests from interactive software applications being hosted on a server computer is to configure the client firewall to allow the requests from the host computer to be accepted. This technique, however, becomes problematic and impractical as the interactive software application may be accessed by many client computers, and configuring each client firewall is time consuming and undesirable. Additionally, routing events from the client computer to the host computer and back to the client computer is undesirable from a performance standpoint.