As the use of computers and other terminal equipment today broadens in scope, the security of source data stored at client devices or transmitted among client devices becomes an increasingly important issue. The failure to implement source data protection or the adoption of inadequate protection measures has resulted in forgery, falsification, replacement, loss, and/or leakage of source data in the process of users using email, web browsers, and other software applications to transmit, exchange, and/or store this source data. Source data includes computer code, for example.
For example, JavaScript, a scripting language widely used by client devices in web development, is often used to add dynamic functions to a web page. The use of JavaScript has enabled real-time, dynamic, interactive relationships between web pages and users. However, because JavaScript source code (e.g., source data) is commonly presented to client devices in cleartext format, important data collected using JavaScript may be at risk of forgery, falsification, and replacement by malicious users and/or programs running at the client devices. Sensitive source data or valuable information that is present in the cleartext can be obtained easily within the client device and such information can be used to perform illegal operations at the client device.
In conventional systems, to increase the security of using source data at a client device, source data is obfuscated on the server side and sensitive data collected on the client side for transmission to the server becomes encrypted. However, the majority of conventional systems employ fixed encryption techniques, fixed encryption keys, and fixed obfuscation parameters. However, once such static techniques of obfuscating and encrypting are deciphered by malicious users or programs, data is very easily forged and falsified, which presents a direct threat to the security of the source data.