This invention relates to methods and apparatus for sending electronic data signals. The invention is concerned with the sending of such signals over an open communications network comprising one or more server stations and a plurality of client stations. The Internet is such a network, comprising as it does many thousands of server stations and millions of client stations which use the world-wide public telecommunication network to communicate with each other. However the invention is not limited to the Internet and has application in more limited open networks such as many forms of intra-office network.
In the case of the Internet, one very widely used system for providing data is the World Wide Web (often abbreviated to WWW or more colloquially "The Web"). In The Web a server station or "site" may provide a series of screens or "pages" of information which the client requests in sequence by sending the appropriate request signals over the Internet. One or more pages may be in the format of a form in which the user is required to enter data in boxes on the page. The form is then sent to the server site. The Web has a standard protocol for information transfers known as the HyperText Transfer Protocol (HTTP) and request signals from a client and data signals from a server are in a format known as HyperText Mark-up Language (HTML).
Use of The Web is increasing at a rapid rate and there are many multi-page applications in which specific data provided by a client on a form page is required before a later page can be sent. An example is a financial transaction in which a password, PIN number or a user identification (ID) number must be supplied to a server station before data of a sensitive nature is passed to the client. HTTP requires that each request for a page is treated separately and each such request must be in the form of a Universal Resource Locator (URL) string. A URL string may therefore include sensitive data. The problem of protecting data provided by a user is known and encryption techniques are already applied to the data stream between the client and the server in World Wide Web applications. However this encryption does not protect the data while it is at the client station. The URL string is often displayed openly at the user station and even if it is not browsers (the software used for communications on The Web) usually have a "view" option or the data can be accessed in other ways. Thus authorization data of a kind which will give access to sensitive and supposedly protected information held at a server station is displayed or is available at a client station without restriction.