专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20050278792A1 Method and system for validating access to a group of related elements 有权
标题翻译：验证访问一组相关元素的方法和系统
公开(公告)号：US20050278792A1
公开(公告)日：2005-12-15
申请号：US10867338
申请日：2004-06-14
申请人： Sundaram Ramani , Joseph Beda , Mark Alcazar , Roberto Franco , Roland Tokumi , John Bedworth
发明人： Sundaram Ramani , Joseph Beda , Mark Alcazar , Roberto Franco , Roland Tokumi , John Bedworth
IPC分类号： H04L9/00 , H04L9/32 , H04L29/06
CPC分类号： H04L63/104 , H04L63/102
摘要： A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.
摘要翻译：描述用于验证对一组相关元素的访问的方法和系统。当对元素进行调用时，组内的元素访问与标记域相关联的安全上下文。启用对元素的授权呼叫，使得标记域被导航到新的网页。然而，防止未经授权的呼叫，使得不允许对新网页的导航。标记域已导航后，与标记域相关联的安全上下文将无效。生成新的安全上下文并与标记域相关联。与导航到网页的网页相关联的元素在标记域导航到新页面后是无法访问的。新安全上下文与标记域的关联可防止未经授权的用户访问引用先前安全上下文的任何元素。

2. 发明申请

US20060277218A1 Running internet applications with low rights 有权
标题翻译：运行低权限的互联网应用程序
公开(公告)号：US20060277218A1
公开(公告)日：2006-12-07
申请号：US11145530
申请日：2005-06-03
申请人： Roberto Franco , Anantha Ganjam , John Bedworth , Peter Brundrett , Roland Tokumi
发明人： Roberto Franco , Anantha Ganjam , John Bedworth , Peter Brundrett , Roland Tokumi
IPC分类号： G06F17/30
CPC分类号： G06F21/53
摘要： In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
摘要翻译：在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

3. 发明申请

US20060070008A1 Preserving browser window integrity 审中-公开
标题翻译：保持浏览器窗口的完整性
公开(公告)号：US20060070008A1
公开(公告)日：2006-03-30
申请号：US10954702
申请日：2004-09-29
申请人： Aaron Sauve , Ann Seltzer , Robert Dirickson , Roberto Franco , Jeff Davis , Roland Tokumi , John Bedworth
发明人： Aaron Sauve , Ann Seltzer , Robert Dirickson , Roberto Franco , Jeff Davis , Roland Tokumi , John Bedworth
IPC分类号： G06F3/00
CPC分类号： G06F9/451
摘要： A method and system for preservation of browser window integrity is disclosed. The position and size of script-created windows is adjusted as necessary to preserve critical data on the computer screen prior to rendering those windows. Popup windows are similarly adjusted so that window integrity is preserved. Popup window size is adjusted to be smaller than the vertical size of the popup's parent window. Popup window position is modified so that popups do not extend above the top, or below the bottom, of their parent window. Finally, the popup position in the z dimension is adjusted so that the popup appears immediately above its parent window.
摘要翻译：公开了一种保存浏览器窗口完整性的方法和系统。脚本创建的窗口的位置和大小根据需要进行调整，以在渲染这些窗口之前在计算机屏幕上保留关键数据。类似地调整弹出窗口，以保持窗口完整性。弹出窗口大小被调整为小于弹出窗口的垂直尺寸。弹出窗口位置被修改，使得弹出窗口不会在父窗口的顶部或底部的下方延伸。最后，调整z维度中的弹出位置，使弹出窗口立即出现在其父窗口的上方。

4. 发明申请

US20060277311A1 Running Internet applications with low rights 有权
标题翻译：运行低权限的Internet应用程序
公开(公告)号：US20060277311A1
公开(公告)日：2006-12-07
申请号：US11262316
申请日：2005-10-28
申请人： Roberto Franco , Anantha Ganjam , John Bedworth , Peter Brundrett , Roland Tokumi , Jeremiah Epling , Daniel Sie , Jianrong Gu , Marc Sibley , Vidya Nallathimmayyagari , Bogdan Tepordei
发明人： Roberto Franco , Anantha Ganjam , John Bedworth , Peter Brundrett , Roland Tokumi , Jeremiah Epling , Daniel Sie , Jianrong Gu , Marc Sibley , Vidya Nallathimmayyagari , Bogdan Tepordei
IPC分类号： G06F15/16
CPC分类号： G06F21/53
摘要： In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
摘要翻译：在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

5. 发明申请

US20050246761A1 System and method for local machine zone lockdown with relation to a network browser 有权
标题翻译：与网络浏览器相关的本地机器区域锁定的系统和方法
公开(公告)号：US20050246761A1
公开(公告)日：2005-11-03
申请号：US10836182
申请日：2004-04-30
申请人： David Ross , Roberto Franco , John Bedworth , Shankar Ganesh , Venkatraman Kudallur , Anantha Ganjam , Kurt Schmucker
发明人： David Ross , Roberto Franco , John Bedworth , Shankar Ganesh , Venkatraman Kudallur , Anantha Ganjam , Kurt Schmucker
IPC分类号： H04L9/00 , H04L29/06
CPC分类号： H04L63/20 , G06F21/53 , G06F21/6218 , H04L63/105 , H04L63/168
摘要： A method and system for locking down a local machine zone associated with a network browser is provided. Placing the local machine zone in a lockdown mode provides stricter security settings that are applied to active content attempting to publish within a local page open in the network browser. The stricter setting are provided in a new set of registry keys that correspond to the lockdown mode of the local machine zone. The original security settings remain unchanged so that other systems and applications functionality that depends on the original security settings remains unaffected for the local machine zone. A user may also selectively allow active content to render despite the local machine zone being locked down.
摘要翻译：提供了一种用于锁定与网络浏览器相关联的本地计算机区域的方法和系统。将本地计算机区域置于锁定模式下，将提供更严格的安全设置，适用于尝试在网络浏览器中打开的本地页面中发布的活动内容。更严格的设置在与本地机器区域的锁定模式相对应的一组新的注册表项中提供。原始的安全设置保持不变，这样依赖于原始安全设置的其他系统和应用程序功能对本地计算机区域不会受到影响。即使本地机器区被锁定，用户也可以选择性地允许活动内容呈现。

6. 发明申请

US20060156231A1 Highlight Rendering Services Component For An Extensible Editor 失效
标题翻译：突出显示可扩展编辑器的渲染服务组件
公开(公告)号：US20060156231A1
公开(公告)日：2006-07-13
申请号：US11276606
申请日：2006-03-07
申请人： Ashraf Michail , Mark Alcazar , John Bedworth
发明人： Ashraf Michail , Mark Alcazar , John Bedworth
IPC分类号： G06F17/24
CPC分类号： G06F17/24
摘要： An extensible editor allows integration of extensions that modify the editor's default behavior and provide customized feedback to users. The editor includes interfaces through which extensions are connected to the editor and through which selection services and highlight rendering services are provided. The selection services interfaces provide a clear separation of a logical selection position in the document and the visual feedback provided for the selection, allowing extensions to be designed that provide customized selection feedback. The highlight rendering services interfaces provide an extension with the ability to augment an existing selection without modifying the actual document. The editor also includes an event routing model that works to decrease the occurrence of conflicts between the editor and extensions and between extensions. Upon the occurrence of an event, the editor routes the event to each extension before the editor's default handling of the event occurs. When an extension responds to an event, the extension may “consume” the event by indicating to the editor not to allow further processing of the event. After an event has been pre-processed by each extension, the default editor acts on the event. The editor then routes the event to each extension again, to allow each extension to process the event after the default editor has acted. When the post-processing is completed, each extension is notified of the actions taken by the editor and by each of the other extensions.
摘要翻译：可扩展的编辑器可以集成扩展，修改编辑器的默认行为，并向用户提供定制的反馈。编辑器包括扩展连接到编辑器的接口，并提供选择服务和突出显示服务。选择服务界面提供文档中的逻辑选择位置和为选择提供的视觉反馈的明确分离，允许设计提供定制选择反馈的扩展。突出显示服务界面提供扩展功能，可以扩展现有选择，而无需修改实际文档。编辑器还包括一个事件路由模型，可以减少编辑器和扩展之间以及扩展之间冲突的发生。发生事件后，编辑器将在发生事件的默认处理之前将事件路由到每个扩展。当分机响应事件时，分机可以通过向编辑器指示不允许进一步处理事件来“消耗”事件。事件由每个扩展名预先处理后，默认编辑器对事件进行操作。然后，编辑器再次将事件路由到每个扩展，以允许每个扩展在默认编辑器执行后处理事件。当后期处理完成后，每个分机都被通知编辑者和其他每个分机所采取的行动。

7. 发明申请

US20060010241A1 MIME handling security enforcement 有权
公开(公告)号：US20060010241A1
公开(公告)日：2006-01-12
申请号：US10873576
申请日：2004-06-22
申请人： Venkatraman Kudallur , Shankar Ganesh , Roberto Franco , Vishu Gupta , John Bedworth
发明人： Venkatraman Kudallur , Shankar Ganesh , Roberto Franco , Vishu Gupta , John Bedworth
IPC分类号： G06F15/16
CPC分类号： G06F21/60 , G06F21/56 , G06F21/562 , G06F21/566
摘要： A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

8. 发明申请

US20050256960A1 Security restrictions on binary behaviors 有权
标题翻译：对二进制行为的安全限制
公开(公告)号：US20050256960A1
公开(公告)日：2005-11-17
申请号：US10836417
申请日：2004-04-29
申请人： Shankar Ganesh , John Bedworth
发明人： Shankar Ganesh , John Bedworth
IPC分类号： G06F15/16 , H04L29/06
CPC分类号： H04L63/105
摘要： A security model restricts binary behaviors on a machine based on identified security zones. Binary behaviors can be attached to an element of a document, web-page, or email message. The binary behavior potentially threatens security on the local machine. A security manager intercepts download requests and/or execution requests, identifies a security zone for the requested binary behavior, and restricts access based on the security zone. The binary behavior can identify a security zone according to the related URL. In one example, all binary behaviors associated with a security zone are handled identically. In another example, a list of permissible binary behaviors is associated with a security zone such that only specified binary behaviors are granted access. In still another example, a list of impermissible binary behaviors is associated with a security zone such that binary behaviors that are found in the list cannot initiate access.
摘要翻译：安全模型基于识别的安全区域限制机器上的二进制行为。二进制行为可以附加到文档，网页或电子邮件的元素。二进制行为可能威胁到本地机器上的安全性。安全管理员拦截下载请求和/或执行请求，识别所请求的二进制行为的安全区域，并限制基于安全区域的访问。二进制行为可以根据相关URL识别安全区域。在一个示例中，与安全区域相关联的所有二进制行为被相同地处理。在另一个示例中，允许的二进制行为的列表与安全区域相关联，使得仅允许指定的二进制行为被访问。在另一个示例中，不允许的二进制行为的列表与安全区域相关联，使得在列表中找到的二进制行为不能启动访问。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式