Content handling for applications

US 10,445,528 B2
Filed: 09/07/2011
Issued: 10/15/2019
Est. Priority Date: 09/07/2011
Status: Active Grant

First Claim

Patent Images

1. A system comprising:

one or more processors; and

one or more computer-readable storage devices storing instructions, comprising at least an application manager module and a content inspection module, that are executable by the one or more processors to;

receive an indication that a portion of an application is requesting to pass content to a code element of a computing device, the application including a first compartment and a second compartment that include different respective portions of application code that enable different respective functionality to be invoked by the respective compartments of the application;

execute the content inspection module to ascertain, based at least on an identifier for the portion of the application, whether the portion of the application is part of the first compartment of the application that is permitted to access a sensitive functionality of the computing device, or part of the second compartment of the application that lacks permission to access the sensitive functionality, the first compartment having a first set of content handling policies and the second compartment having a second set of content handling policies, wherein the identifier comprises a uniform resource identifier (URI) providing a designation of the first compartment being related to a locally stored compartment or the second compartment being a remotely stored compartment in a manner specifying whether the application is permitted to access the sensitive functionality of the computing device; and

execute the application manager module to apply one of the first set of content handling policies or the second set of content handling policies to the request to;

(1) determine whether the application indicates that the untrusted content is to be sanitized before it is passed to the code element and (2) pass the content to the code element based on whether the portion of the application that is requesting to pass the content is part of the first compartment or the second compartment of the application, wherein the portion of the application being allowed or disallowed to pass the content to the code element subject to one of the first set of content handling policies or the second set of content handling policies.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for content handling for applications are described. In one or more implementations, a first set of content handling policies is enforced for a first portion of an application that is permitted to invoke code elements of the computing device and a second set of content handling policies is enforced for a second portion of the application that is not permitted to invoke the code elements. Further, a determination is made whether to apply the first set of content handling policies or the second set of content handling policies to content based on which portion of the application is requesting the content.

35 Citations

View as Search Results

20 Claims

1. A system comprising:
- one or more processors; and
  
  one or more computer-readable storage devices storing instructions, comprising at least an application manager module and a content inspection module, that are executable by the one or more processors to;
  
  receive an indication that a portion of an application is requesting to pass content to a code element of a computing device, the application including a first compartment and a second compartment that include different respective portions of application code that enable different respective functionality to be invoked by the respective compartments of the application;
  
  execute the content inspection module to ascertain, based at least on an identifier for the portion of the application, whether the portion of the application is part of the first compartment of the application that is permitted to access a sensitive functionality of the computing device, or part of the second compartment of the application that lacks permission to access the sensitive functionality, the first compartment having a first set of content handling policies and the second compartment having a second set of content handling policies, wherein the identifier comprises a uniform resource identifier (URI) providing a designation of the first compartment being related to a locally stored compartment or the second compartment being a remotely stored compartment in a manner specifying whether the application is permitted to access the sensitive functionality of the computing device; and
  
  execute the application manager module to apply one of the first set of content handling policies or the second set of content handling policies to the request to;
  
  (1) determine whether the application indicates that the untrusted content is to be sanitized before it is passed to the code element and (2) pass the content to the code element based on whether the portion of the application that is requesting to pass the content is part of the first compartment or the second compartment of the application, wherein the portion of the application being allowed or disallowed to pass the content to the code element subject to one of the first set of content handling policies or the second set of content handling policies.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system as described in claim 1, wherein the code elements comprise one of more of a function, a subroutine, a method, a parameter, a property, or an interface.
  - 3. The system as described in claim 1, wherein the first set of content handling policies specifies that content with a source that is remote from the computing device is untrusted content.
  - 4. The system as described in claim 1, wherein the first set of content handling policies specifies untrusted content lacks permission to include executable code.
  - 5. The system as described in claim 1, wherein the first set of content handling policies specifies that responsive to ascertaining that the content includes untrusted content and that the portion of the application is part of the first compartment, the untrusted content is to be inspected to determine whether the untrusted content is safe before the untrusted content is permitted to be passed to the code element.
  - 6. The system as described in claim 5, wherein the instructions are further executable by the one or more processors to determine whether the application is opting out of content inspection for the untrusted content.
  - 7. The system as described in claim 1, wherein the first set of content handling policies specifies that content retrieved locally from the computing device is to be encoded using a specific character encoding format or the content will be prevented from being parsed.

8. A method comprising:
- detecting that a portion of an application executing on a computing device is requesting to pass content to a code element of the computing device, wherein the computing device comprises an application manager module and a content inspection module;
  
  ascertaining, by the content inspection modules of the computing device, and based at least on an identifier for the portion of the application, whether the portion of the application is part of a first compartment of the application that is permitted to access a sensitive functionality of the computing device, or part of a second compartment of the application that lacks permission to access the sensitive functionality, the first compartment and the second compartment including different respective portions of application code that enable different respective functionality to be invoked by the respective compartments of the application, wherein the identifier comprises a uniform resource identifier (URI) that references the first compartment being related to a locally stored compartment or the second compartment being related to a remotely stored compartment in a manner specifying whether the application is permitted to access the sensitive functionality of the computing device; and
  
  responsive to the ascertaining, determining, by the application manager module of the computing device, whether the application indicates that the untrusted content is to be sanitized before it is passed to the code element and whether to allow or disallow the request based on whether the portion of the application is part of the first compartment or the second compartment.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method as described in claim 8, wherein the code element is included as part of a pre-specified group of code elements based on the code element enabling access to the sensitive functionality of the computing device.
  - 10. The method as described in claim 8, wherein the code element comprises at least one of a function, a subroutine, a method, a parameter, a property, or an application programming interface (API).
  - 11. The method as described in claim 8, further comprising, in response to a determination that the portion of the application is part of the first compartment, ascertaining whether the content is permitted to be passed to the code element based on a source of the content and a content type for the content.
  - 12. The method as described in claim 11, further comprising ascertaining that the content lacks permission to be passed to the code element based on a determination that the source of the content is remote from the computing device and the content type indicates that the content includes executable code.
  - 13. The method as described in claim 8, further comprising, in response to a determination that the portion of the application is part of the first compartment and that the content is from an untrusted source, inspecting the content to determine whether the content is safe or unsafe to be passed to the code element.
  - 14. The method as described in claim 8, further comprising preventing the content from being passed to the code element in response to a determination that the portion of the application is part of the second compartment.
  - 15. The method as described in claim 8, further comprising allowing the content to be passed to the code element in response to ascertaining, based on a uniform resource indicator (URI) that references the content, that the source of the content is local to the computing device.

16. A method, comprising:
- determining that a portion of an application is requesting that content be passed to a code element of a computing device, wherein the computing device comprises an application manager module and a content inspection module;
  
  determining, at the content inspection modules of the computing device, and based on at least an identifier for the portion of the application, whether the portion of the application is a first portion of the application that is permitted to invoke the code element or a second portion of the application that lacks permission to invoke the code element, the first portion and the second portion of the application identifying different respective sets of code elements that enable different respective functionality to be invoked by the respective portions of the application, wherein the identifier comprises a uniform resource identifier (URI) that references the first compartment being related to a locally stored compartment or the second compartment being related to a remotely stored compartment in a manner specifying whether the application is permitted to access the sensitive functionality of the computing device;
  
  determining, by the application manager module of the computing device, that the portion of the application is the first portion of the application that is permitted to invoke the code element; and
  
  ascertaining, by the computing device, whether the application indicates that the untrusted content is to be sanitized before it is passed to the code element and whether the content is permitted to be passed to the code element based on at least one of a source of the content or a content type for the content.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method as described in claim 16, further comprising allowing the content to be passed to the code element in response to ascertaining, based on a uniform resource indicator (URI) that references the content, that the source of the content is local to the computing device.
  - 18. The method as described in claim 16, further comprising preventing the content from being passed to the code element based on ascertaining that the source of the content is remote from the computing device and that the content type indicates that the content includes executable code.
  - 19. The method as described in claim 16, further comprising ascertaining that the source of the content is remote from the computing device and inspecting the content to determine whether the content is safe or unsafe to be passed to the code element.
  - 20. The method as described in claim 16, wherein the set of code elements associated with the first portion of the application includes pre-specified allowed code elements and the ascertaining by the computing device whether the content is permitted to be passed to the code element is further based on the pre-specified allowed code elements included in the first portion of the application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Risney, Jr., David L., Graham, Scott B., Jourdain, Mathias, Iskin, Sermet, Ross, David Andrew
Primary Examiner(s)
Schmidt, Kari L

Application Number

US13/227,201
Publication Number

US 20130061282A1
Time in Patent Office

2,960 Days
Field of Search

726 1, 726 14, 726 15, 726 26, 713155, 713156, 713175, 713176, 713182, 380251, 380255, 380278, 380281
US Class Current
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/53   by executing in a restricte...

G06F 21/56   Computer malware detection ...

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/629   to features or functions of...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 63/14   for detecting or protecting...

H04L 63/1408   by monitoring network traff...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1433   Vulnerability analysis

H04L 63/1441   Countermeasures against mal...

H04L 63/145   the attack involving the pr...

H04L 63/1483   service impersonation, e.g....

Content handling for applications

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

35 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Content handling for applications

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links