Secure web container for a secure online user environment
First Claim
1. A secure system for providing a secure online environment for interacting with downstream sites using web-based applications, the system comprising:
- a client device interface comprising a secure channel operable to communicate with a user client device through an image protocol, wherein commands from a downstream site are not passed from the downstream site to the user client device;
a policy database operable to store policies for user access to and interaction with the downstream site, the policy database comprising policy information;
a policy portal in communication with the policy database, the policy portal operable to provide access to an administrator for configuring the policies for user access to and interaction with the downstream site;
an authenticated service device in communication with the client device interface and the policy database, wherein the authenticated service device is operable to access and interact with the downstream site at the user client device and the authenticated service device further comprises a secure environment and a secure web container within the secure environment; and
a secure data store in communication with the authenticated service device, the secure data store operable to store user credentials for accessing and interacting with the downstream site in accordance with the policies stored in the policy database,wherein the authenticated service device is operable to authenticate to the downstream site based on the user credentials, and provide, using the image protocol and via the client device interface, content associated with the downstream site to the user client device, and wherein the user credentials are not transmitted directly from the user client device to the downstream site.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein are systems and methods that allow for secure access to websites and web-based applications and other resources available through the browser. Also described are systems and methods for invocation of a secure web container which may display data representative of a requesting party'"'"'s application at a user'"'"'s machine. The secure web container is invoked upon receipt of an API call from the requesting party. Thus, described in the present specification are systems and methods for constructing and destroying private, secure, browsing environments (a secure disposable web container), insulating the user and requesting parties from the threats associated with being online for the purposes of providing secure, policy-based interaction with a requesting party'"'"'s online services.
-
Citations
20 Claims
-
1. A secure system for providing a secure online environment for interacting with downstream sites using web-based applications, the system comprising:
-
a client device interface comprising a secure channel operable to communicate with a user client device through an image protocol, wherein commands from a downstream site are not passed from the downstream site to the user client device; a policy database operable to store policies for user access to and interaction with the downstream site, the policy database comprising policy information; a policy portal in communication with the policy database, the policy portal operable to provide access to an administrator for configuring the policies for user access to and interaction with the downstream site; an authenticated service device in communication with the client device interface and the policy database, wherein the authenticated service device is operable to access and interact with the downstream site at the user client device and the authenticated service device further comprises a secure environment and a secure web container within the secure environment; and a secure data store in communication with the authenticated service device, the secure data store operable to store user credentials for accessing and interacting with the downstream site in accordance with the policies stored in the policy database, wherein the authenticated service device is operable to authenticate to the downstream site based on the user credentials, and provide, using the image protocol and via the client device interface, content associated with the downstream site to the user client device, and wherein the user credentials are not transmitted directly from the user client device to the downstream site. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for providing a secure online environment for interacting with downstream sites using web-based applications, the method comprising the steps of:
-
providing a client device interface comprising a secure channel operable to communicate with a user client device through an image protocol, wherein commands from a downstream site are not passed from the downstream site to the user client device; providing a policy database operable to store policies for user access to and interaction with the downstream site, the policy database comprising policy information; providing a policy portal in communication with the policy database, the policy portal operable to provide access to an administrator for configuring the policies for user access to and interaction with the downstream site; providing an authenticated service device in communication with the client device interface and the policy database, wherein the authenticated service device is operable to access and interact with the downstream site at the user client device and the authenticated service device further comprises a secure environment and a secure web container within the secure environment; and providing a secure data store in communication with the authenticated service device, the secure data store operable to store user credentials for accessing and interacting with the downstream site in accordance with the policies stored in the policy database, wherein the authenticated service device is operable to authenticate to the downstream site based on the user credentials, and provide, using the image protocol and via the client device interface, content associated with the downstream site to the user client device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification