Methods and systems for implementing a secure application execution environment using derived user accounts for internet content

US 20040006706A1
Filed: 06/06/2003
Published: 01/08/2004
Est. Priority Date: 06/06/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method for providing secure content use comprising:

receiving content from a resource;

determining if the received content is trusted or untrusted content; and

taking a first action with respect to the received content, if the content is untrusted, or taking a second action with respect to the received content, if the content is trusted.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems are disclosed for implementing a secure application execution environment using Derived User Accounts (SAE DUA) for Internet content. Content is received and a determination is made if the received content is trusted or untrusted content.

The content is accessed in a protected derived user account (DUA) such as a SAE DUA if the content is untrusted otherwise the content is accessed in a regular DUA if the content is trusted.

Citations

15 Claims

1. A method for providing secure content use comprising:
- receiving content from a resource;
  
  determining if the received content is trusted or untrusted content; and
  
  taking a first action with respect to the received content, if the content is untrusted, or taking a second action with respect to the received content, if the content is trusted.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the first action is accessing the received content in a derived user account (DUA) and the second action is accessing the received content in a regular DUA.
  - 3. The method of claim 1, wherein determining further comprises:
    - determining if the received content is trusted or untrusted based on a partition of the resource.
  - 4. The method of claim 3, wherein determining if the received content is trusted or untrusted further comprises:
    - identifying the resource based on a characteristic of the resource; and
      
      partitioning the resource as trusted or untrusted based on the identified characteristic.
  - 5. The method of claim 1, wherein receiving content comprises:
    - intercepting one or more requests for the content; and
      
      wherein the first action is redirecting the one or more intercepted requests to a protected DUA, if the content is untrusted, or redirecting the one or more requests to a regular DUA, if the content is trusted.

6. A computing system for providing secure content comprising:
- at least one memory hosting a protected derived user account (DUA) and a regular DUA; and
  
  a processor configured to receive content from a resource, determine if the received content is trusted or untrusted content, and take a first action with respect to the received content, if the content is untrusted, or take a second action with respect to the received content, if the content is trusted.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The computing system of claim 6, wherein the first action is accessing the received content in a derived user account (DUA) and the second action is accessing the received content in a regular DUA.
  - 8. The computing system of claim 6, wherein the processor is further configured to determine if the content is trusted or untrusted based on a partition of the resource.
  - 9. The computing system of claim 8, wherein the processor is further configured to identify the resource based on a characteristic of the resource, and to partition the resource as trusted or untrusted based on the identified characteristic.
  - 10. The computing system of claim 6, wherein the processor is further configured to intercept one or more requests for the content and redirect the one or more requests to the protected DUA, if the content is untrusted, or redirect the one or more requests to the regular DUA, if the content is trusted.

11. A computer-readable medium containing instructions for controlling a computing system having a processor, to perform a method comprising:
- receiving content from a resource;
  
  determining if the received content is trusted or untrusted content; and
  
  taking a first action with respect to the received content, if the content is untrusted, or taking a second action with respect to the received content, if the content is trusted.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The computer-readable medium of claim 11, wherein the first action is accessing the received content in a derived user account (DUA) and the second action is accessing the received content in a regular DUA.
  - 13. The computer-readable medium of claim 11, wherein the instructions further control the computing system to perform a method comprising:
    - determining if the received content is trusted or untrusted based on a partition of the resource.
  - 14. The computer-readable medium of claim 13, wherein the instructions further control the computing system to perform a method comprising:
    - identifying the resource based on a characteristic of the resource; and
      
      partitioning the resource as trusted or untrusted based on the identified characteristic.
  - 15. The computer-readable medium of claim 11, wherein the instructions further control the computing system to perform a method comprising:
    - intercepting one or more requests for the content; and
      
      wherein the first action is redirecting the one or more intercepted requests to a protected DUA, if the content is untrusted, or redirecting the one or more requests to a regular DUA, if the content is trusted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Google LLC (Alphabet Inc.)
Inventors
Erlingsson, Ulfar

Application Number

US10/456,805
Publication Number

US 20040006706A1
Time in Patent Office

Days
Field of Search
US Class Current

713/200
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/53   by executing in a restricte...

H04L 63/1483   service impersonation, e.g....

Methods and systems for implementing a secure application execution environment using derived user accounts for internet content

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and systems for implementing a secure application execution environment using derived user accounts for internet content

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links