Secure Runtime Execution of Web Script Content on a Client
First Claim
1. A system for evaluating a web script content of a content holder, said content holder comprises a web page, said system comprising:
- a remote memory area for storing policies, each of said policies defining an execution boundary of the web script content on a server, said execution boundary defining resource access and execution behaviors of the web script content on the server;
a client device;
a local memory accessible by the client device for storing a copy of the policies from the remote memory area;
an application executed on the client device for providing online content of the content holder on a display on the client device;
wherein the application is configured to execute computer-executable instructions for;
identifying the web script content of the content holder in response to providing the online content, said identified web script content being configured to issue an execution invocation to interact with other portions of the online content without receiving an explicit instruction from a user to grant such interaction with the other portions of the online content;
intercepting the issued execution invocation from the identified web script content;
identifying parameters included in the intercepted execution invocation, said identified parameters requesting resources from the application or the client device for interacting with the other portions of the online content;
evaluating the identified parameters against the execution boundary of each of the policies stored in the local memory and the other portions of the online content in the content holder; and
providing to the application a dynamic resolution in response to the evaluated parameters; and
a display of the client device for displaying the provided dynamic resolution.
2 Assignments
0 Petitions
Accused Products
Abstract
Method for ensuring security of online content on a client device. Online content is rendered on a display on the client device and the client device stores one or more policies each defining an execution boundary of a web script content. The execution boundary defines resource access of the web script content, and the web script content is configured to issue an execution invocation to interact with other portions of the online content. The issued execution invocation is intercepted and parameters included in the intercepted execution invocation are identified. The identified parameters request resources from an application or the client device for interacting with the other portions of the online content. The identified parameters are evaluated against the execution boundary of each of the policies stored in the client device. A dynamic resolution is provided to the web script content in response to the evaluating.
131 Citations
20 Claims
-
1. A system for evaluating a web script content of a content holder, said content holder comprises a web page, said system comprising:
-
a remote memory area for storing policies, each of said policies defining an execution boundary of the web script content on a server, said execution boundary defining resource access and execution behaviors of the web script content on the server; a client device; a local memory accessible by the client device for storing a copy of the policies from the remote memory area; an application executed on the client device for providing online content of the content holder on a display on the client device; wherein the application is configured to execute computer-executable instructions for; identifying the web script content of the content holder in response to providing the online content, said identified web script content being configured to issue an execution invocation to interact with other portions of the online content without receiving an explicit instruction from a user to grant such interaction with the other portions of the online content; intercepting the issued execution invocation from the identified web script content; identifying parameters included in the intercepted execution invocation, said identified parameters requesting resources from the application or the client device for interacting with the other portions of the online content; evaluating the identified parameters against the execution boundary of each of the policies stored in the local memory and the other portions of the online content in the content holder; and providing to the application a dynamic resolution in response to the evaluated parameters; and a display of the client device for displaying the provided dynamic resolution. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for ensuring security of online content on a client device, said method comprising:
-
rendering online content on a display on the client device, wherein the client device stores one or more policies, each of the one or more stored policies defining an execution boundary of a web script content, said execution boundary defining resource access of the web script content, said web script content being configured to issue an execution invocation to interact with other portions of the online content without receiving an explicit instruction from a user to grant such interaction with the other portions of the online content; intercepting the issued execution invocation from the web script content in the online content; identifying parameters included in the intercepted execution invocation, said identified parameters requesting resources from an application or the client device for interacting with the other portions of the online content; evaluating the identified parameters against the execution boundary of each of the policies stored in the client device and the other portions of the online content; and providing to the web script content a dynamic resolution in response to the evaluating. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method for ensuring security of online content on a client device, said method comprising:
-
rendering online content on a display on the client device, wherein the client device stores one or more policies, each of the one or more stored policies defining an execution boundary of a web script content, said execution boundary defining resource access of the web script content, said web script content being configured to issue an execution invocation to interact with other portions of the online content without receiving an explicit instruction from a user to grant such interaction with the other portions of the online content; intercepting the issued execution invocation from the web script content in the online content; identifying parameters included in the intercepted execution invocation, said identified parameters requesting resources from an application or the client device for interacting with the other portions of the online content; evaluating the identified parameters against the execution boundary of each of the policies stored in the client device and the other portions of the online content; providing to the web script content a dynamic resolution in response to the evaluating; and receiving a feedback from the user in response to the provided dynamic resolution. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification