METHOD FOR PROTECTING DATA IN MASHUP WEBSITES
First Claim
1. A method for protecting a mashup webpage, said mashup webpage including a plurality of objects, comprising:
- providing a cross-object access control policy, said cross-object access control policy governing access by individual ones of said plurality of objects to content of others of said plurality of objects;
providing a hierarchical relationship representation among objects of said mashup webpage, said hierarchical relationship representation specifying a hierarchical relationship among said plurality of mini-applications;
intercepting a content access event by a first object of said plurality of objects, said content access event requesting access to content of a second object of said plurality of objects;
ascertaining, using said cross-object access control policy and said hierarchical relationship representation, whether said content access event is permissible; and
denying said access by said first object to said content of said second object if said content access event is deemed impermissible or permissible according to said cross-object access control policy.
0 Assignments
0 Petitions
Accused Products
Abstract
A method for protecting a mashup webpage is disclosed. The mashup webpage includes a plurality of mini-applications. The method includes intercepting a content access event by a first mini-application of the plurality of mini-applications, the content access event requesting access to content of a second mini-application of the plurality of mini-applications. The method also includes ascertaining, using a Document Mini-application Model (DOM) access control policy and a DOM model, whether the content access event is permissible. The method additionally includes denying the access by the first mini-application to the content of the second mini-application if the content access event is deemed impermissible or permissible according to the DOM access control policy.
22 Citations
20 Claims
-
1. A method for protecting a mashup webpage, said mashup webpage including a plurality of objects, comprising:
-
providing a cross-object access control policy, said cross-object access control policy governing access by individual ones of said plurality of objects to content of others of said plurality of objects; providing a hierarchical relationship representation among objects of said mashup webpage, said hierarchical relationship representation specifying a hierarchical relationship among said plurality of mini-applications; intercepting a content access event by a first object of said plurality of objects, said content access event requesting access to content of a second object of said plurality of objects; ascertaining, using said cross-object access control policy and said hierarchical relationship representation, whether said content access event is permissible; and denying said access by said first object to said content of said second object if said content access event is deemed impermissible or permissible according to said cross-object access control policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for protecting a mashup webpage, said mashup webpage including a plurality of mini-applications, comprising:
-
intercepting a content access event by a first mini-application of said plurality of mini-applications, said content access event requesting access to content of a second mini-application of said plurality of mini-applications; ascertaining, using a Document Mini-application Model (DOM) access control policy and a DOM model, whether said content access event is permissible, said DOM access control policy governing access by individual ones of said plurality of mini-applications to content of others of said plurality of mini-applications said DOM access control policy, said DOM model specifying a hierarchical relationship among said plurality of mini-applications; and denying said access by said first mini-application to said content of said second mini-application if said content access event is deemed impermissible or permissible according to said DOM access control policy. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification