SECURE MULTI-PRINCIPAL WEB BROWSER

US 20100281537A1
Filed: 04/30/2009
Published: 11/04/2010
Est. Priority Date: 04/30/2009
Status: Active Grant

First Claim

Patent Images

1. One or more computer-readable storage media storing instructions that when executed instruct a processor to perform acts comprising:

executing a browser kernel in a hardware-isolated protection domain;

accessing a web page comprising elements such as a primary page and embedded secondary pages;

determining the origin of the elements;

instantiating a separate principal instance in a separate hardware-isolated protection domain for each distinct origin;

executing a browser runtime as a restricted operating system process within each separate principal instance to render the elements;

permitting communication between separate principal instances via the browser kernel; and

presenting the renderings from each of the separate principal instances together at a display to form the web page.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A web browser operating system using a browser kernel places principals having different origins in separate principal instances, where each separate principal instance executes in a separate protection domain. Principal origin may be determined using the combination of protocol, domain name, and port. The browser kernel mediates communications between principal instances, and between the principal instances and the operating system. Within each principal instance, a browser runtime executes as a restricted operating system process (ROSP), while any plugins are executed as a separate ROSP. Renderings from each browser runtime are combined by the browser kernel for presentation to a user.

Citations

20 Claims

1. One or more computer-readable storage media storing instructions that when executed instruct a processor to perform acts comprising:
- executing a browser kernel in a hardware-isolated protection domain;
  
  accessing a web page comprising elements such as a primary page and embedded secondary pages;
  
  determining the origin of the elements;
  
  instantiating a separate principal instance in a separate hardware-isolated protection domain for each distinct origin;
  
  executing a browser runtime as a restricted operating system process within each separate principal instance to render the elements;
  
  permitting communication between separate principal instances via the browser kernel; and
  
  presenting the renderings from each of the separate principal instances together at a display to form the web page.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the browser kernel prohibits overlay of elements from one separate principal instance with another during the presenting.
  - 3. The method of claim 1, wherein each separate principal instance further comprises a browser plugin executed as a restricted operating system process separate from the browser runtime restricted operating system process and within the same hardware-isolated protection domain.
  - 4. The method of claim 3, wherein the browser plugin interacts with an underlying operating system via the browser kernel.
  - 5. The method of claim 1, wherein determining the origin comprises comparing the combination of protocol, domain name, and port for each primary web page and sub-element.
  - 6. The method of claim 1, wherein the browser kernel prohibits a page of a subdomain from setting the domain of the page.
  - 7. The method of claim 1, wherein the browser kernel prohibits rendering of Hyptertext Transfer Protocol (HTTP) transmitted scripts or style sheets or both from a Hypertext Transfer Protocol Secure (HTTPS) principal.
  - 8. The method of claim 1, wherein the browser kernel prohibits dependent navigation.

9. A method of browsing multiple origin web pages, the method comprising:
- executing a browser kernel;
  
  determining the origin of the elements on an access web page;
  
  instantiating a separate principal instance in a separate protection domain for each unique origin;
  
  executing a browser runtime within each separate principal instance to render each element;
  
  mediating communication between separate principal instances via the browser kernel; and
  
  presenting the renderings from each of the separate principal instances together at a display to form the web page.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The method of claim 9, wherein the browser kernel is executed in a protection domain.
  - 11. The method of claim 9, wherein the browser runtime is executed as a restricted operating system process and a plugin is executed as a restricted operating system process in the same principal instance as the browser runtime.
  - 12. The method of claim 9, wherein the browser kernel prohibits presenting comprising overlaying elements from one principal instance with another principal instance.
  - 13. The method of claim 9, wherein the separate principal instance further comprises a browser plugin executed as a restricted operating system process separate from the browser runtime restricted operating system process and within the same protection domain.
  - 14. The method of claim 9, wherein determining the origin comprises comparing the combination of protocol, domain name, and port for each primary web page and sub-element.
  - 15. The method of claim 9, wherein the browser kernel prohibits a page of a subdomain from setting the domain of the page.
  - 16. The method of claim 9, wherein the browser kernel prohibits rendering of Hypertext Transfer Protocol (HTTP) transmitted scripts or style sheets or both from a Hypertext Transfer Protocol Secure (HTTPS) principal.
  - 17. The method of claim 9, wherein the browser kernel prohibits dependent navigation.

18. A system for securely browsing multiple origin web pages, the system comprising:
- a processor;
  
  a memory coupled to the processor, the memory storing instructions that when executed instruct a processor to perform acts comprising;
  
  executing a browser operating system;
  
  parsing web pages of different origins in separate hardware-isolated protection domains;
  
  mediating communications between the separate hardware-isolated protection domains with the browser operating system;
  
  rendering web pages within the browser operating system; and
  
  a display coupled to the processor, and configured to display the rendered web pages.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, wherein the parsing comprises executing a runtime browser within a first restricted operating system process executing within a first hardware-isolated protection domain.
  - 20. The system of claim 18, further comprising instantiating a plugin within a second restricted operating system process executing within the first hardware-isolated protection domain.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Grier, Christopher L., Wang, Jiahe Helen, Venter, Barend H.

Granted Patent

US 8,250,653 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/74   operating in dual or compar...

G06F 9/468   Specific access rights for ...

G06F 9/545   where tasks reside in diffe...

SECURE MULTI-PRINCIPAL WEB BROWSER

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE MULTI-PRINCIPAL WEB BROWSER

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links