SAFELY PROCESSING AND PRESENTING DOCUMENTS WITH EXECUTABLE TEXT

US 20110185427A1
Filed: 01/25/2010
Published: 07/28/2011
Est. Priority Date: 01/25/2010
Status: Active Grant

First Claim

Patent Images

1. In a computing system, a method of processing a document that includes executable text, wherein the computer-implemented method comprises:

determining whether the executable text has been derived from and/or affected by untrusted content in the document when the document is processed or is being processed, wherein the untrusted content includes content not trusted or not fully trusted; and

identifying the executable text as untrusted content not to be trusted or not fully trusted when the determining determines that the executable text has been derived from and/or affected by untrusted content in the document.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for processing documents with executable text are disclosed. The techniques, among other things, can effectively address XSS attacks to Internet users when browsing web sites. Content deemed not to be trusted or fully trusted (“untrusted”) can be marked in a document that can include executable text. Remedial action, including not allowing execution of executable text marked as “untrusted” can be taken. In addition, when the document is processed, content deemed not to be trusted or fully trusted (“untrusted”) can be effectively monitored in order to identify executable text that may have been effectively produced by “untrusted” content and/or somehow may have been affected by “untrusted” content.

35 Citations

View as Search Results

21 Claims

1. In a computing system, a method of processing a document that includes executable text, wherein the computer-implemented method comprises:
- determining whether the executable text has been derived from and/or affected by untrusted content in the document when the document is processed or is being processed, wherein the untrusted content includes content not trusted or not fully trusted; and
  
  identifying the executable text as untrusted content not to be trusted or not fully trusted when the determining determines that the executable text has been derived from and/or affected by untrusted content in the document.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the computer-implemented method further comprises:
    - not allowing execution of the executable text when the determining determines that the executable text has been derived from or has been affected by the untrusted content.
  - 3. The method of claim 1, wherein the computer-implemented method further comprises:
    - marking other content in the document as untrusted content when it is determined that the other content has been derived from and/or affected by the untrusted content in the document.
  - 4. The method of claim 1, wherein the computer-implemented method further comprises:
    - effectively tracking untrusted content during the processing of the document;
      
      marking other content in the document that is determined to be derived from and/or affected by the untrusted content in the document as untrusted content; and
      
      not allowing the other content to be executed when the other content is executable text marked as untrusted content.
  - 5. The method of claim 1, wherein the untrusted content includes text and/or textual content marked as tainted text, and wherein the document includes a web page.
  - 6. The method of claim 4, wherein the computer-implemented method further comprises:
    - effectively tracking the tainted text in the web page;
      
      determining whether other text in the web page has been affected and/or derived from the tainted text as result of interaction with the tainted text;
      
      marking the other text in the web page also as tainted text when the determining determines that the other text in the web page has been affected or derived from the tainted text.
  - 7. The method of claim 5, wherein the computer-implemented method further comprises:
    - effectively propagating a tainted mark to other text in the web page to mark the other text also as tainted text.
  - 8. The method of claim 6, wherein the computer-implemented method further comprises:
    - identifying in the document text not trusted or not fully trusted as tainted text; and
      
      marking in the web page the text as the tainted text.
  - 9. The method of claim 8, wherein the identifying of text comprises one or more of the following:
    - identifying text that can be altered or easily altered,identifying text associated with input and/or user input,identifying text associated with a source that is not trusted or not fully trusted, andidentifying text associated with a source considered to a suspicious source.
  - 10. The method of claim 7, wherein the propagating of the tainted mark to other text comprises propagating the taint mark as a result of:
    - an assignment operation, arithmetic or logic operation, function call, and/or a control flow operation.
  - 11. The method of claim 5, wherein the computer-implemented further comprises:
    - marking one or more nodes of a DOM tree for the web page with a tainted mark when the one or more nodes are generated, modified and/or affected by tainted data and/or as a result of interaction with the tainted data.

12. A computing system, wherein the computing system is operable to:
- process a document that can include non-executable content and executable text that can be marked as untrusted content, wherein the untrusted content includes content not trusted or not fully trusted; and
  
  not allow execution of executable text marked as untrusted content when the processing process the document.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The computing system of claim 12, wherein the computing system is further operable to:
    - determine whether executable text in the document has been derived from and/or affected by the untrusted content in the document when the processing process the document, wherein the untrusted content includes content not trusted or not fully trusted; and
      
      identifying the executable text also as the untrusted content when the when the determining determines that the executable text has been derived from or has been affected by the untrusted text.
  - 14. The computing system of claim 13, wherein the computing system is further operable to:
    - mark other content in the document as untrusted content when the other content has been derived from and/or affected by the untrusted content in the document
  - 15. The computing system of claim 12, wherein the document is a web page and the computing system is operable to obtain the web page via Internet.
  - 16. The computing system of claim 15, wherein the web page includes text marked as tainted text when the computing system obtains the web Page.
  - 17. The computing system of claim 13, wherein the computing system is further operable to:
    - identify in the document text not trusted or not fully trusted as tainted text; and
      
      mark in the web page the text as the tainted text.
  - 18. The computing system of claim 12, where the computing system is a client operable to obtain the document from a server.

19. A computer readable storage medium storing at least executable computer code for processing a document that can include non-executable content and executable text, wherein the computer readable storage medium includes:
- executable computer code operable to determine whether the executable text has been derived from and/or affected by untrusted content in the document when the document is processed or is being processed, wherein the untrusted content includes content not trusted or not fully trusted; and
  
  executable computer code operable to identifying the executable text as untrusted content not to be trusted or not fully trusted when the determining determines that the executable text has been derived from and/or affected by untrusted content in the document.
- View Dependent Claims (20, 21)
- - 20. The computer readable storage medium of claim 19, wherein the computer readable storage medium further includes:
    - executable computer code operable to deny execution of the executable text when the determining determines that the executable text has been derived from or has been affected by the untrusted text.
  - 21. The computer readable storage medium of claim 19, wherein the processing of the document is at least partially performed by a browser.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
ACIICMEZ, Onur, TANG, Shuo

Granted Patent

US 8,997,217 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/55   Detecting local intrusion o...

G06F 21/57   Certifying or maintaining t...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2119   Authenticating web pages, e...

G06F 2221/2149   Restricted operating enviro...

H04L 63/1441   Countermeasures against mal...

SAFELY PROCESSING AND PRESENTING DOCUMENTS WITH EXECUTABLE TEXT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

35 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SAFELY PROCESSING AND PRESENTING DOCUMENTS WITH EXECUTABLE TEXT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

35 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links