Securing A Computing Environment Against Malicious Entities
First Claim
1. In a computing environment, a method performed at least in part on at least one processor, comprising, securing network data traffic through a trusted partition of the computing environment, including, processing transaction data directed to one or more electronic commercial entities via a security component framework associated with the trusted partition, comparing security policy information to the transaction data to produce a comparison result, using the security component framework to generate response data based on the comparison result, and communicating the response data to at least one party associated with the transaction data.
2 Assignments
0 Petitions
Accused Products
Abstract
The subject disclosure is directed towards securing network data traffic through a trusted partition of the computing environment. A proxy service may communicate transaction data from a client to security-critical code within the trusted partition, which compares the transaction data to a security policy from a commercial electronic entity. If the transaction data includes malicious content, a security component framework of the trusted partition may reject the transaction data and terminate communications with the client. If the transaction data does not include malicious content, the security component framework may communicate a secured version of the transaction data and retrieve response data from the commercial electronic entity, which may be further communicated back to the client.
48 Citations
20 Claims
- 1. In a computing environment, a method performed at least in part on at least one processor, comprising, securing network data traffic through a trusted partition of the computing environment, including, processing transaction data directed to one or more electronic commercial entities via a security component framework associated with the trusted partition, comparing security policy information to the transaction data to produce a comparison result, using the security component framework to generate response data based on the comparison result, and communicating the response data to at least one party associated with the transaction data.
- 11. In a computing environment, a system, comprising, an administrative component configured to allocate computing resources and generate one or more secure machines corresponding to an electronic commercial entity, the administrative component being further configured to communicate data with an isolation mechanism for providing a protected execution environment to run the one or more secure machines, to present the one or more secure machines as a proxy component for the electronic commercial entity, and to instrument a computing fabric to communicate Internet transactions from users to the proxy component and to communicate secured Internet transactions from the proxy component to the commercial electronic entity.
-
16. One or more computer-readable media having computer-executable instructions stored thereon, which in response to execution by a computer, cause the computer to perform steps comprising:
-
processing a request form directed to a commercial electronic entity from a client computer; applying a security component framework to the request form; returning information to the client computer if a security component framework identifies a security policy violation associated with the request form; and if the security component framework determines that the request form satisfies a security policy, converting the request form into a secure request form and communicating the secure request form to the commercial electronic entity. - View Dependent Claims (17, 18, 19, 20)
-
Specification