SECURITY MODES FOR A COMPONENT-BASED WEB SECURITY MODEL
First Claim
1. A system comprising:
- a processor; and
a memory storing instructions that are configurable to cause the system to;
receive a plurality of documents for a web-based application, the web-based application comprising one or more components, the components comprising one or more custom components and one or more Application Programming Interface (API) components;
process a Document Object Model (DOM) corresponding to the web-based application, wherein the one or more components are modeled in hierarchical form;
assign each API component to a system mode setting, the system mode setting configured to provide the API component access to all of the components in the web-based application;
generate one or more secure documents for each custom component, each secure document comprising a key constituting an object reference of the custom component such that the custom component is accessible only to other custom components that can provide said key in accordance with the rules of capability security; and
assign each custom component to a user mode setting, the user mode setting configured to provide custom components access to other components in the web-based application for which the custom component can provide the key assigned to the other component.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the components modeled in hierarchical form. Each API component is assigned to a system mode setting, where the system mode setting is configured to provide the API component access to all of the components in the application. One or more secure documents are generated for each custom component, with each secure document containing a key in accordance with the rules of capability security. Each custom component is then assigned to a user mode setting, where the user mode setting is configured to provide custom components access to other components in the application for which a key can be provided.
15 Citations
20 Claims
-
1. A system comprising:
-
a processor; and a memory storing instructions that are configurable to cause the system to; receive a plurality of documents for a web-based application, the web-based application comprising one or more components, the components comprising one or more custom components and one or more Application Programming Interface (API) components; process a Document Object Model (DOM) corresponding to the web-based application, wherein the one or more components are modeled in hierarchical form; assign each API component to a system mode setting, the system mode setting configured to provide the API component access to all of the components in the web-based application; generate one or more secure documents for each custom component, each secure document comprising a key constituting an object reference of the custom component such that the custom component is accessible only to other custom components that can provide said key in accordance with the rules of capability security; and assign each custom component to a user mode setting, the user mode setting configured to provide custom components access to other components in the web-based application for which the custom component can provide the key assigned to the other component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
receiving a plurality of documents for a web-based application, the web-based application comprising one or more components, the components comprising one or more custom components and one or more Application Programming Interface (API) components; processing a Document Object Model (DOM) corresponding to the web-based application, wherein the one or more components are modeled in hierarchical form; assigning each API component to a system mode setting, the system mode setting configured to provide the API component access to all of the components in the web-based application; generating one or more secure documents for each custom component, each secure document comprising a key constituting an object reference of the custom component such that the custom component is accessible only to other custom components that can provide said key in accordance with the rules of capability security; and assigning each custom component to a user mode setting, the user mode setting configured to provide custom components access to other components in the web-based application for which the custom component can provide the key assigned to the other component. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer program product comprising computer-readable program code capable of being executed by one or more processors when retrieved from a non-transitory computer-readable medium, the program code comprising instructions configurable to cause:
-
receiving a plurality of documents for a web-based application, the web-based application comprising one or more components, the components comprising one or more custom components and one or more Application Programming Interface (API) components; processing a Document Object Model (DOM) corresponding to the web-based application, wherein the one or more components are modeled in hierarchical form; assigning each API component to a system mode setting, the system mode setting configured to provide the API component access to all of the components in the web-based application; generating one or more secure documents for each custom component, each secure document comprising a key constituting an object reference of the custom component such that the custom component is accessible only to other custom components that can provide said key in accordance with the rules of capability security; and assigning each custom component to a user mode setting, the user mode setting configured to provide custom components access to other components in the web-based application for which the custom component can provide the key assigned to the other component. - View Dependent Claims (19, 20)
-
Specification