Method and system for secure running of untrusted content
First Claim
1. In a computer system having an operating system provided security mechanism that determines access of processes to resources based on information in an access token associated with each of the processes against security information associated with each of the resources, a method of restricting access of content to resources, comprising, setting up a process for the content, determining restriction information based on criteria available to the computer system, automatically creating a restricted access token based on the restriction information, the restricted access token having reduced access relative to a parent token, associating the restricted access token with the process, and in response to a request for access by the process to the resource, the security mechanism determining access by evaluating data in the restricted access token against separately maintained security information currently associated with the resource.
2 Assignments
0 Petitions
Accused Products
Abstract
Restricted execution contexts are provided for untrusted content, such as computer code or other data downloaded from websites, electronic mail messages and any attachments thereto, and scripts or client processes run on a server. A restricted process is set up for the untrusted content, and any actions attempted by the content are subject to the restrictions of the process, which may be based on various criteria. Whenever a process attempt to access a resource, a token associated with that process is compared against security information of that resource to determine if the type of access is allowed. The security information of each resource thus determines the extent to which the restricted process, and thus the untrusted content, has access. In general, the criteria used for setting up restrictions for each untrusted content'"'"'s process is information indicative of how trusted or untrusted the content is likely to be.
-
Citations
50 Claims
- 1. In a computer system having an operating system provided security mechanism that determines access of processes to resources based on information in an access token associated with each of the processes against security information associated with each of the resources, a method of restricting access of content to resources, comprising, setting up a process for the content, determining restriction information based on criteria available to the computer system, automatically creating a restricted access token based on the restriction information, the restricted access token having reduced access relative to a parent token, associating the restricted access token with the process, and in response to a request for access by the process to the resource, the security mechanism determining access by evaluating data in the restricted access token against separately maintained security information currently associated with the resource.
- 26. In a computer system, a system for restricting access of content to resources, comprising, a process set up for the content, a discrimination mechanism configured with executable code to determine restriction data based on information corresponding to the content, a mechanism configured with executable code to automatically create a restricted access token for the process based on the restriction data, the restricted access token having reduced access relative to a parent token, and a security mechanism configured with executable code to determine access of the content'"'"'s process to a resource by comparing information in the restricted access token to separately maintained security information currently associated with the resource.
-
41. In a computer server, a system for restricting access of content to resources, comprising, content arranged in a web site, the content having a process set up therefor, a discrimination mechanism configured with executable code to determine at least one restricted security identifier based on information corresponding to the site, a mechanism configured with executable code to automatically derive from a parent token a restricted access token for the process by adding relative to the parent token the at least one restricted security identifier corresponding to the site to the restricted access token, and a security mechanism that determines access of the content'"'"'s process to a resource by comparing information in the restricted access token to separately maintained security information currently associated with the resource.
-
42. A method comprising,
automatically creating authorization data based on security information in a parent access token and restriction information available to a computer system; -
associating the authorization data with a process;
receiving a request for access by the process to a selected resource; and
in response to the request, comparing in a security environment the authorization data associated with the process against security information currently associated with the selected resource to determine whether to grant access of the process to the selected resource, the security information currently associated with the selected resource being maintained separately from the authorization data associated with the process. - View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50)
-
Specification