Method and system for extending Java applets sand box with public client storage
First Claim
1. A method for extending Java applet sandbox, utilizing a Java security manager contained within a Java virtual machine installed on a data processing system having a non-volatile memory, a display and a modem for connecting to the Internet, comprising the steps of:
- designating a portion of said non-volatile memory as a sandbox as defined by said security manager;
defining restrictions within said security manager for a second portion of said non-volatile memory designated as public storage space by a user of said data processing system;
defining restrictions within said security manager for designating a balance of said non-volatile memory as private storage space; and
applying said predefined security restrictions to Java applets.
3 Assignments
0 Petitions
Accused Products
Abstract
A Java applet sandbox, provided by restrictions originally set by the manufacturer of a Java enabled Internet browser, may be securely extended by introducing the notion of public and private client storage. In addition to the sandbox, users are given means of declaring a portion of the user machine'"'"'s disk space as Public. The public disk space is accessible to executing applets and is installed in addition to the standard sandbox. The modality of access may be defined with various levels of restriction by the user within the security manager. Restriction levels of the Public space may range from clearing (from the Public space) any data left after the applet has terminated, to allowing an executable applet to be moved into the private area on the user'"'"'s disk drive.
-
Citations
12 Claims
-
1. A method for extending Java applet sandbox, utilizing a Java security manager contained within a Java virtual machine installed on a data processing system having a non-volatile memory, a display and a modem for connecting to the Internet, comprising the steps of:
-
designating a portion of said non-volatile memory as a sandbox as defined by said security manager;
defining restrictions within said security manager for a second portion of said non-volatile memory designated as public storage space by a user of said data processing system;
defining restrictions within said security manager for designating a balance of said non-volatile memory as private storage space; and
applying said predefined security restrictions to Java applets. - View Dependent Claims (2, 3, 4)
providing restrictions in said security manager for defining said second portion; and
defining said second portion as an additional protected area in said memory which will permit applet execution.
-
-
3. The method of claim 1, wherein designating said balance of said non-volatile memory as private storage space, further comprises:
-
providing restrictions in said security manager for defining said balance;
defining said balance as a protected area; and
permitting applet execution within said private storage space with explicit permission from said user.
-
-
4. The method of claim 1, further comprising storing download Java applets until said security manager determines Java applet security restrictions.
-
5. A means for extending a Java applet sandbox, utilizing a Java security manager contained within a Java virtual machine installed on a data processing system having a non-volatile memory, a display and a modem for connecting to the Internet, comprising the steps of:
-
means within said security manager for designating a portion of said non-volatile memory as a sandbox;
means for defining restrictions within said security manager for a second portion of said non-volatile memory designated as public storage space by a user of said data processing system;
means for defining restrictions within said security manager for designating a balance of said non-volatile memory as private storage space; and
applying pre-defined levels of security restrictions to said Java applets. - View Dependent Claims (6, 7, 8)
means for providing restrictions in said security manager for defining said second portion; and
means for defining said second portion as an additional protected area in said memory which will permit applet execution.
-
-
7. The means of claim 5, wherein means for designating said balance of said nonvolatile memory as private storage space, further comprises:
-
means for providing restrictions in said security manger for defining said balance;
means for defining said balance as a protected area; and
means for permitting applet execution within said private storage space with explicit permission from said user.
-
-
8. The means of claim 5, further comprising means for storing downloaded Java applets until said security manager may determine Java applet security levels.
-
9. A computer program product within a computer-readable medium having instructions for extending a Java applet sandbox, utilizing a Java security manager contained within a Java virtual machine installed on a data processing system having a non-volatile memory, a display and a modem for connecting to the Internet, comprising:
-
instructions within said computer-readable medium for enabling said security manager to designate a portion of said non-volatile memory as a sandbox;
instructions within said computer-readable medium for defining restrictions within said security manager for a second portion of said non-volatile memory designated as public storage space by a user of said data processing system;
instructions within said computer-readable medium for defining restrictions within said security manager for designating a balance of said non-volatile memory as private storage space; and
instructions within said computer-readable medium for defining restrictions within said security manager for applying said levels of security restriction to Java applets. - View Dependent Claims (10, 11, 12)
instructions within said computer-readable medium for providing restrictions in said security manager for defining said second portion; and
instructions within said computer-readable medium for defining said second portion as an additional protected area in said memory which will permit applet execution.
-
-
11. The method of claim 9, wherein instructions for designating said balance of said non-volatile memory as private storage space, further comprises:
-
instructions within said computer-readable medium for providing restrictions in said security manager for defining said balance;
instructions within said computer-readable medium for defining said balance as a protected area; and
instructions within said computer-readable medium for permitting applet execution within said private storage space with explicit permission from said user.
-
-
12. The computer program product of claim 9, further comprising instructions within said computer-readable medium for storing downloaded Java applets until said security manager may determine said applet security restrictions.
Specification