System and method for integrating secure and non-secure software objects

US 7,039,801 B2
Filed: 04/19/2001
Issued: 05/02/2006
Est. Priority Date: 06/30/2000
Status: Active Grant

First Claim

Patent Images

1. A method of protecting data comprising the acts of:

creating a first process associated with a first address space, said first process comprising an executing trusted application;

creating a second process associated with a second address space, said first address space being inaccessible to said second process, said second process created by and controlled by said first process, said second process comprising an executing untrusted application;

running, in said first process, a first software object which stores data in said first address space;

running, in said second process, a second software object which accesses said second address space; and

directing, by said first process, an action performable by said second software process.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure first process uses a non-secure software object by hosting said non-secure software object in a separate second process, where the first process'"'"'s address space is inaccessible to the second process. The first process communicates with the second process, preferably by means of a COM API that the second process exposes to the first process. The application that runs in the second process may expose APIs of the hosted non-secure object to the first process, and the first process may communicate with the non-secure object hosted in the second process through this API. In a preferred embodiment, the second process renders its output in a child window of the first process, so that the use of a second process to host non-secure software objects is transparent to a user of the first process.

Citations

24 Claims

1. A method of protecting data comprising the acts of:
- creating a first process associated with a first address space, said first process comprising an executing trusted application;
  
  creating a second process associated with a second address space, said first address space being inaccessible to said second process, said second process created by and controlled by said first process, said second process comprising an executing untrusted application;
  
  running, in said first process, a first software object which stores data in said first address space;
  
  running, in said second process, a second software object which accesses said second address space; and
  
  directing, by said first process, an action performable by said second software process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein the data comprises encrypted content, and wherein said act of running said first software object comprises the act of:
    - starting in said first process an application which renders said encrypted content.
  - 3. The method of claim 2, wherein said encrypted content comprises text.
  - 4. The method of claim 2, wherein said encrypted content comprises video.
  - 5. The method of claim 2, wherein said encrypted content comprises audio.
  - 6. The method of claim 1, wherein the data comprises a cryptographic key, and wherein said act of running said first software object comprises the act of:
    - starting in said first process an application which uses said cryptographic key.
  - 7. The method of claim 1, wherein said act of running a second software object comprises the acts of:
    - starting, in said second process, a hosting application;
      
      hosting said second software object by said hosting application.
  - 8. The method of claim 7, wherein said act of starting said hosting application comprises starting a component object model server.
  - 9. The method of claim 1, wherein said second software object comprises a web browser which imports, from a remote computing device, code which accesses said second address space.
  - 10. The method of claim 1, wherein said method is performed in a computing device having a display associated therewith, said method further comprising the acts of:
    - rendering an output of said first software object in a first window having a first region on said display; and
      
      rendering an output of said second software object in a second window different from said first window, said second window having a second region on said display.
  - 11. The method of claim 10, wherein said second region at least partly coincides with said first region.
  - 12. The method of claim 11, wherein said second window is wholly enclosed within said first window.
  - 13. The method of claim 1, wherein said directing act comprises calling a method on an interface exposed by said second process.
  - 14. The method of claim 13, wherein said second software object comprises a web browser, and wherein said method instructs said web browser to retrieve a web page from a remote location.
  - 15. A computer-readable medium having computer-executable instructions to perform the method of claim 1.

16. A system for integrating a secure application with an open application on a computing device including a processor, said computing device further including an operating system which provides a plurality of processes, each process having an address space associated therewith, said system comprising:
- a first trusted application executable on said processor in a first of said plurality of processes having a first address space, wherein said first trusted application accesses protected data in said first address space, and wherein said first trusted application provides a service by using a pre-determined software object;
  
  a second untrusted application executable on said processor in a second of said plurality of processes having a second address space, said second process created and controlled by said first process, wherein said second untrusted application hosts said pre-determined software object, and wherein said second untrusted application exposes a callable interface to said first trusted application, said first address space being inaccessible to said second process.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The system of claim 16, wherein said first application directs the actions of said pre-determined software object by communicating instructions to said second application through said callable interface.
  - 18. The system of claim 16, wherein said pre-determined software object comprises a web browser which imports, from a remote computing device, code which executes on said processor and which accesses data in an address space associated with a process in which said pre-determined software object executes.
  - 19. The system of claim 16, wherein said first application protects said protected data from observation or modification.
  - 20. The system of claim 16, wherein said computing device is coupled to a display, wherein said first application creates a first window in which said first application renders its output, said first window defining a first region on said display, and wherein said second application creates a second window in which said pre-determined software object renders its output, said second window being different from said first window, said second window defining a second region on said display.
  - 21. The system of claim 20, wherein said second region coincides at least in part with said first region.
  - 22. The system of claim 21, wherein said second window is wholly enclosed within said first window.
  - 23. The system of claim 20, wherein said second window comprises a child of said first window.
  - 24. The system of claim 16, wherein said first application instantiates one or more of:
    - (a) said second application;
      
      or (b) the hosting of said pre-determined software object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Narin, Attila
Primary Examiner(s)
Barrón, Jr., Gilberto
Assistant Examiner(s)
LEMMA, SAMSON B

Application Number

US09/837,904
Publication Number

US 20020002673A1
Time in Patent Office

1,839 Days
Field of Search

713/162, 713164-167, 713/152, 726/26
US Class Current

713/152
CPC Class Codes

G06F 21/53 by executing in a restricte...

System and method for integrating secure and non-secure software objects

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for integrating secure and non-secure software objects

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links