Systems and methods for limiting access to potentially dangerous code
First Claim
Patent Images
1. A method, comprising:
- a first electronic device digitally signing a web page, wherein the web page includes code to invoke a control object, and wherein the web page does not include the control object; and
subsequent to digitally signing the web page, the first electronic device delivering the web page to a second electronic device capable of authenticating the source of the web page based on the digital signature such that the second electronic device executes at least a portion of the web page in response to authenticating the digital signature.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems, methods and data structures are described for attaching a digital signature to a web page and authenticating the digital signature before allowing the web page to invoke a software control on a computer that has downloaded the web page. Unauthorized users cannot gain access to a control on a computer through a web page that is downloaded to the computer, if the source of the web page or application cannot be authenticated or is not a trusted source.
17 Citations
34 Claims
-
1. A method, comprising:
-
a first electronic device digitally signing a web page, wherein the web page includes code to invoke a control object, and wherein the web page does not include the control object; and subsequent to digitally signing the web page, the first electronic device delivering the web page to a second electronic device capable of authenticating the source of the web page based on the digital signature such that the second electronic device executes at least a portion of the web page in response to authenticating the digital signature. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method, comprising:
-
a first electronic device receiving from a second electronic device, a request to download a web page; and in response to receiving the request, the first electronic device; determining whether the web page includes code to invoke a control object; in an event that the web page includes code to invoke a control object, the first electronic device digitally signing the web page; and delivering the web page to the second electronic device, wherein the second electronic device is capable of authenticating the source of the web page based on the digital signature such that the second electronic device executes at least a portion of the web page in response to authenticating the web page digital signature. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A method, comprising:
-
a first electronic device determining whether a web page includes code to invoke a control object, wherein the control object does not have an associated digital signature; and based on a determination that the web page includes code to invoke the control object; the first electronic device digitally signing the web page; and subsequent to digitally signing the web page, the first electronic device delivering the web page to a second electronic device capable of authenticating a source of the web page based on the digital signature such that the second electronic device executes the code to invoke the control object in response to authenticating the digital signature, and such that the second electronic device prevents execution of the code to invoke the control object in response to failing to authenticate the digital signature. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A method, comprising:
-
a first electronic device determining whether a web page includes code to invoke a control object, wherein a first digital signature is associated with the control object; based on a determination that the web page includes code to invoke the control object, the first electronic device digitally signing the web page with a second digital signature; and subsequent to digitally signing the web page with the second digital signature, the first electronic device delivering the web page to a second electronic device capable of authenticating the source of the web page based on the second digital signature such that the second electronic device executes the code to invoke the control object in response to authenticating the second digital signature, and such that the second electronic device prevents execution of the code to invoke the control object in response to failing to authenticate the source of the web page based on the second digital signature. - View Dependent Claims (26, 27, 28, 29, 30, 31)
-
-
32. One or more tangible computer-readable media comprising computer-executable instructions that, when executed, direct a first computing device to:
-
determine whether a web page includes code to invoke a control object, wherein the control object does not have an associated digital signature; and based on a determination that the web page includes code to invoke the control object, digitally signing the web page, wherein the digital signature is not directly associated with the control object; and deliver the web page to a second computing device capable of authenticating the source of the web page based on the digital signature such that the second computing device executes the code to invoke the control object in response to authenticating the source of the web page based on the digital signature, and such that the second computing device prevents execution of the code to invoke the control object in response to failing to authenticate the source of the web page based on the digital signature.
-
-
33. One or more tangible computer-readable media comprising computer-executable instructions that, when executed, direct a first computing device to:
-
determine whether a web page includes code to invoke a control object, wherein a first digital signature is associated with the control object; based on a determination that the web page includes code to invoke the control object, digitally sign the web page with a second digital signature; and deliver the web page to a second computing device capable of authenticating the source of the web page based on the second digital signature such that the second computing device executes the code to invoke the control object in response to authenticating the source of the web page based on the second digital signature, and such that the second computing device prevents execution of the code to invoke the control object in response to failing to authenticate the source of the web page based on the second digital signature.
-
-
34. A system comprising:
-
a page generator to generate a web page, wherein the web page includes a control object; a digital signature module to; determining whether the web page includes a script to invoke the control object; derive a digital signature from the web page; based on a determination that the web page includes a script to invoke the control object, digitally signing the web page such that the digital signature is not directly associated with the control object, but is associated with the source of the web page; and a web page delivery module to deliver the web page to an electronic device.
-
Specification