Running internet applications with low rights

US 8,078,740 B2
Filed: 06/03/2005
Issued: 12/13/2011
Est. Priority Date: 06/03/2005
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user;

providing a blocking mechanism that is configured to block the Internet-application'"'"'s access to defined spaces of a client computing device on which the Internet-application executes, the defined spaces including an administrative space and a user space of the client computing device, and the providing a blocking mechanism comprising;

setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space;

setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space;

defining a containment zone in which the Internet-application is to write and read data;

setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone;

launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and

defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system'"'"'s computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.

Citations

16 Claims

1. A computer-implemented method comprising:
- launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user;
  
  providing a blocking mechanism that is configured to block the Internet-application'"'"'s access to defined spaces of a client computing device on which the Internet-application executes, the defined spaces including an administrative space and a user space of the client computing device, and the providing a blocking mechanism comprising;
  
  setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space;
  
  setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space;
  
  defining a containment zone in which the Internet-application is to write and read data;
  
  setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone;
  
  launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and
  
  defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the blocking mechanism is configured block access in a user-independent manner.
  - 3. The method of claim 1 further comprising logically interposing a broker mechanism between the Internet-application and the defined spaces to broker access to the defined spaces.
  - 4. The method of claim 3, wherein the broker mechanism comprises individual broker objects, each of which being associated with a different defined space.
  - 5. The method of claim 3, wherein the broker mechanism is configured to enable a user to approve access to an associated defined space.
  - 6. The method of claim 1, wherein the Internet-application comprises a web browser application.

7. A computer-implemented method comprising:
- launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user;
  
  providing a token-based blocking mechanism that is configured to block the Internet-application'"'"'s access to at least the administrative and user spaces of a client computing device on which the Internet-application executes, the providing a token-based blocking mechanism comprising;
  
  setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space;
  
  setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space;
  
  defining a containment zone in which the Internet-application is to write and read data;
  
  setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone;
  
  logically interposing an administrative broker object between the Internet-application and the administrative space to broker access to the administrative space;
  
  logically interposing a user space broker object between the Internet-application and the user space to broker access to the user space;
  
  launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and
  
  defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone.
- View Dependent Claims (8, 9, 10)
- - 8. The method of claim 7, wherein the user space broker object is configured to enable a user to approve access to the user space.
  - 9. The method of claim 8, wherein the administrative broker object is configured to prompt an administrative user to enter associated credentials in order to access the administrative space.
  - 10. The method of claim 7, wherein the Internet-application comprises a web browser application.

11. A computing device comprising:
- one or more processors;
  
  one or more hardware computer-readable storage media, associated with the one or more processors and embodying computer-readable instructions which, when executed, cause the computing device to perform a method comprising;
  
  launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user;
  
  providing a blocking mechanism that is configured to block the Internet-application'"'"'s access to defined spaces of the computing device on which the Internet-application executes, the defined spaces including an administrative space and a user space of the computing device, and the providing a blocking mechanism comprising;
  
  setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space;
  
  setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space;
  
  defining a containment zone in which the Internet-application is to write and read data;
  
  setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone;
  
  launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and
  
  defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The computing device of claim 11, wherein the blocking mechanism is configured block access in a user-independent manner.
  - 13. The computing device of claim 11, wherein the method further comprises logically interposing a broker mechanism between the Internet-application and the defined spaces to broker access to the defined spaces.
  - 14. The computing device of claim 13, wherein the broker mechanism comprises individual broker objects, each of which being associated with a different defined space.
  - 15. The computing device of claim 13, wherein the broker mechanism is configured to enable a user to approve access to an associated defined space.
  - 16. The computing device of claim 11, wherein the Internet-application comprises a web browser application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Tokumi, Roland K, Franco, Roberto A., Ganjam, Anantha P, Bedworth, John G., Brundrett, Peter T.
Primary Examiner(s)
Nguyen, Phuoc
Assistant Examiner(s)
SISON, JUNE Y

Application Number

US11/145,530
Publication Number

US 20060277218A1
Time in Patent Office

2,384 Days
Field of Search

709/229
US Class Current

709/229
CPC Class Codes

G06F 21/53 by executing in a restricte...

Running internet applications with low rights

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Running internet applications with low rights

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links