Running internet applications with low rights
First Claim
Patent Images
1. A computer-implemented method comprising:
- launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user;
providing a blocking mechanism that is configured to block the Internet-application'"'"'s access to defined spaces of a client computing device on which the Internet-application executes, the defined spaces including an administrative space and a user space of the client computing device, and the providing a blocking mechanism comprising;
setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space;
setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space;
defining a containment zone in which the Internet-application is to write and read data;
setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone;
launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and
defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone.
2 Assignments
0 Petitions
Accused Products
Abstract
In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system'"'"'s computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.
-
Citations
16 Claims
-
1. A computer-implemented method comprising:
-
launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user; providing a blocking mechanism that is configured to block the Internet-application'"'"'s access to defined spaces of a client computing device on which the Internet-application executes, the defined spaces including an administrative space and a user space of the client computing device, and the providing a blocking mechanism comprising; setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space; setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space; defining a containment zone in which the Internet-application is to write and read data; setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone; launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer-implemented method comprising:
-
launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user; providing a token-based blocking mechanism that is configured to block the Internet-application'"'"'s access to at least the administrative and user spaces of a client computing device on which the Internet-application executes, the providing a token-based blocking mechanism comprising; setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space; setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space; defining a containment zone in which the Internet-application is to write and read data; setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone; logically interposing an administrative broker object between the Internet-application and the administrative space to broker access to the administrative space; logically interposing a user space broker object between the Internet-application and the user space to broker access to the user space; launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone. - View Dependent Claims (8, 9, 10)
-
-
11. A computing device comprising:
-
one or more processors; one or more hardware computer-readable storage media, associated with the one or more processors and embodying computer-readable instructions which, when executed, cause the computing device to perform a method comprising; launching an Internet-application that inherits privileges of a token associated with a user, the token including a user integrity level associated with the user; providing a blocking mechanism that is configured to block the Internet-application'"'"'s access to defined spaces of the computing device on which the Internet-application executes, the defined spaces including an administrative space and a user space of the computing device, and the providing a blocking mechanism comprising; setting an administrative space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the administrative space; setting a user space integrity level that is higher than the user integrity level to restrict the Internet-application from accessing the user space; defining a containment zone in which the Internet-application is to write and read data; setting a containment zone integrity level that is lower than or equal to the user integrity level to allow the Internet-application to access the containment zone; launching, as a result of the user'"'"'s interaction with the Internet-application, an unrestricted Internet-application that is unblocked by the blocking mechanism, the unrestricted Internet-application associated with an additional token that is configured to enable the unrestricted Internet-application to access the administrative space and the user space; and defining an additional containment zone in which the unrestricted Internet-application is to read and write data, the Internet-application being restricted from accessing the additional containment zone and the unrestricted Internet-application being restricted from accessing the containment zone. - View Dependent Claims (12, 13, 14, 15, 16)
-
Specification