Secure and extensible policy-driven application platform
First Claim
1. A method of evaluating a web interactive component, said method comprising:
- defining a policy for a component in a content holder, said component providing interactions between a user and other content in the content holder when the component is rendered, said defined policy indicating an execution boundary of the component during runtime, said execution boundary defining resource access limitations of the component;
transforming at least a portion of a script content within the component to a property value of a function to be executed at runtime of the component, wherein the execution boundary defines access priorities of the runtime function;
transmitting the content holder with the transformed component to be rendered in an application on a host device;
in response to the rendering by the application, intercepting a request from the transmitted component to a server for a resource of the server, said intercepting inhibiting receipt of the request by the server, wherein the resource provides services to the transmitted component for interaction with at least one of the following;
the user and the other content from the content holder;
evaluating the intercepted request against the execution boundary in the defined policy; and
providing to the server or the application a dynamic resolution in response to the evaluated request.
2 Assignments
0 Petitions
Accused Products
Abstract
System of evaluating security of script content. A processor executes computer-executable instructions for defining a policy for the script content in a web page. The script content provides interactions between a user and other content within the web page. The defined policy indicates an execution boundary of the script content. The processor further evaluates the script content against the execution boundary in the defined policy. At run time, the processor transforms at least a portion of the web page in response to the evaluating. An interface transmits the web page with the transformed portion of the script content to be rendered in an application on a host device.
66 Citations
17 Claims
-
1. A method of evaluating a web interactive component, said method comprising:
-
defining a policy for a component in a content holder, said component providing interactions between a user and other content in the content holder when the component is rendered, said defined policy indicating an execution boundary of the component during runtime, said execution boundary defining resource access limitations of the component; transforming at least a portion of a script content within the component to a property value of a function to be executed at runtime of the component, wherein the execution boundary defines access priorities of the runtime function; transmitting the content holder with the transformed component to be rendered in an application on a host device; in response to the rendering by the application, intercepting a request from the transmitted component to a server for a resource of the server, said intercepting inhibiting receipt of the request by the server, wherein the resource provides services to the transmitted component for interaction with at least one of the following;
the user and the other content from the content holder;evaluating the intercepted request against the execution boundary in the defined policy; and providing to the server or the application a dynamic resolution in response to the evaluated request. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system of evaluating security of script content that integrates code and behaviors from various sources, said system comprising:
-
a processor configured to execute computer-executable instructions for; defining a policy for the script content in a web page, said script content providing interactions between a user and other content within the web page, said defined policy indicating an execution boundary of the script content, said execution boundary defining resource access of the script content; evaluating the script content against said execution boundary in the defined policy; transforming, at runtime, at least a portion of the web page in response to the evaluating; transforming at least a portion of the script content, within the web page, to a property value of a function included in the script content to be executed at runtime of the component, wherein the execution boundary defines a priority of the function; replacing the transformed portion of the script content with another property value mapping another script content, said another property value falling within the execution boundary of the defined policy when executed at runtime; and an interface for transmitting the web page with the transformed portion of the script content to be rendered in an application on a host device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method of securing a web interactive function, said method comprising:
-
defining a policy for the web interactive function in a web page, said web interactive function providing interactions to a user and to other content in the web page, said defined policy indicating an execution boundary of the web interactive function, said execution boundary defining resource access of the web interactive function; transmitting the web page to be rendered in an application on a host device; in response to the rendering by the application, monitoring the web interactive function for a request to interact with the user or the other content in the web page; intercepting the monitored request from the web interactive function to a server for a resource of the server, said intercepting inhibiting receipt of the request by the server, wherein the resource provides services to the web interactive function for interaction with at least one of the following;
the user and the other content from the web page;evaluating the intercepted request against the execution boundary in the defined policy; rewriting the intercepted request such that the rewritten request is within the execution boundary based on the defined policy; transforming at least a portion of a script content of the web interactive function to a property value of a runtime function included in the script content to be executed at runtime of the component, wherein the execution boundary defines an access priority of the runtime function; and providing to the server or the application a dynamic resolution in response to the evaluating. - View Dependent Claims (14, 15, 16, 17)
-
Specification