Lockbox for mitigating same origin policy failures
First Claim
1. A system configured to facilitate mitigating security policy failures in a computing environment, the system comprising:
- a processing unit;
a lockbox module configured to process one or more requests for at least one of data or an application feature;
an instruction set comprising at least one instruction configured to instruct the lockbox module to;
generate a lockbox computing application element that contains the at least one of the data or the application feature, the lockbox computing application element being configured to associate security privileges to selected content, andprocess the at least one of the data or the application feature contained in the lockbox computing application element to determine whether the at least one of the data or the application feature is associated with the lockbox computing application element according to a selected same-origin-policy (SOP) management paradigm,wherein the selected SOP management paradigm comprises at least one other instruction configured to associate the at least one of the data or the application feature with a plurality of nested lockboxes including at least an inner lockbox having a first associated security privilege and an outer lockbox having a second associated security privilege; and
a computer-readable storage medium storing instructions that, when executed by the processing unit, cause the processing unit to implement the lockbox module.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods to manage same-origin-policy (SOP) failures that occur in a computing environment are provided. In an illustrative implementation, an exemplary computing environment comprises a lockbox module, and an instruction set comprising at least one instruction directing the lockbox module to process data and/or computing application execution commands representative of and a request for a selected operation/feature according to a selected SOP management paradigm. In the illustrative implementation, the SOP management paradigm comprises one or more instructions to deploy a “lockbox” computing application element allowing for the management, monitoring, and control of computing application features/operations operable under a same origin policy.
-
Citations
20 Claims
-
1. A system configured to facilitate mitigating security policy failures in a computing environment, the system comprising:
-
a processing unit; a lockbox module configured to process one or more requests for at least one of data or an application feature; an instruction set comprising at least one instruction configured to instruct the lockbox module to; generate a lockbox computing application element that contains the at least one of the data or the application feature, the lockbox computing application element being configured to associate security privileges to selected content, and process the at least one of the data or the application feature contained in the lockbox computing application element to determine whether the at least one of the data or the application feature is associated with the lockbox computing application element according to a selected same-origin-policy (SOP) management paradigm, wherein the selected SOP management paradigm comprises at least one other instruction configured to associate the at least one of the data or the application feature with a plurality of nested lockboxes including at least an inner lockbox having a first associated security privilege and an outer lockbox having a second associated security privilege; and a computer-readable storage medium storing instructions that, when executed by the processing unit, cause the processing unit to implement the lockbox module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method performed by executing instructions with at least one processing unit, the method comprising:
-
creating a lockbox computing application element that associates security privileges with data or an application feature contained in the lockbox computing application element, the lockbox computing application element being associated with a plurality of nested lockboxes including at least; an inner lockbox that includes the data or the application feature and has a first associated security privilege, and an outer lockbox that includes the inner lockbox and has a second associated security privilege; receiving a request for the data or the application feature that is contained in the lockbox computing application element; identifying a source of the request; making a determination whether the source is an approved source to which the lockbox computing application element is configured to provide access; and selectively providing access to the data or the application feature based on the determination. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. One or more hardware computer storage media storing computer executable instructions that, when executed by a computing device, cause the computing device to perform operations comprising:
-
creating a lockbox computing application element that associates a first security privilege and a second security privilege with data or an application feature, the lockbox computing application element identifying nested lockboxes including at least; an inner lockbox that contains the data or the application feature and associates the first security privilege with the data or the application feature, and an outer lockbox that contains the inner lockbox and associates the second security privilege with the data or the application feature; receiving a request for the data or the application feature that is contained in the inner lockbox identified by the lockbox computing application element; identifying a source of the request; determining that the source of the request is approved to access the data or the application feature in accordance with both the first security privilege and the second security privilege; and responsive to the determining, providing the data or the application feature to the source of the request.
-
Specification