Facilitating user interaction with multiple domains while preventing cross-domain transfer of data
First Claim
1. A method for facilitating user interaction with multiple domains in which applications execute, the method comprising:
- providing a compositioning domain executing on a processor as a guest machine above a hypervisor, the compositioning domain to facilitate interaction between a user and at least two domains in which applications execute, the at least two domains executing as separate execution environments for executing their respective applications, wherein the compositioning domain facilitates interaction between the user and the at least two domains in a secure manner preventing cross-domain transfer of data, and wherein the facilitating interaction comprises;
obtaining by the compositioning domain pixel information from the at least two domains via one or more read-only communication paths that are read-only from the compositioning domain to the at least two domains, the obtained pixel information comprising at least some pixel information from each domain of the at least two domains, wherein pixel information obtained from one domain of the at least two domains differs from pixel information obtained from another domain of the at least two domains;
providing a user interface to the user, the providing comprising providing a display buffer of the compositioning domain, the display buffer comprising the obtained pixel information including the at least some pixel information from each domain of the at least two domains for simultaneous display of the at least some pixel information from each domain of the at least two domains to the user; and
maintaining an in-focus domain state indicating which domain of the at least two domains is currently in-focus, wherein user input from the user based on the user interface is provided by a user input handler directly to the currently in-focus domain indicated by the in-focus domain state, absent transferring the user input to the compositioning domain.
2 Assignments
0 Petitions
Accused Products
Abstract
User interaction with multiple domains is facilitated while preventing cross-domain transfer of data from those domains. A compositioning domain facilitates this interaction in a secure manner in which cross-domain transfer of data is prevented. This includes obtaining pixel information from the domains via one or more read-only communication paths, providing a user interface to the user, which includes providing a display buffer including at least some of the pixel information obtained from each domain of the domains for display to the user, and maintaining an in-focus domain state. The in-focus domain state indicates which domain of the domains is currently in-focus. User input from the user based on the user interface is provided by a user input handler directly to the currently in-focus domain indicated by the in-focus domain state absent transfer of the user input to the compositioning domain.
-
Citations
25 Claims
-
1. A method for facilitating user interaction with multiple domains in which applications execute, the method comprising:
providing a compositioning domain executing on a processor as a guest machine above a hypervisor, the compositioning domain to facilitate interaction between a user and at least two domains in which applications execute, the at least two domains executing as separate execution environments for executing their respective applications, wherein the compositioning domain facilitates interaction between the user and the at least two domains in a secure manner preventing cross-domain transfer of data, and wherein the facilitating interaction comprises; obtaining by the compositioning domain pixel information from the at least two domains via one or more read-only communication paths that are read-only from the compositioning domain to the at least two domains, the obtained pixel information comprising at least some pixel information from each domain of the at least two domains, wherein pixel information obtained from one domain of the at least two domains differs from pixel information obtained from another domain of the at least two domains; providing a user interface to the user, the providing comprising providing a display buffer of the compositioning domain, the display buffer comprising the obtained pixel information including the at least some pixel information from each domain of the at least two domains for simultaneous display of the at least some pixel information from each domain of the at least two domains to the user; and maintaining an in-focus domain state indicating which domain of the at least two domains is currently in-focus, wherein user input from the user based on the user interface is provided by a user input handler directly to the currently in-focus domain indicated by the in-focus domain state, absent transferring the user input to the compositioning domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 25)
-
12. A system for facilitating user interaction with multiple domains in which applications execute, the system comprising:
-
a memory; and a processor in communication with the memory, wherein the system is configured to perform a method comprising; providing a compositioning domain executing on a processor as a guest machine above a hypervisor, the compositioning domain to facilitate interaction between a user and at least two domains in which applications execute, the at least two domains executing as separate execution environments for executing their respective applications, wherein the compositioning domain facilitates interaction between the user and the at least two domains in a secure manner preventing cross-domain transfer of data, and wherein the facilitating interaction comprises; obtaining by the compositioning domain pixel information from the at least two domains via one or more read-only communication paths that are read-only from the compositioning domain to the at least two domains, the obtained pixel information comprising at least some pixel information from each domain of the at least two domains, wherein pixel information obtained from one domain of the at least two domains differs from pixel information obtained from another domain of the at least two domains; providing a user interface to the user, the providing comprising providing a display buffer of the compositioning domain, the display buffer comprising the obtained pixel information including the at least some pixel information from each domain of the at least two domains for simultaneous display of the at least some pixel information from each domain of the at least two domains to the user; and maintaining an in-focus domain state indicating which domain of the at least two domains is currently in-focus, wherein user input from the user based on the user interface is provided by a user input handler directly to the currently in-focus domain indicated by the in-focus domain state, absent transferring the user input to the compositioning domain. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer program product comprising:
a non-transitory storage medium storing program instructions readable by a processor for execution to perform a method comprising; providing a compositioning domain executing on a processor as a guest machine above a hypervisor, the compositioning domain to facilitate interaction between a user and at least two domains in which applications execute, the at least two domains executing as separate execution environments for executing their respective applications, wherein the compositioning domain facilitates interaction between the user and the at least two domains in a secure manner preventing cross-domain transfer of data, and wherein the facilitating interaction comprises; obtaining by the compositioning domain pixel information from the at least two domains via one or more read-only communication paths that are read-only from the compositioning domain to the at least two domains, the obtained pixel information comprising at least some pixel information from each domain of the at least two domains, wherein pixel information obtained from one domain of the at least two domains differs from pixel information obtained from another domain of the at least two domains; providing a user interface to the user, the providing comprising providing a display buffer of the compositioning domain, the display buffer comprising the obtained pixel information including the at least some pixel information from each domain of the at least two domains for simultaneous display of the at least some pixel information from each domain of the at least two domains to the user; and maintaining an in-focus domain state indicating which domain of the at least two domains is currently in-focus, wherein user input from the user based on the user interface is provided by a user input handler directly to the currently in-focus domain indicated by the in-focus domain state, absent transferring the user input to the compositioning domain. - View Dependent Claims (20, 21, 22, 23, 24)
Specification