Secure browsing via a transparent network proxy
First Claim
1. A system for providing secure browsing via a transparent network proxy, the system comprising:
- a non-transitory memory that stores instructions;
a computer processor that executes the instructions to perform operations, the operations comprising;
receiving, from a browser on a remote client device, a request to access a resource, wherein the request includes an identifier for locating the resource;
determining if the resource is not trusted based on an analysis of the identifier, wherein the resource is determined to not be trusted if the identifier is determined to not have been previously used and if the identifier or the resource is determined to be attempting to redirect the browser on the remote client device to a malicious resource;
forwarding, if the resource is determined to not be trusted based on the analysis of the identifier, the request to a virtual machine manager for selecting a browser virtual machine from a pool of browser virtual machines;
redirecting the browser on the remote client device to the browser virtual machine via a desktop virtualization technology connection;
removing a virtual browser control bar from the selected browser virtual machine;
filtering, by utilizing the selected browser virtual machine selected from the pool of browser virtual machines, malicious content out of the resource;
rendering strictly a viewable window of the selected browser virtual machine, wherein the viewable window includes a rendering of the resource; and
streaming, after filtering the malicious content out of the resource, the rendering of the viewable window of the selected browser virtual machine rendering the resource from the selected browser virtual machine to a viewable window of the browser on the remote client device based on the request, wherein the rendering of the resource is provided in lieu of the resource, and wherein the user may utilize controls in a control bar of the browser to control the selected browser virtual machine displayed within the viewable window of the browser.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for providing secure browsing via a transparent network proxy is disclosed. The system may receive, from a client, a request to access a resource. The request may include an identifier that may be utilized to locate the resource. Once the request is received, the system may determine if the resource is not trusted, such as if the identifier is determined to be unknown or suspicious. If the resource is determined to not be trusted by the system, the system may forward the request to a virtual machine manager that may select a browser virtual machine from a pool of browser virtual machines. After the browser virtual machine is selected, the browser virtual machine may stream a rendering of the resource to the client based on the request. The rendering of the resource may be provided in lieu of the actual resource.
27 Citations
20 Claims
-
1. A system for providing secure browsing via a transparent network proxy, the system comprising:
-
a non-transitory memory that stores instructions; a computer processor that executes the instructions to perform operations, the operations comprising; receiving, from a browser on a remote client device, a request to access a resource, wherein the request includes an identifier for locating the resource; determining if the resource is not trusted based on an analysis of the identifier, wherein the resource is determined to not be trusted if the identifier is determined to not have been previously used and if the identifier or the resource is determined to be attempting to redirect the browser on the remote client device to a malicious resource; forwarding, if the resource is determined to not be trusted based on the analysis of the identifier, the request to a virtual machine manager for selecting a browser virtual machine from a pool of browser virtual machines; redirecting the browser on the remote client device to the browser virtual machine via a desktop virtualization technology connection; removing a virtual browser control bar from the selected browser virtual machine; filtering, by utilizing the selected browser virtual machine selected from the pool of browser virtual machines, malicious content out of the resource; rendering strictly a viewable window of the selected browser virtual machine, wherein the viewable window includes a rendering of the resource; and streaming, after filtering the malicious content out of the resource, the rendering of the viewable window of the selected browser virtual machine rendering the resource from the selected browser virtual machine to a viewable window of the browser on the remote client device based on the request, wherein the rendering of the resource is provided in lieu of the resource, and wherein the user may utilize controls in a control bar of the browser to control the selected browser virtual machine displayed within the viewable window of the browser. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for providing secure browsing via a transparent network proxy, the method comprising:
-
receiving, from a browser on a remote client device, a request to access a resource, wherein the request includes an identifier for locating the resource; determining, by utilizing instructions from memory that are executed by a processor, if the resource is not trusted based on an analysis of the identifier, wherein the resource is determined to not be trusted if the identifier is determined to not have been previously used and if the identifier or the resource is determined to be attempting to redirect the browser on the remote client device to a malicious resource; forwarding, if the resource is determined to not be trusted based on the analysis of the identifier, the request to a virtual machine manager for selecting a browser virtual machine from a pool of browser virtual machines; redirecting the browser on the remote client device to the browser virtual machine via a desktop virtualization technology connection; removing a virtual browser control bar from the selected browser virtual machine; filtering, by utilizing the selected browser virtual machine selected from the pool of browser virtual machines, malicious content out of the resource; rendering strictly a viewable window of the selected browser virtual machine, wherein the viewable window includes a rendering of the resource; and streaming, after filtering the malicious content out of the resource, the rendering of the viewable window of the selected browser virtual machine rendering the resource from the selected browser virtual machine to a viewable window of the browser on the remote client device based on the request, wherein the rendering of the resource is provided in lieu of the resource and wherein the user may utilize controls in a control bar of the browser to control the selected browser virtual machine displayed within the viewable window of the browser. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A non-transitory computer-readable device comprising instructions, which when loaded and executed by a processor, cause the processor to perform operations, the operations comprising:
-
receiving, from a browser on a remote client device, a request to access a resource, wherein the request includes an identifier for locating the resource; determining if the resource is not trusted based on an analysis of the identifier, wherein the resource is determined to not be trusted if the identifier is determined to not have been previously used and if the identifier or the resource is determined to be attempting to redirect the browser on the remote client device to a malicious resource; forwarding, if the resource is determined to not be trusted based on the analysis of the identifier, the request to a virtual machine manager for selecting a browser virtual machine from a pool of browser virtual machines; redirecting the browser on the remote client device to the browser virtual machine via a desktop virtualization technology connection; removing a virtual browser control bar from the selected browser virtual machine; filtering, by utilizing the selected browser virtual machine selected from the pool of browser virtual machines, malicious content out of the resource; rendering strictly a viewable window of the selected browser virtual machine, wherein the viewable window includes a rendering of the resource; and streaming, after filtering the malicious content out of the resource, the rendering of the viewable window of the selected browser virtual machine rendering the resource from the selected browser virtual machine to a viewable window of the browser on the remote client device based on the request, wherein the rendering of the resource is provided in lieu of the resource, and wherein the user may utilize controls in a control bar of the browser to control the selected browser virtual machine displayed within the viewable window of the browser. - View Dependent Claims (20)
-
Specification