Systems and methods for deploying rich internet applications in a secure computing environment

US 9,641,511 B2
Filed: 04/11/2016
Issued: 05/02/2017
Est. Priority Date: 03/14/2013
Status: Active Grant

First Claim

Patent Images

1. A computer system, comprising:

a hardware processor; and

a run-time environment executing a first rich internet application in a first application container and a second rich internet application in a second application container, wherein the run-time environment comprises at least one of;

a user authentication service, an application authorization service, a run-time API permission service, or an audit service;

wherein the run-time environment is configured to;

determine, by querying an administration server, whether at least one of the first rich internet application or the second rich internet application is allowed to be executed within the run-time environment,determine whether at least one of the first rich internet application or the second rich internet application is allowed to access a certain function exposed by an application-programming interface (API) of the run-time environment,implement a client-side messaging bus to facilitate communications between the first rich internet application and the second rich internet application, andprevent at least one of the first rich internet application or the second rich internet application from terminating the run-time environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for deploying rich internet applications in a secure computing environment. An example computer system comprises: a hardware processor and a run-time environment executing a first rich internet application in a first application container and a second rich internet application in a second application container. The run-time environment is configured to: determine, by querying an administration server, whether at least one of the first rich internet application or the second rich internet application is allowed to be executed within the run-time environment, determine whether at least one of the first rich internet application or the second rich internet application is allowed to access a certain function exposed by an application-programming interface (API) of the run-time environment, implement a client-side messaging bus to facilitate communications between the first rich internet application and the second rich internet application, and prevent at least one of the first rich internet application or the second rich internet application from terminating the run-time environment.

28 Citations

View as Search Results

17 Claims

1. A computer system, comprising:
- a hardware processor; and
  
  a run-time environment executing a first rich internet application in a first application container and a second rich internet application in a second application container, wherein the run-time environment comprises at least one of;
  
  a user authentication service, an application authorization service, a run-time API permission service, or an audit service;
  
  wherein the run-time environment is configured to;
  
  determine, by querying an administration server, whether at least one of the first rich internet application or the second rich internet application is allowed to be executed within the run-time environment,determine whether at least one of the first rich internet application or the second rich internet application is allowed to access a certain function exposed by an application-programming interface (API) of the run-time environment,implement a client-side messaging bus to facilitate communications between the first rich internet application and the second rich internet application, andprevent at least one of the first rich internet application or the second rich internet application from terminating the run-time environment.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer system of claim 1, wherein the user authentication service is configured to authenticate a user of the computer system by querying the administration server.
  - 3. The computer system of claim 1, wherein the audit service is configured to perform at least one of:
    - capturing audit information associated with user actions, storing the audit information, or transmitting the audit information to the administration server.
  - 4. The computer system of claim 3, wherein the audit information comprises at least one of:
    - an application launching event, an application termination event, a window resizing event, or a mouse click event.
  - 5. The computer system of claim 1, wherein at least one of the first application container or the second application container is provided by a process being executed by the computer system.
  - 6. The computer system of claim 1, wherein the run-time environment is further configured to display a graphical user interface for at least one of the first rich internet application or the second rich internet application.

7. A method, comprising:
- receiving, by a computer system, an input by a user selecting at least one of a first rich internet application or a second rich internet application for execution within a run-time environment provided by the computer system, wherein the run-time environment comprises at least one of;
  
  a user authentication service, an application authorization service, a run-time API permission service, or an audit service;
  
  determining, by querying an administration server, whether at least one of the first rich internet application or the second rich internet application is allowed to be executed within the run-time environment;
  
  executing the first rich internet application in a first application container and the second rich internet application in a second application container;
  
  determining whether at least one of the first rich internet application or the second rich internet application is allowed to access a certain function exposed by an application-programming interface (API) of the run-time environment,implementing a client-side messaging bus to facilitate communications between the first rich internet application and the second rich internet application, andpreventing at least one of the first rich internet application or the second rich internet application from terminating the run-time environment.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, further comprising:
    - authenticating, by the user authentication service, a user of the computer system by querying the administration server.
  - 9. The method of claim 7, further comprising:
    - performing, by the audit service, at least one of;
      
      capturing audit information associated with user actions, storing the audit information, or transmitting the audit information to the administration server.
  - 10. The method of claim 9, wherein the audit information comprises at least one of:
    - an application launching event, an application termination event, a window resizing event, or a mouse click event.
  - 11. The method of claim 7, wherein at least one of the first application container or the second application container is provided by a process being executed by the computer system.
  - 12. The method of claim 7, wherein executing the first rich internet application and the second rich internet application further comprises:
    - displaying a graphical user interface for at least one of the first rich internet application or the second rich internet application.

13. A computer-readable non-transitory storage medium comprising executable instructions that, when executed by a processor of a computer system, cause the processor to:
- receive an input by a user selecting at least one of a first rich internet application or a second rich internet application for execution within a run-time environment provided by the computer system, wherein the run-time environment comprises at least one of;
  
  a user authentication service, an application authorization service, a run-time API permission service, or an audit service;
  
  determine, by querying an administration server, whether at least one of the first rich internet application or the second rich internet application is allowed to be executed within the run-time environment;
  
  execute the first rich internet application in a first application container and the second rich internet application in a second application container;
  
  determine whether at least one of the first rich internet application or the second rich internet application is allowed to access a certain function exposed by an application-programming interface (API) of the run-time environment,implement a client-side messaging bus to facilitate communications between the first rich internet application and the second rich internet application, andprevent at least one of the first rich internet application or the second rich internet application from terminating the run-time environment.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computer-readable non-transitory storage medium of claim 13, further comprising executable instructions causing the processor to:
    - authenticate, by the user authentication service, a user of the computer system by querying the administration server.
  - 15. The computer-readable non-transitory storage medium of claim 13, further comprising executable instructions causing the processor to:
    - perform, by the audit service, at least one of;
      
      capturing audit information associated with user actions, storing the audit information, or transmitting the audit information to the administration server.
  - 16. The computer-readable non-transitory storage medium of claim 15, wherein the audit information comprises at least one of:
    - an application launching event, an application termination event, a window resizing event, or a mouse click event.
  - 17. The computer-readable non-transitory storage medium of claim 13, wherein at least one of the first application container or the second application container is provided by a process being executed by the computer system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
OpenFin, Inc.
Original Assignee
OpenFin, Inc.
Inventors
Dar, Mazyar Majid, Doerr, Fred Charles
Primary Examiner(s)
Mehrmanesh, Amir
Assistant Examiner(s)
Shayanfar, Ali

Application Number

US15/095,666
Publication Number

US 20160226852A1
Time in Patent Office

386 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

Systems and methods for deploying rich internet applications in a secure computing environment

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for deploying rich internet applications in a secure computing environment

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links