SANDBOXING THIRD PARTY COMPONENTS
First Claim
1. A non-transitory machine-readable medium having executable instructions to cause one or more processing units to perform a method of security management for a data processing system, the method comprising:
- determining whether a third-party component supports network access, wherein the third-party component provides input data to a user application; and
when the third-party component supports network access, constructing a sandbox for the third-party component to restrict network access of the third-party component.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus of a device for security management by sandboxing third-party components is described. The device can determine whether a third-party component supports network access. If the third-party component supports network access, the device can request a user input regarding whether to restrict the network access of the component. The device can receive a user input to restrict network access of the third-party component. Upon receiving the user input to restrict network access, the device can construct a sandbox for the third-party component to restrict network access of the component and prevent the component from performing data exfiltration. Other embodiments are also described and claimed.
22 Citations
20 Claims
-
1. A non-transitory machine-readable medium having executable instructions to cause one or more processing units to perform a method of security management for a data processing system, the method comprising:
-
determining whether a third-party component supports network access, wherein the third-party component provides input data to a user application; and when the third-party component supports network access, constructing a sandbox for the third-party component to restrict network access of the third-party component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer-implemented method for security management of a data processing system, the method comprising:
-
determining whether a third-party component supports network access; when the third-party component supports network access, requesting an input regarding whether to restrict the network access of the third-party component; receiving the input to restrict network access of the third-party component; and constructing a sandbox for the third-party component to restrict network access of the third-party component. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A device to perform security management, the device comprising:
-
a processing system; a memory coupled to the processing system though a bus; and a process executed from the memory by the processing system that causes the processing system to determine whether a third-party component supports network access, when the third-party component supports network access, request an input regarding whether to restrict the network access of the third-party component, receive the input to restrict network access of the third-party component, and construct a sandbox for the third-party component to restrict network access of the third-party component. - View Dependent Claims (17, 18, 19, 20)
-
Specification