Method and apparatus for network security in browser based interfaces
First Claim
1. A method, implemented in a computer system, for determining execution permission for an application program retrieved by a web browser within a client'"'"'s workstation in a network operating environment, comprising the steps of:
- creating a non-standard command filetype extension for all command files in said client'"'"'s workstation in said network operating environment containing said application program;
creating a unique filetype extension in said client'"'"'s workstation having protection and permission information for said application program, said unique file type extension different from said non-standard command filetype;
receiving at said client'"'"'s workstation in said network operating environment said application program retrieved by said web browser;
testing the content and source of said application program received at said client'"'"'s workstation for said unique filetype extension; and
executing said application program at said client'"'"'s workstation by said web browser based on said protection and permission information.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for improving security for a workstation accessing network resources through a web browser interface. A three step procedure is provided on the workstation for testing the origin and filetype extensions of command files, retrieved by a web browser, to determine whether they may be executed on the workstation. Step one of the invention consists of creating a non-standard command filetype extension on the workstation to be protected. This is followed by step two which isolates specific network or system resources for all approved command files. Finally, step three protects the command file contents and sub-directory locations on the protected workstation. The invention grants execute permission for an application file command files only when all three conditions of the above steps are met.
46 Citations
12 Claims
-
1. A method, implemented in a computer system, for determining execution permission for an application program retrieved by a web browser within a client'"'"'s workstation in a network operating environment, comprising the steps of:
-
creating a non-standard command filetype extension for all command files in said client'"'"'s workstation in said network operating environment containing said application program; creating a unique filetype extension in said client'"'"'s workstation having protection and permission information for said application program, said unique file type extension different from said non-standard command filetype; receiving at said client'"'"'s workstation in said network operating environment said application program retrieved by said web browser; testing the content and source of said application program received at said client'"'"'s workstation for said unique filetype extension; and executing said application program at said client'"'"'s workstation by said web browser based on said protection and permission information. - View Dependent Claims (2, 3, 4)
-
-
5. An apparatus for determining execution permission for an application program retrieved by a web browser within a client'"'"'s workstation in a network operating environment, comprising:
-
means for creating a non-standard command filetype extension for all command files in said client'"'"'s workstation in said network operating environment containing said application program; means for creating a unique filetype extension in said client'"'"'s workstation having protection and permission information for said application program, said unique file type extension different from said non-standard command filetype; means for receiving at said client'"'"'s workstation in said network operating environment said application program retrieved by said web browser; means for testing the content and source of said application program received at said client'"'"'s workstation for said unique filetype extension; and means for executing said application program at said client'"'"'s workstation by said web browser based on said protection and permission information. - View Dependent Claims (6, 7, 8)
-
-
9. A computer program product having a computer readable medium having computer program logic recorded thereon for determining execution permission for an application program retrieved by a web browser within a client'"'"'s workstation in a network operating environment, comprising:
-
computer readable means for creating a non-standard command filetype extension for all command files in said client'"'"'s workstation in said network operating environment containing said application program; computer readable means for creating a unique filetype extension in said client'"'"'s workstation having protection and permission information for said application program, said unique filetype different from said non-standard command filetype; computer readable means for receiving at said client'"'"'s workstation in said network operating environment said application program retrieved by said web browser; computer readable means for testing the content and source of said application program received at said client'"'"'s workstation for said unique filetype extension; and computer readable means for executing said application program at said client'"'"'s workstation by said web browser based on said protection and permission information. - View Dependent Claims (10, 11, 12)
-
Specification