Using multiple display servers to protect data

US 9,355,282 B2
Filed: 03/24/2010
Issued: 05/31/2016
Est. Priority Date: 03/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

executing, by a processing device, a non-secure display server that provides a non-secure environment for data presented in a non-secure application window of the non-secure display server;

detecting a plurality of secure documents being opened;

executing, by the processing device in view of a first secure document of the plurality of secure documents being opened, a first secure display server as a first client to the non-secure display server, wherein the first secure display server provides a first secure environment for data of the first secure document to be presented in a first secure application window of the first secure display server and has a first security level for a first category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;

loading a first application, associated with the first secure document, as a client of the first secure display server;

executing, by the processing device in view of a second secure document of the plurality of secure documents being opened, a second secure display server as a second client to the non-secure display server, wherein the second secure display server provides a second secure environment for data of the second secure document to be presented in a second secure application window of the second secure display server, and has a second security level for a second category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;

loading a second application, associated with the second secure document, as a client of the second secure display server;

receiving a user command to copy data from the secure application window running in the first secure environment of the first secure display server to the second secure application window running in the second secure environment of the second secure display server;

determining whether the second application in the second secure display server is authorized to access a copy operation provided by the first secure display server in view of a policy and the first security level of the first secure display server;

determining whether a user associated with the user command is an authenticated user in response to the policy indicating that the second application in the second secure display server is authorized to access the copy operation provided by the first secure display server; and

in response to the user being an authenticated user and the second application in the second secure display server being authorized, copying the data from the first secure application window running in the first secure environment to the second secure application window running in the second secure environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first display server and a second display server execute on a processing device. The first display server provides a secure environment for data presented in first application windows of the first display server and the second display server provides an unsecure environment for data presented in second application windows of the second display server. The processing device receives at least one user command to copy data from one of the first application windows of the first display server to one of the second application windows of the second display server. The processing device prompts a user to perform an authentication upon receiving the at least one user command. In response to the user successfully performing the authentication, data is copied from said one of the first application windows to said one of the second application windows.

76 Citations

17 Claims

1. A method, comprising:
- executing, by a processing device, a non-secure display server that provides a non-secure environment for data presented in a non-secure application window of the non-secure display server;
  
  detecting a plurality of secure documents being opened;
  
  executing, by the processing device in view of a first secure document of the plurality of secure documents being opened, a first secure display server as a first client to the non-secure display server, wherein the first secure display server provides a first secure environment for data of the first secure document to be presented in a first secure application window of the first secure display server and has a first security level for a first category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;
  
  loading a first application, associated with the first secure document, as a client of the first secure display server;
  
  executing, by the processing device in view of a second secure document of the plurality of secure documents being opened, a second secure display server as a second client to the non-secure display server, wherein the second secure display server provides a second secure environment for data of the second secure document to be presented in a second secure application window of the second secure display server, and has a second security level for a second category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;
  
  loading a second application, associated with the second secure document, as a client of the second secure display server;
  
  receiving a user command to copy data from the secure application window running in the first secure environment of the first secure display server to the second secure application window running in the second secure environment of the second secure display server;
  
  determining whether the second application in the second secure display server is authorized to access a copy operation provided by the first secure display server in view of a policy and the first security level of the first secure display server;
  
  determining whether a user associated with the user command is an authenticated user in response to the policy indicating that the second application in the second secure display server is authorized to access the copy operation provided by the first secure display server; and
  
  in response to the user being an authenticated user and the second application in the second secure display server being authorized, copying the data from the first secure application window running in the first secure environment to the second secure application window running in the second secure environment.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein receiving the user command comprises receiving a copy command to copy the data from the first secure application window in the first secure environment and a paste command to paste the data to the second secure application window in the second secure environment, and wherein determining whether the user command is associated with an authenticated user comprises performing an authentication upon receiving the paste command.
  - 3. The method of claim 1, wherein receiving the user command comprises receiving a drag-and-drop command to drag an object representing the data from the first secure application window in the first secure environment to the second secure application window in the second secure environment.
  - 4. The method of claim 1, further comprising:
    - executing a non-secure display server that provides a non-secure environment to clients of the non-secure display server, wherein the non-secure display server is a client of the first secure display server.
  - 5. The method of claim 4, further comprising:
    - writing first graphics data of the secure application window in the first secure environment to a secure buffer by at least one of the first secure application window in the first secure environment or the first secure display server;
      
      writing second graphics data of the non-secure application window to a non-secure buffer by at least one of the non-secure application window or the non-secure display server;
      
      combining contents of the secure buffer and the non-secure buffer by a window manager; and
      
      outputting the contents to a display.
  - 6. The method of claim 5, further comprising:
    - receiving a request for the first graphics data in the secure buffer and the second graphics data in the non-secure buffer from the non-secure application window; and
      
      performing authentication to determine whether the user is an authenticated user in response to the policy.

7. A non-transitory computer readable storage medium having instructions that, when executed by a processing device, cause the processing device to:
- execute, by the processing device, a non-secure display server that provides a non-secure environment for data presented in a non-secure application window of the non-secure display server;
  
  detect a plurality of secure documents being opened;
  
  execute, by the processing device in view of a first secure document of the plurality of secure documents being opened, a first secure display server as a first client to the non-secure display server, wherein the first secure display server provides a first secure environment for data of the first secure document to be presented in a first secure application window of the first secure display server and has a first security level for a first category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;
  
  load a first application associated with the first secure document as a client of the first secure display server;
  
  execute, by the processing device in view of a second secure document of the plurality of documents being opened, a second secure display server as a second client to the non-secure display server, wherein the second secure display server provides a second secure environment for data of the second secure document to be presented in a second secure application window of the second secure display server, and has a second security level for a second category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;
  
  load a second application, associated with the second secure document, as a client of the second secure display server;
  
  receive a user command to copy data from the first secure application window running in the first secure environment of the first secure display server to the second secure application window running in the second secure environment of the second secure display server;
  
  determine whether the second application in the second secure display server is authorized to access a copy operation provided by the first secure display server in view of a policy and the first security level of the first secure display server;
  
  determine whether a user associated with the user command is an authenticated user in response to the policy indicating that the second application in the second secure display server is authorized to access the copy operation provided by the first secure display server; and
  
  in response to the user being an authenticated user and the second application in the second secure display server being authorized, copy the data from the first secure application window running in the first secure environment to the second secure application window running in the second secure environment.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The non-transitory computer readable storage medium of claim 7, wherein to receive the user command comprises the processing device to:
    - receive a copy command to copy the data from the first secure application window in the first secure environment and a paste command to paste the data to the second secure application window in the second secure environment, and wherein the processing device is further to perform an authentication upon receiving the paste command.
  - 9. The non-transitory computer readable storage medium of claim 7, wherein to receive the user command comprises the processing device to:
    - receive a drag-and-drop command to drag an object representing the data from the first secure application window in the first secure environment to the second secure application window in the second secure environment.
  - 10. The non-transitory computer readable storage medium of claim 7, wherein the processing device is further to:
    - execute a non-secure display server that provides a non-secure environment to clients of the non-secure display server, wherein the non-secure display server is a client of the first secure display server.
  - 11. The non-transitory computer readable storage medium of claim 10, wherein the processing device is further to:
    - write first graphics data of the first secure application window in the first secure environment to a secure buffer by at least one of the first secure application window in the first secure environment or the first secure display server;
      
      write second graphics data of the non-secure application window to a non-secure buffer by at least one of the non-secure application window or the non-secure display server;
      
      combine contents of the secure buffer and the non-secure buffer by a window manager; and
      
      output the contents to a display.
  - 12. The non-transitory computer readable storage medium of claim 11, wherein the processing device is further to:
    - receive a request for the first graphics data in the secure buffer and the second graphics data in the non-secure buffer from the non-secure application window; and
      
      perform authentication to determine whether the user is an authenticated user in response to the policy.

13. A computing device, comprising:
- a memory; and
  
  a processing device, operatively coupled to the memory, the processing device to;
  
  execute a non-secure display server to provide a non-secure environment for data presented in a non-secure application window of the non-secure display server;
  
  detect a plurality of documents being opened;
  
  execute, in view of a secure document of the plurality of documents being opened, a secure display server as a client to the non-secure display server, wherein the secure display server provides a secure environment for data of the secure document to be presented in a secure application window of the secure display server;
  
  load an application associated with the secure document as a client of the secure display server;
  
  write first graphics data of the secure application window to a secure buffer by at least one of the secure application window or the secure display server;
  
  write second graphics data of the non-secure application window to a non-secure buffer by at least one of the non-secure application window or the non-secure display server;
  
  receive a request for the first graphics data in the secure buffer and the second graphics data in the non-secure buffer from the non-secure application window;
  
  determine whether the non-secure display server is authorized to access the first graphics data in the secure buffer in view of a policy;
  
  determine whether a user associated with the request is an authenticated user in response to the policy indicating that the non-secure display server is authorized to access the first graphics data in the secure buffer; and
  
  in response to the user being an authenticated user and the non-secure display server being authorized, combine, by a window manager, contents of the first graphics data in the secure buffer and the second graphics data in the non-secure buffer, and provide the combined contents to the requesting non-secure application window running in the non-secure environment, andin response to either the user not being an authenticated user or the non-secure display server not being authorized, provide the second graphics data in the non-secure buffer to the requesting non-secure application window running in the non-secure environment.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The computing device of claim 13, wherein to receive the request comprises the processing device to:
    - receive a copy command to copy the first graphics data from the secure buffer and a paste command to paste the first graphics data to the non-secure application window.
  - 15. The computing device of claim 13, wherein to receive the request comprises the processing device to:
    - receive a drag-and-drop command to drag an object representing the first graphics data from the secure buffer to the non-secure application window.
  - 16. The computing device of claim 13, further comprising:
    - a second secure display server that provides a second secure environment to clients of the second secure display server, wherein at least one of the secure display server or the non-secure display server is a client of the second secure display server.
  - 17. The computing device of claim 13, wherein the processing device is further to:
    - output at least one of the combined contents or the second graphics data to a display.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
Kristensen, Kristian H., Zeuthen, David
Primary Examiner(s)
CHUANG, JUNG-MU T

Application Number

US12/731,099
Publication Number

US 20110239125A1
Time in Patent Office

2,260 Days
Field of Search

715/743, 715/741, 715/733, 715/804, 715/770, 715/806, 726/3, 726/19
US Class Current

1/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6209   to a single file or object,...

G06F 21/6218   to a system of files or obj...

G06F 21/629   to features or functions of...

G06F 21/84   output devices, e.g. displa...

G06F 9/543   User-generated data transfe...

Using multiple display servers to protect data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

76 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Using multiple display servers to protect data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links