Using multiple display servers to protect data
First Claim
1. A method, comprising:
- executing, by a processing device, a non-secure display server that provides a non-secure environment for data presented in a non-secure application window of the non-secure display server;
detecting a plurality of secure documents being opened;
executing, by the processing device in view of a first secure document of the plurality of secure documents being opened, a first secure display server as a first client to the non-secure display server, wherein the first secure display server provides a first secure environment for data of the first secure document to be presented in a first secure application window of the first secure display server and has a first security level for a first category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;
loading a first application, associated with the first secure document, as a client of the first secure display server;
executing, by the processing device in view of a second secure document of the plurality of secure documents being opened, a second secure display server as a second client to the non-secure display server, wherein the second secure display server provides a second secure environment for data of the second secure document to be presented in a second secure application window of the second secure display server, and has a second security level for a second category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments;
loading a second application, associated with the second secure document, as a client of the second secure display server;
receiving a user command to copy data from the secure application window running in the first secure environment of the first secure display server to the second secure application window running in the second secure environment of the second secure display server;
determining whether the second application in the second secure display server is authorized to access a copy operation provided by the first secure display server in view of a policy and the first security level of the first secure display server;
determining whether a user associated with the user command is an authenticated user in response to the policy indicating that the second application in the second secure display server is authorized to access the copy operation provided by the first secure display server; and
in response to the user being an authenticated user and the second application in the second secure display server being authorized, copying the data from the first secure application window running in the first secure environment to the second secure application window running in the second secure environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A first display server and a second display server execute on a processing device. The first display server provides a secure environment for data presented in first application windows of the first display server and the second display server provides an unsecure environment for data presented in second application windows of the second display server. The processing device receives at least one user command to copy data from one of the first application windows of the first display server to one of the second application windows of the second display server. The processing device prompts a user to perform an authentication upon receiving the at least one user command. In response to the user successfully performing the authentication, data is copied from said one of the first application windows to said one of the second application windows.
76 Citations
17 Claims
-
1. A method, comprising:
-
executing, by a processing device, a non-secure display server that provides a non-secure environment for data presented in a non-secure application window of the non-secure display server; detecting a plurality of secure documents being opened; executing, by the processing device in view of a first secure document of the plurality of secure documents being opened, a first secure display server as a first client to the non-secure display server, wherein the first secure display server provides a first secure environment for data of the first secure document to be presented in a first secure application window of the first secure display server and has a first security level for a first category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments; loading a first application, associated with the first secure document, as a client of the first secure display server; executing, by the processing device in view of a second secure document of the plurality of secure documents being opened, a second secure display server as a second client to the non-secure display server, wherein the second secure display server provides a second secure environment for data of the second secure document to be presented in a second secure application window of the second secure display server, and has a second security level for a second category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments; loading a second application, associated with the second secure document, as a client of the second secure display server; receiving a user command to copy data from the secure application window running in the first secure environment of the first secure display server to the second secure application window running in the second secure environment of the second secure display server; determining whether the second application in the second secure display server is authorized to access a copy operation provided by the first secure display server in view of a policy and the first security level of the first secure display server; determining whether a user associated with the user command is an authenticated user in response to the policy indicating that the second application in the second secure display server is authorized to access the copy operation provided by the first secure display server; and in response to the user being an authenticated user and the second application in the second secure display server being authorized, copying the data from the first secure application window running in the first secure environment to the second secure application window running in the second secure environment. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer readable storage medium having instructions that, when executed by a processing device, cause the processing device to:
-
execute, by the processing device, a non-secure display server that provides a non-secure environment for data presented in a non-secure application window of the non-secure display server; detect a plurality of secure documents being opened; execute, by the processing device in view of a first secure document of the plurality of secure documents being opened, a first secure display server as a first client to the non-secure display server, wherein the first secure display server provides a first secure environment for data of the first secure document to be presented in a first secure application window of the first secure display server and has a first security level for a first category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments; load a first application associated with the first secure document as a client of the first secure display server; execute, by the processing device in view of a second secure document of the plurality of documents being opened, a second secure display server as a second client to the non-secure display server, wherein the second secure display server provides a second secure environment for data of the second secure document to be presented in a second secure application window of the second secure display server, and has a second security level for a second category of secure documents to restrict unauthorized sharing of information between a plurality of secure environments; load a second application, associated with the second secure document, as a client of the second secure display server; receive a user command to copy data from the first secure application window running in the first secure environment of the first secure display server to the second secure application window running in the second secure environment of the second secure display server; determine whether the second application in the second secure display server is authorized to access a copy operation provided by the first secure display server in view of a policy and the first security level of the first secure display server; determine whether a user associated with the user command is an authenticated user in response to the policy indicating that the second application in the second secure display server is authorized to access the copy operation provided by the first secure display server; and in response to the user being an authenticated user and the second application in the second secure display server being authorized, copy the data from the first secure application window running in the first secure environment to the second secure application window running in the second secure environment. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A computing device, comprising:
-
a memory; and a processing device, operatively coupled to the memory, the processing device to; execute a non-secure display server to provide a non-secure environment for data presented in a non-secure application window of the non-secure display server; detect a plurality of documents being opened; execute, in view of a secure document of the plurality of documents being opened, a secure display server as a client to the non-secure display server, wherein the secure display server provides a secure environment for data of the secure document to be presented in a secure application window of the secure display server; load an application associated with the secure document as a client of the secure display server; write first graphics data of the secure application window to a secure buffer by at least one of the secure application window or the secure display server; write second graphics data of the non-secure application window to a non-secure buffer by at least one of the non-secure application window or the non-secure display server; receive a request for the first graphics data in the secure buffer and the second graphics data in the non-secure buffer from the non-secure application window; determine whether the non-secure display server is authorized to access the first graphics data in the secure buffer in view of a policy; determine whether a user associated with the request is an authenticated user in response to the policy indicating that the non-secure display server is authorized to access the first graphics data in the secure buffer; and in response to the user being an authenticated user and the non-secure display server being authorized, combine, by a window manager, contents of the first graphics data in the secure buffer and the second graphics data in the non-secure buffer, and provide the combined contents to the requesting non-secure application window running in the non-secure environment, and in response to either the user not being an authenticated user or the non-secure display server not being authorized, provide the second graphics data in the non-secure buffer to the requesting non-secure application window running in the non-secure environment. - View Dependent Claims (14, 15, 16, 17)
-
Specification