[특허]Security settings for markup language elements

Security settings for markup language elements 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	H04L-009/00
출원번호	US-0047302 (2002-01-14)
등록번호	US-7318238 (2008-01-08)
발명자 / 주소	Elvanoglu,Ferhan Dujari,Rajeev
출원인 / 주소	Microsoft Corporation
인용정보	피인용 횟수 : 22 인용 특허 : 56

초록 ▼

A system and method that allows a page (e.g., Internet content) author to associate a set of security settings on any desired element (e.g., tag) of the page. When the page is interpreted, each element is handled based on its associated security settings, allowing a page author to request that any element be considered differently with respect to security than other elements, and/or differently relative to the page that contains it. A negotiator determines the actual settings for elements to ensure that security cannot be compromised by tagging an element such that it has the ability to do more than desired. The negotiator also determines the settings for elements that do not have specifically associated security data, e.g., elements without specified security settings may inherit security settings from higher elements, or the top-level container. The settings may correspond to those of a security zone.

대표청구항 ▼

What is claimed is: 1. In a computer system, a method comprising: receiving a page comprising content including one or more elements having active content; and controlling page output corresponding to at least part of the content by: 1) disabling or enabling execution of a first script or loading of a first control corresponding to at least one part of the page based on a first set of security settings; and 2) disabling or enabling execution of a second script or loading of a second control corresponding to at least one other part of the page based on a second set of security settings, the second set of security settings being different from the first set of security settings. 2. The method of claim 1, wherein receiving the page includes accessing data received from a remote source. 3. The method of claim 1, wherein receiving the page includes accessing data received from a cache. 4. The method of claim 1, wherein a first action including one of execution of the first script or the loading of the first control is requested in the content in the at least one part of the page, wherein a second action including one of execution of the second script or the loading of the second control is requested in the content in the at least one other part of the page, and wherein controlling page output comprises, allowing the first action and disallowing the second action. 5. The method of claim 4 wherein the first action corresponds to a command to run the first script, and wherein the second action corresponds to a command to run the second script. 6. The method of claim 4 wherein the first action further corresponds to a command to download a first set of data, and wherein the second action corresponds to a command to download a second set of data. 7. The method of claim 4 wherein allowing the first action comprises, prompting a user for a decision and receiving a response indicating that the first action is allowed. 8. The method of claim 4 wherein disallowing the second action comprises, prompting a user for a decision and receiving a response indicating that the second action is not allowed. 9. The method of claim 1, wherein a first action including one of execution of the first script or loading of the first control is requested in the content in the at least one part of the page, wherein a second action including one of execution of the second script or loading of the second control is requested in the content in the at least one other part of the page, and wherein controlling page output comprises, disallowing the first action and allowing the second action. 10. The method of claim 1 further comprising: retrieving the first set of security settings based on an identifier indicating a source from which the page is obtained, and associating the first set of security settings with the at least one part of the page. 11. The method of claim 10 further comprising, constructing a tree to represent the page, and wherein associating the first set of security settings with the at least one part of the page includes storing data corresponding to the first set of security settings at a node in the tree. 12. The method of claim 1 further comprising: recognizing security data associated with an element of the page, and associating the second set of security settings with the at least one other part of the page based on the security data. 13. The method of claim 12 further comprising, constructing a tree to represent the page, and wherein associating the second set of security settings with the at least one other part of the page includes storing data corresponding to the second set of security settings at a node in the tree that corresponds to the element. 14. The method of claim 13 wherein storing data corresponding to the second set of security settings comprises negotiating the second set of security settings. 15. The method of claim 14 wherein negotiating the second set of security settings comprises inheriting at least one setting in the second set of security settings based on security information associated with a parent node in the tree. 16. The method of claim 14 wherein negotiating the second set of settings comprises receiving at least one setting in the second set of security settings based on security information associated with a child node in the tree. 17. The method of claim 1, wherein controlling page output further comprises, accessing privacy settings. 18. A computer-readable medium having computer-executable-instructions for performing the method of claim 1. 19. In a computer connected to a network, a system comprising: browser software that interprets content received from the network, and a security mechanism that associates a first security zone with a first part of the content and associates a second security zone with a second part of the content, the security mechanism being further operable to associate a first set of security settings with the first part of the content based on the first security zone, and associate a second set of security settings with the second part of the content based on the second security zone, the second set of security settings being different from the first set of security settings, whether execution of a first script or loading of a first control corresponding to the first part of the content is permitted being based on the first set of security settings, and whether execution of a second script or loading of a second control corresponding to the second part of the content is permitted being based on the second set of security settings. 20. The system of claim 19 further comprising, a negotiator that controls the second set of security settings. 21. The system of claim 20 wherein the negotiator controls the second set of security settings relative to the first set of security settings. 22. The system of claim 21 wherein the negotiator controls the second set of security settings relative to the first set of security settings by having at least one setting in the second set be inherited from a corresponding setting in the first set. 23. The system of claim 19 wherein the first set of security settings is based on a network identifier of a source of the content. 24. The system of claim 19 wherein the second part of the content corresponds to an element in the content. 25. The system of claim 24, further comprising a component that detects security data associated with the element. 26. The system of claim 25 wherein the security data associated with the element comprises, a reference to a security zone. 27. The system of claim 25 wherein the security data associated with the element comprises, a reference to a file. 28. The system of claim 25 wherein the security data associated with the element comprises, a reference to a source of remote data. 29. The system of claim 25 wherein the security data associated with the element comprises a string of data corresponding to at least some of the security settings. 30. The system of claim 25 wherein the security data associated with the element comprises information indicating that the security settings should be determined relative to other security settings. 31. The system of claim 19 further comprising, a tree of nodes constructed from the content, the tree including a first node corresponding to the first part and a second node corresponding to the second part. 32. The system of claim 31 further comprising, a negotiator that controls the second set of security settings. 33. The system of claim 32 wherein the negotiator evaluates the second set of security settings. 34. The system of claim 32 wherein the negotiator changes at least one setting in the second set of security settings based on a rule. 35. The system of claim 31 further comprising, at least one other node in the tree that is associated with security settings based on inheriting information from a parent node. 36. The system of claim 35 wherein the parent node comprises the first node. 37. The system of claim 35 wherein the parent node comprises the second node. 38. The system of claim 31 further comprising, at least one other node in the tree that is associated with security settings based on security data of a child node. 39. The system of claim 19 wherein the second part of the content corresponds to a frame tag in the content. 40. The system of claim 19 wherein the content comprises a HyperText Markup Language page. 41. A markup language document, comprising: a first set of content associated with a first set of security settings, the first set of security settings indicating whether execution of a first script or loading of a first control corresponding to the first set of content is permitted; and a second set of content associated with a second set of security settings, the second set of security settings being different from the first set of security settings. and the second set of security settings indicating whether execution of a second script or loading of a second control corresponding to the second set of content is permitted. 42. The markup language document of claim 41 wherein the first set of content corresponds to a page, the second set of content is included in the page, and wherein the second set of security settings take precedence over the first set of security settings with respect to determining security for the second set of content. 43. The markup language document of claim 41 wherein the first set of content corresponds to a page and the second set of content corresponds to a frame element included in the page. 44. The markup language document of claim 41, wherein the markup language document includes a reference to a file that corresponds to at least some of the second set of security settings. 45. The markup language document of claim 41, wherein the markup language document includes a reference to a source of remote data that corresponds to at least some of the second set of security settings. 46. The markup language document of claim 41, wherein the markup language document includes a string of data that corresponds to at least some of the second set of security settings. 47. The markup language document of claim 41, wherein the markup language document includes information indicating that at least some of the second set of security settings should be determined relative to other security settings.

이 특허에 인용된 특허 (56)

Cornelius, Richard D.; Stepniczka, Andreas; Chu, Kevin, Account settlement and financing in an e-commerce environment.
상세보기
Ansell, Steven T.; Cherenson, Andrew R.; Rishniw, Leon; Cannon, Susan A.; Allard, Edward J.; Brownell, Jason S.; Stroud, Micah, Adaptable security mechanism for preventing unauthorized access of digital data.
상세보기
Jerger Michael S. ; Bisset Jeffrey A. ; Sinclair Craig T. ; Toutonghi Michael J., Administering permissions associated with a security zone in a computer system security model.
상세보기
Shrader, Theodore Jack London; Rich, Bruce Arland; Yarsa, Julianne; Skibbie, Donna, Architecture for dynamic permissions in java.
상세보기
McCollum Tab ; Jury Thomas W., Assigning security levels to particular documents on a document by document basis in a database.
상세보기
Underwood, Roy Aaron, Business components framework.
상세보기
Slaughter, Gregory L.; Saulpaugh, Thomas E.; Duigou, Michael J., Client-specified display services in a distributed computing environment.
상세보기
Ji Shuang, Computer network malicious code scanner.
상세보기
Ji Shuang, Computer network malicious code scanner method and apparatus.
상세보기
Kennelly, Richard J.; Donahue, Peter E.; Farrell, Bernard; Cole, Robert E., Custom administrator views of management objects.
상세보기
Michael S. Jerger ; Jeffrey A. Bisset ; Craig T. Sinclair ; Michael J. Toutonghi, Declarative permission requests in a computer system.
상세보기
Michael S. Jerger ; Jeffrey A. Bisset ; Craig T. Sinclair ; Michael J. Toutonghi, Directional set operations for permission based security in a computer system.
상세보기
Scanlan Thomas K., Dynamic assignment of security parameters to web pages.
상세보기
David Hitz ; Andrea Borr ; Robert J. Hawley ; Mark Muhlestein ; Joan Pearson, File access control in a multi-protocol file server.
상세보기
Bloch, Joshua J., Inheritable thread-local storage.
상세보기
Van Doorn, Leendert Peter, Integrating operating systems and run-time systems.
상세보기
Hoffberg, Steven M., Intelligent electronic appliance system and method.
상세보기
Moreh, Jahanshah; Olkin, Terry Michael; Bruns, Logan O'Sullivan; Perrin, Trevor Scott, METHOD AND SYSTEM OF FEDERATED AUTHENTICATION SERVICE FOR INTERACTING BETWEEN AGENT AND CLIENT AND COMMUNICATING WITH OTHER COMPONENTS OF THE SYSTEM TO CHOOSE AN APPROPRIATE MECHANISM FOR THE SUBJECT.
상세보기
Barnes, Brian C.; Strongin, Geoffrey S.; Schmidt, Rodney W., Memory management system and method for providing physical address based memory access security.
상세보기
Strongin, Geoffrey S.; Barnes, Brian C.; Schmidt, Rodney W., Memory management system and method providing increased memory access security.
상세보기
Cohen, William W., Method and apparatus for extracting data from data sources on a network.
상세보기
Magee James Michael ; Rawson ; III Freeman Leigh ; Sotomayor ; Jr. Guy Gil, Method and apparatus for management of mapped and unmapped regions of memory in a microkernel data processing system.
상세보기
Christie, David S.; Schmidt, Rodney; Strongin, Geoffrey S., Method and apparatus for storing and retrieving security attributes.
상세보기
Cooper, Phillip R.; Kohnfelder, Loren M.; Chavez, Roderick A., Method and apparatus for writing a windows application in HTML.
상세보기
Guthrie John, Method and system for inserting code to conditionally incorporate a user interface component in an HTML document.
상세보기
Hanson, Michael; Miller, Graham; Axe, Brian; Evans, Steven Richard, Method and system for process interaction among a group.
상세보기
Trevor Blumenau, Method and system for the discovery of cookies and other client information.
상세보기
Eilbott, Seth Aaron; Rodriguez, Jeffrey Edward; Walker, Michael John, Method for prefetching external resources to embedded objects in a markup language data stream.
상세보기
Laor Raviv, Method of and system for distributing and redeeming electronic coupons.
상세보기
Kelley, Edward E., Method of controlling web applications from redirecting a client to another web address.
상세보기
Fletcher,James Corvin; Kaminsky,David Louis; Kessler,Carl Shawn, Method, system and apparatus for selecting encryption levels based on policy profiling.
상세보기
Howard, Michael; Brown, Don L.; Clark, Quentin J.; Dillingham, Lara N.; Meijer, Ronald; Multerer, Boyd C.; Sellers, Timothy D., Methods and apparatus for synchronizing access control in a web server.
상세보기
Michael J. Wallent ; Rajeev Dujari ; Anand Ramakrishna ; Loren M. Kohnfelder ; Lewis Geer, Network security zones.
상세보기
Lewis Robert W. ; Tanner Matthew A. ; Walker Timothy K., Object-oriented computer program, system, and method for developing control schemes for facilities.
상세보기
McIlroy M. Douglas (Bernardsville NJ) Reeds James A. (New Providence NJ), Secure file handling in a computer operating system.
상세보기
Golan Gilad,ILX, Security monitor.
상세보기
Moreh Jahanshah ; Olkin Terry M., Security system for event based middleware.
상세보기
Davis, Mark C.; Hind, John R.; Peters, Marcia L.; Topol, Brad B., Selective data encryption using style sheet processing.
상세보기
Hind, John R.; Peters, Marcia L.; Topol, Brad B., Selective data encryption using style sheet processing for decryption by a client proxy.
상세보기
Davis, Mark C.; Hind, John R.; Peters, Marcia L.; Topol, Brad B., Selective data encryption using style sheet processing for decryption by a group clerk.
상세보기
Hind, John R.; Peters, Marcia L.; Topol, Brad B., Selective data encryption using style sheet processing for decryption by a key recovery agent.
상세보기
Magee James Michael ; Rawson ; III Freeman L. ; Youngworth Christopher Dean, Shared memory support method and apparatus for a microkernel data processing system.
상세보기
Hartrick Thomas V. (Gaithersburg MD) Higgins Patricia E. (Gaithersburg MD) Sabia Nicholas J. (Silver Spring MD), Structured document tags invoking specialized functions.
상세보기
Duffy, Catherine M.; Estrada, Julio; Estrada, Miguel A.; Shore, Maurice B., System and method for browser creation and maintenance of forms.
상세보기
Estrada, Julio; Estrada, Miguel A.; Shore, Maurice B., System and method for browser definition of workflow documents.
상세보기
Estrada, Julio; Estrada, Miguel A.; Kraenzel, Carl J.; Shore, Maurice B., System and method for client replication of collaboration space.
상세보기
Brown Ross M. ; Greenberg Richard G., System and method for controlling access to data entities in a computer network.
상세보기
Estrada, Julio; Estrada, Miguel A.; Shore, Maurice B., System and method for online/offline uninterrupted updating of rooms in collaboration space.
상세보기
Snavely, Amy J.; Sjostrom, William M.; Musa, Mark A., System and method for providing a role table GUI via company group.
상세보기
Goldberg, Motti; Kenyon, Jeffrey D.; Winkel, Edwin K., System and method for retrieving documents responsive to a given user's role and scenario.
상세보기
Estrada, Julio; Estrada, Miguel A.; Shore, Maurice B., System and method for room decoration and inheritance.
상세보기
Notani Ranjit N. ; Mayer John E. ; Hilerio Israel, System and process for inter-domain interaction across an inter-domain connectivity plane.
상세보기
Notani Ranjit N. ; Mayer John E., System and process for inter-domain planning analysis and optimization using model agents as partial replicas of remote.
상세보기
Wakayama, Toshihiro, System for managing networked information contents.
상세보기
Luckenbaugh Gary L. ; Stoakes Forrest E., Trusted services broker for web page fine-grained security labeling.
상세보기
Haverstock, Paul; Estrada, Miguel; Estrada, Julio, Web server enabling browser access to HTML and Non-HTML documents.
상세보기

이 특허를 인용한 특허 (22)

Cummins, Charles E.; Hamilton, Justin; Ma, Yue; Ding, Hua; Sheng, Xiaowei; Lang, Bing; Wu, Kun, Accurate search results while honoring content limitations.
상세보기
Isaacs, Scott; Moore, George; Thorpe, Danny; Zissimopoulos, Vasileios, Communication across domains.
상세보기
Isaacs, Scott; Moore, George; Thorpe, Danny; Zissimopoulos, Vasileios, Communication across domains.
상세보기
Isaacs, Scott; Moore, George; Thorpe, Danny; Zissimopoulos, Vasileios, Communication across domains.
상세보기
Gwozdz, Daniel; Isaacs, Scott M; Maker, Reid, Cross domain communication.
상세보기
Dunagan, John; Fan, Xiaofeng; Wang, Jiahe, Detouring in scripting systems.
상세보기
Plummer, David W., Enhanced browser security.
상세보기
Ganesan, Ravi, Mashauth: using mashssl for efficient delegated authentication.
상세보기
Cui, Jie; Wang, Bin; Zhang, Ming Jian, Method and system for separating HTTP session.
상세보기
Wei, Jian; Jiao, Guofang; Bi, Ning; Wu, Chehui, Multi-stage tessellation for graphics rendering.
상세보기
Daniell, W. Todd; Malik, Dale W., Preventing execution of programs that are embedded in email messages.
상세보기
Daniell, W. Todd; Malik, Dale W., Preventing execution of programs that are embedded in email messages.
상세보기
Daniell, W. Todd; Malik, Dale W., Preventing execution of programs that are embedded in email messages.
상세보기
Wang, Jiahe Helen; Fan, Xiaofeng; Jackson, Collin Edward; Howell, Jonathan Ryan; Xu, Zhenbin, Protection and communication abstractions for web browsers.
상세보기
Cooperstein, Jeffrey M.; Goldfeder, Aaron R.; Fee, Gregory D.; Hawkins, John M.; Kudallur, Venkatraman, Resource based dynamic security authorization.
상세보기
Franco, Roberto A.; Ganjam, Anantha P; Bedworth, John G.; Brundrett, Peter T.; Tokumi, Roland K, Running internet applications with low rights.
상세보기
Ross, David Andrew; Franco, Roberto A.; Bedworth, John Green; Ganesh, Shankar; Kudallur, Venkatraman V.; Ganjam, Anantha P.; Schmucker, Kurt James, Security context lockdown.
상세보기
Balasubramanian, Swaminathan; De, Radha M.; Delport, Ashley D.; Poddar, Indrajit; Vasudevan, Cheranellore, Selective exposure of document tags for search, access, and feed based on user groups.
상세보기
Patrick, Kyle N., Verifying content of resources in markup language documents.
상세보기
Patrick, Kyle N., Verifying content of resources in markup language documents.
상세보기
Patrick, Kyle N., Verifying content of resources in markup language documents.
상세보기
Patrick, Kyle N., Verifying content of resources in markup language documents by inclusion of a hash attribute-value pair in references to the content.
상세보기

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

내보내기 구분	파일저장 인쇄 메일전송
구성항목	기본정보 상세정보 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC 관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 공고번호, 공고일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표출원인, 출원인국적, 출원인주소, 발명자, 발명자E, 발명자코드, 발명자주소, 발명자 우편번호, 발명자국적, 대표IPC, IPC코드, 요약, 미국특허분류, 대리인주소, 대리인코드, 대리인(한글), 대리인(영문), 국제공개일자, 국제공개번호, 국제출원일자, 국제출원번호, 우선권, 우선권주장일, 우선권국가, 우선권출원번호, 원출원일자, 원출원번호, 지정국, Citing Patents, Cited Patents
저장형식	Text(ASCII format) Excel format PIAS분석(.xls)
메일정보	받는사람 (필수) @ 보내는사람 (선택) @ 제목 내용 KISTI 검색결과 이메일 서비스
안내	총 건의 자료가 검색되었습니다. 다운받으실 자료의 인덱스를 입력하세요. (1-10,000) 검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다. 데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요) 다운로드 파일은 UTF-8 형태로 저장됩니다. 파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오. ~ Text(ASCII format) Excel format

연합인증

Security settings for markup language elements 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

이 특허에 인용된 특허 (56)

이 특허를 인용한 특허 (22)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트

연합인증

Security settings for markup language elements 원문보기

초록 ▼

대표청구항 ▼

연구과제 타임라인

전체(0) 논문(0) 특허(0) 보고서(0)

전체(0) 논문(0) 특허(0) 보고서(0)

이 특허에 인용된 특허 (56)

이 특허를 인용한 특허 (22)

관련 콘텐츠

특허 원문 보기

IPC 상위 출원인

AI-Helper ※ AI-Helper는 오픈소스 모델을 사용합니다.

선택된 텍스트