公开(公告)号：US09135461B1

公开(公告)日：2015-09-15

申请号：US13910472

申请日：2013-06-05

Applicant: Google Inc.

Inventor： Charles Reis ,  Adam Barth

IPC: G06F21/00 ,  G06F21/62

CPC classification number: G06F21/6209 ,  G06F21/62 ,  H04L63/20 ,  H04L67/02 ,  H04L67/40

Abstract: Methods and systems for sharing a security model with heterogeneous virtual machines (VMs) are provided. A method for sharing a security model with heterogeneous VMs may include making a direct function call to an object model from each of two or more heterogeneous VMs using a direct binding generated for the respective VM based on the respective VM and a security policy. The direct bindings of the two or more heterogeneous VMs share the security policy. The method may also include ensuring only one of the two or more heterogeneous VMs interacts with the object model at a time. A system for sharing a security model with heterogeneous VMs may include a heterogeneous VM manager and a heterogeneous VM scheduler. The system may further include a principal tracker and a proxy component.

Abstract translation: 提供了使用异构虚拟机（VM）共享安全模型的方法和系统。 用异构VM共享安全模型的方法可以包括使用针对相应VM和安全策略针对相应VM生成的直接绑定，从两个或多个异构VM中的每一个对对象模型进行直接函数调用。 两个或多个异构VM的直接绑定共享安全策略。 该方法还可以包括确保两个或多个异构VM中的仅一个一次与对象模型交互。 用于与异构VM共享安全模型的系统可以包括异构VM管理器和异构VM调度器。 该系统还可以包括主要跟踪器和代理组件。

公开(公告)号：US09098710B2

公开(公告)日：2015-08-04

申请号：US14028685

申请日：2013-09-17

Applicant: Google Inc.

Inventor： Erik Kay ,  Adam Barth

IPC: G06F17/00 ,  G06F21/60 ,  G06F21/12 ,  G06F21/51 ,  H04L29/06 ,  G06F9/445 ,  G06F21/57 ,  G06F21/30

CPC classification number: G06F21/60 ,  G06F8/61 ,  G06F21/121 ,  G06F21/30 ,  G06F21/51 ,  G06F21/577 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2119 ,  G06F2221/2141 ,  H04L63/1433 ,  H04L63/1466

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Abstract translation: 根据一个一般方面，用于实现用于web应用和浏览器扩展的默认安全特征的计算机实现的方法包括在数字市场中接收包括web应用或Web浏览器扩展的请求。 确定Web应用程序或Web浏览器扩展是否符合默认安全功能，其中默认安全功能包括禁止在网页上运行在线脚本。 如果Web应用程序或浏览器扩展符合默认安全功能，则Web应用程序或浏览器扩展程序包含在数字市场中。

公开(公告)号：US20140020053A1

公开(公告)日：2014-01-16

申请号：US14028685

申请日：2013-09-17

Applicant: Google Inc.

Inventor： Erik Kay ,  Adam Barth

IPC: G06F21/60

CPC classification number: G06F21/60 ,  G06F8/61 ,  G06F21/121 ,  G06F21/30 ,  G06F21/51 ,  G06F21/577 ,  G06F2221/033 ,  G06F2221/2101 ,  G06F2221/2119 ,  G06F2221/2141 ,  H04L63/1433 ,  H04L63/1466

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Abstract translation: 根据一个一般方面，用于实现用于web应用和浏览器扩展的默认安全特征的计算机实现的方法包括在数字市场中接收包括web应用或Web浏览器扩展的请求。 确定Web应用程序或Web浏览器扩展是否符合默认安全功能，其中默认安全功能包括禁止在网页上运行在线脚本。 如果Web应用程序或浏览器扩展符合默认安全功能，则Web应用程序或浏览器扩展程序包含在数字市场中。