公开(公告)号：US20060005078A1

公开(公告)日：2006-01-05

申请号：US10880819

申请日：2004-06-30

Applicant: Quji Guo ,  Roberto Franco ,  Edward Praitis ,  Li-Hsin Huang ,  Jingyang Xu ,  Brian Wentz ,  Julian Jiggins ,  Venkatavaradhan Panchapagesan

Inventor： Quji Guo ,  Roberto Franco ,  Edward Praitis ,  Li-Hsin Huang ,  Jingyang Xu ,  Brian Wentz ,  Julian Jiggins ,  Venkatavaradhan Panchapagesan

IPC: G06F11/00

CPC classification number: G06F11/366 ,  G06F11/3636

Abstract: The present invention is generally directed to improving the stability of computing devices by identifying plug-in modules and other programs that cause failures. More specifically, the present invention provides a method that traces program execution from an instruction that ultimately generated a failure to a code library that caused the failure generating instruction to be executed. The method traces execution of the computing device by obtaining the contents of memory at the time of the failure and traversing the stack data structure that stores data items necessary to execute function calls.

Abstract translation: 本发明一般涉及通过识别插件模块和导致故障的其他程序来提高计算设备的稳定性。 更具体地，本发明提供了一种方法，其将从最终产生故障的指令的程序执行跟踪到导致故障生成指令执行的代码库。 该方法通过在故障时获取存储器的内容并遍历存储执行功能调用所必需的数据项的堆栈数据结构跟踪计算设备的执行。

公开(公告)号：US20050278792A1

公开(公告)日：2005-12-15

申请号：US10867338

申请日：2004-06-14

Applicant: Sundaram Ramani ,  Joseph Beda ,  Mark Alcazar ,  Roberto Franco ,  Roland Tokumi ,  John Bedworth

Inventor： Sundaram Ramani ,  Joseph Beda ,  Mark Alcazar ,  Roberto Franco ,  Roland Tokumi ,  John Bedworth

IPC: H04L9/00 ,  H04L9/32 ,  H04L29/06

CPC classification number: H04L63/104 ,  H04L63/102

Abstract: A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.

Abstract translation: 描述用于验证对一组相关元素的访问的方法和系统。 当对元素进行调用时，组内的元素访问与标记域相关联的安全上下文。 启用对元素的授权呼叫，使得标记域被导航到新的网页。 然而，防止未经授权的呼叫，使得不允许对新网页的导航。 标记域已导航后，与标记域相关联的安全上下文将无效。 生成新的安全上下文并与标记域相关联。 与导航到网页的网页相关联的元素在标记域导航到新页面后是无法访问的。 新安全上下文与标记域的关联可防止未经授权的用户访问引用先前安全上下文的任何元素。

公开(公告)号：US20050246761A1

公开(公告)日：2005-11-03

申请号：US10836182

申请日：2004-04-30

Applicant: David Ross ,  Roberto Franco ,  John Bedworth ,  Shankar Ganesh ,  Venkatraman Kudallur ,  Anantha Ganjam ,  Kurt Schmucker

Inventor： David Ross ,  Roberto Franco ,  John Bedworth ,  Shankar Ganesh ,  Venkatraman Kudallur ,  Anantha Ganjam ,  Kurt Schmucker

IPC: H04L9/00 ,  H04L29/06

CPC classification number: H04L63/20 ,  G06F21/53 ,  G06F21/6218 ,  H04L63/105 ,  H04L63/168

Abstract: A method and system for locking down a local machine zone associated with a network browser is provided. Placing the local machine zone in a lockdown mode provides stricter security settings that are applied to active content attempting to publish within a local page open in the network browser. The stricter setting are provided in a new set of registry keys that correspond to the lockdown mode of the local machine zone. The original security settings remain unchanged so that other systems and applications functionality that depends on the original security settings remains unaffected for the local machine zone. A user may also selectively allow active content to render despite the local machine zone being locked down.

Abstract translation: 提供了一种用于锁定与网络浏览器相关联的本地计算机区域的方法和系统。 将本地计算机区域置于锁定模式下，将提供更严格的安全设置，适用于尝试在网络浏览器中打开的本地页面中发布的活动内容。 更严格的设置在与本地机器区域的锁定模式相对应的一组新的注册表项中提供。 原始的安全设置保持不变，这样依赖于原始安全设置的其他系统和应用程序功能对本地计算机区域不会受到影响。 即使本地机器区被锁定，用户也可以选择性地允许活动内容呈现。

公开(公告)号：US20060277218A1

公开(公告)日：2006-12-07

申请号：US11145530

申请日：2005-06-03

Applicant: Roberto Franco ,  Anantha Ganjam ,  John Bedworth ,  Peter Brundrett ,  Roland Tokumi

Inventor： Roberto Franco ,  Anantha Ganjam ,  John Bedworth ,  Peter Brundrett ,  Roland Tokumi

IPC: G06F17/30

CPC classification number: G06F21/53

Abstract: In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.

Abstract translation: 在各种实施例中，被配置为以某种方式与因特网进行交互的应用程序在具有降低的权限级别的受限进程中执行，所述权限级别可以禁止应用访问相关联的计算设备的部分。 例如，在一些实施例中，受限制的过程可以禁止应用程序对包含管理数据和设置信息以及用户数据和设置的系统的计算机可读介质（例如硬盘）的部分进行读取和写入访问。 在这些实施例中，称为“容纳区”的盘的特殊部分在该限制过程中由应用程序指定和使用。

公开(公告)号：US20050240798A1

公开(公告)日：2005-10-27

申请号：US10814591

申请日：2004-03-31

Applicant: Joseph Benedek ,  Roberto Franco ,  Quji Guo ,  J. Hally ,  Reid Holmes ,  Roman Pamucci ,  Edward Praitis ,  Christopher Sager ,  Brian Wentz

Inventor： Joseph Benedek ,  Roberto Franco ,  Quji Guo ,  J. Hally ,  Reid Holmes ,  Roman Pamucci ,  Edward Praitis ,  Christopher Sager ,  Brian Wentz

IPC: G06F11/00

CPC classification number: G06F11/079 ,  G06F11/0709

Abstract: The present invention improves the stability of a Web browser by identifying plug-in modules that cause failures. Data in memory at the time of a failure is analyzed and a failure signature is generated. The failure signature is compared to a database of known failure signatures so that the source of the failure may be identified. If a plug-in module to a Web browser is identified as the source of a failure, options are presented to the user who may update the plug-in module with code that does not produce a failure or disable the plug-in module altogether.

Abstract translation: 本发明通过识别引起故障的插件模块来提高Web浏览器的稳定性。 分析故障时内存中的数据，并生成故障签名。 将故障签名与已知故障签名的数据库进行比较，以便可以识别故障的来源。 如果Web浏览器的插件模块被识别为故障的根源，那么可以向可以使用不产生故障的代码更新插件模块或完全禁用插件模块的用户提供选项。

公开(公告)号：US20050235351A1

公开(公告)日：2005-10-20

申请号：US10826139

申请日：2004-04-15

Applicant: Ann Seltzer ,  Steve Dirickson ,  Roland Tokumi ,  Roberto Franco

Inventor： Ann Seltzer ,  Steve Dirickson ,  Roland Tokumi ,  Roberto Franco

IPC: H04L9/00

CPC classification number: G06F21/57 ,  G06F21/36 ,  G06F21/6209 ,  G06F2221/0706 ,  G06F2221/2101 ,  G06F2221/2141 ,  H04L63/104

Abstract: The present invention provides a method and system for providing a security element that is directed at inhibiting malicious activity by displaying a browser window in such a way that the user can trust and know the source of the window. Additional information and ornamentation is displayed on the window to help ensure that an end user is not confused or misled (“spoofed”) into believing that the window originates from a trusted source. When a call is made to open a browser window, the status bar is displayed by default. The status bar provides additional information, such as the security zone, to the user to help the user in determining the source of the content. The security zone informs the user the location from where the content is originating. This additional information helps to ensure that the user has the necessary information on whether or not to trust the source.

Abstract translation: 本发明提供了一种方法和系统，用于通过以使得用户可以信任和知道窗口的源的方式显示浏览器窗口来提供针对禁止恶意活动的安全性元件。 窗口上会显示附加信息和装饰，以帮助确保最终用户不会被误认或被误导（“欺骗”），认为该窗口来源于信任的来源。 当打电话打开浏览器窗口时，默认情况下会显示状态栏。 状态栏向用户提供诸如安全区域的附加信息，以帮助用户确定内容的来源。 安全区域向用户通知内容来源的位置。 此附加信息有助于确保用户具有关于是否信任源的必要信息。

公开(公告)号：US20050229104A1

公开(公告)日：2005-10-13

申请号：US10822221

申请日：2004-04-09

Applicant: Roberto Franco ,  Quji Guo ,  Roman Pamucci ,  Christopher Sager ,  Reid Holmes ,  J. Hally ,  Joseph Benedek

Inventor： Roberto Franco ,  Quji Guo ,  Roman Pamucci ,  Christopher Sager ,  Reid Holmes ,  J. Hally ,  Joseph Benedek

IPC: G06F17/00

CPC classification number: G06F9/44526

Abstract: The present invention provides a method and a computer-readable medium containing computer-executable instructions for allowing a user of an application program to manage add-ons associated with the application program. A user interface that displays the add-ons associated with the application program is provided. The user interface provides the user with the ability to disable or enable the add-ons, the ability to update certain type of add-ons. In addition, an administrator of the application program can approve or deny certain add-ons and disable a user's ability to disable or enable add-ons.

Abstract translation: 本发明提供了一种包含用于允许应用程序的用户管理与应用程序相关联的附加组件的计算机可执行指令的方法和计算机可读介质。 提供了显示与应用程序相关联的附加组件的用户界面。 用户界面为用户提供禁用或启用附加组件的功能，能够更新某些类型的附加组件。 此外，应用程序的管理员可以批准或拒绝某些加载项，并禁用用户禁用或启用加载项的功能。