公开(公告)号：US07404004B2

公开(公告)日：2008-07-22

申请号：US10716188

申请日：2003-11-18

申请人： Mark Alcazar ,  Jan Thomas Miksovsky ,  David J. Sheldon

发明人： Mark Alcazar ,  Jan Thomas Miksovsky ,  David J. Sheldon

IPC分类号： G06F15/16

CPC分类号： G06F17/3089

摘要： An architectural software framework is provided for creating Web-style application software incorporating protocols and means for expansion and interfacing with other Web-style programs, as well as a reusable basic programming structure, consisting of abstract and concrete data types, that assist in building Web-style applications. The architectural software framework includes a page function and frame. Each Web-style application includes one or more page functions which communicate via the frame.

摘要翻译： 提供了一个架构软件框架，用于创建Web样式应用软件，其中包含扩展和与其他Web样式程序接口的协议和手段，以及可复用的基本编程结构，包括抽象和具体的数据类型，有助于构建Web 风格的应用程序。 架构软件框架包括页面功能和框架。 每个Web风格的应用程序都包含一个或多个通过帧进行通信的页面功能。

公开(公告)号：US20060179482A1

公开(公告)日：2006-08-10

申请号：US11051808

申请日：2005-02-04

申请人： Mark Alcazar ,  Venkata Tammana

发明人： Mark Alcazar ,  Venkata Tammana

IPC分类号： G06F12/14

CPC分类号： G06F21/57 ,  G06F21/52 ,  G06F21/6227 ,  Y10S707/99939

摘要： Described are security critical data containers for platform code, comprising a Get container and Set container that allow data to be marked as security critical for critical usage of that data, but left unmarked for non-critical usage. The number of critical methods in the code is reduced, facilitating better code analysis. A container's method may be marked as security critical, with the only access to the data via the method. By using a generic class for a Get container, access to the critical data only occurs through the property on the class, which is marked as critical. The field pointing to the generic class instance need not be critical, whereby initialization or existence checking may remain non-critical. The Set container handles security critical situations such as data that controls whether code can elevate permissions; a set method is marked as critical, while other methods can be accessed by non-critical code.

公开(公告)号：US20060090173A1

公开(公告)日：2006-04-27

申请号：US11031548

申请日：2005-01-07

申请人： Christopher Anderson ,  Margaret Goodwin ,  Mark Alcazar

发明人： Christopher Anderson ,  Margaret Goodwin ,  Mark Alcazar

IPC分类号： G06F9/44

CPC分类号： G06F9/45537

摘要： Software programming models are provided for supporting host-environment agnostic content that can be hosted in different hosting environments (e.g., browser or window) without needing to rewrite the content. The models comprise a host-environment abstraction wrapper that provides a transparent layer of abstraction between content and host-environment specific instructions. The host-environment abstraction wrapper supports the use of host-environment independent interaction instructions or declarative statements in content by invoking host-environment specific implementation details on behalf of the content. The host-environment independent interaction instructions represent particular interactions between some content and a hosting environment, but do not provide host-environment implementation instructions that are specific to any particular hosting environment.

摘要翻译： 提供了软件编程模型，用于支持可以托管在不同托管环境（例如浏览器或窗口）中的主机环境不可知内容，而无需重写内容。 这些模型包括主机环境抽象包装器，它在内容和主机环境特定的指令之间提供透明的抽象层。 主机环境抽象包装器通过代表内容调用主机环境特定的实现细节来支持在内容中使用与主机与环境无关的交互指令或声明性语句。 主机与环境无关的交互指令表示某些内容与主机环境之间的特定交互，但不提供特定于任何特定主机环境的主机环境实现指令。

公开(公告)号：US20050278792A1

公开(公告)日：2005-12-15

申请号：US10867338

申请日：2004-06-14

申请人： Sundaram Ramani ,  Joseph Beda ,  Mark Alcazar ,  Roberto Franco ,  Roland Tokumi ,  John Bedworth

发明人： Sundaram Ramani ,  Joseph Beda ,  Mark Alcazar ,  Roberto Franco ,  Roland Tokumi ,  John Bedworth

IPC分类号： H04L9/00 ,  H04L9/32 ,  H04L29/06

CPC分类号： H04L63/104 ,  H04L63/102

摘要： A method and system for validating access to a group of related elements are described. The elements within the group access a security context associated with a markup domain when a call is made to an element. An authorized call to an element is enabled such that the markup domain is navigated to a new web page. However, an unauthorized call is prevented so that the navigation to the new web page is not permitted. After the markup domain has been navigated, the security context associated with the markup domain is invalidated. A new security context is generated and associated with the markup domain. The elements associated with the web page navigated from are inaccessible after navigation of the markup domain to the new page. The association of the new security context with the markup domain prevents an unauthorized user from accessing any element that references the previous security context.

摘要翻译： 描述用于验证对一组相关元素的访问的方法和系统。 当对元素进行调用时，组内的元素访问与标记域相关联的安全上下文。 启用对元素的授权呼叫，使得标记域被导航到新的网页。 然而，防止未经授权的呼叫，使得不允许对新网页的导航。 标记域已导航后，与标记域相关联的安全上下文将无效。 生成新的安全上下文并与标记域相关联。 与导航到网页的网页相关联的元素在标记域导航到新页面后是无法访问的。 新安全上下文与标记域的关联可防止未经授权的用户访问引用先前安全上下文的任何元素。