Encoding labels in values to capture information flows
    1.
    发明授权
    Encoding labels in values to capture information flows 有权
    在值中编码标签以捕获信息流

    公开(公告)号:US08898780B2

    公开(公告)日:2014-11-25

    申请号:US13399136

    申请日:2012-02-17

    IPC分类号: G06F15/16 G06F21/62 G06F21/53

    摘要: Methods, servers, and systems for encoding security labels in a dynamic language value to allow cross script communications within client application while limiting the types of information that is allowed to be communicated back to a host server. Static analysis is performed during compilation, and the results are used to generate and insert additional code that updates, modifies and propagates labels (e.g., JavaScript labels) attached to values (e.g., JavaScript values) during execution of a program. To support popular language features that allow for strong integration with other web-based systems, malicious code is allowed to perform operations locally (e.g., on the client), and a detection and prevention mechanism identifies and stops malicious code from sending requests or gathered information over the network, naturalizing attacks and improving the security of applications that embed dynamic language code.

    摘要翻译: 用于以动态语言值对安全标签进行编码的方法,服务器和系统,以允许客户端应用程序内的跨脚本通信,同时限制允许传回主机服务器的信息类型。 在编译期间执行静态分析,结果用于生成和插入在执行程序期间更新,修改和传播附加到值(例如JavaScript值)的标签(例如JavaScript标签)的附加代码。 为了支持允许与其他基于Web的系统强大集成的流行语言特征,允许恶意代码在本地执行操作(例如,在客户端上),并且检测和预防机制识别并阻止恶意代码发送请求或收集的信息 通过网络归化攻击并提高嵌入动态语言代码的应用程序的安全性。

    ENCODING LABELS IN VALUES TO CAPTURE INFORMATION FLOWS
    2.
    发明申请
    ENCODING LABELS IN VALUES TO CAPTURE INFORMATION FLOWS 有权
    编写标签中的标签以获取信息流

    公开(公告)号:US20130117845A1

    公开(公告)日:2013-05-09

    申请号:US13399136

    申请日:2012-02-17

    IPC分类号: G06F21/22

    摘要: Methods, servers, and systems for encoding security labels in a dynamic language value to allow cross script communications within client application while limiting the types of information that is allowed to be communicated back to a host server. Static analysis is performed during compilation, and the results are used to generate and insert additional code that updates, modifies and propagates labels (e.g., JavaScript labels) attached to values (e.g., JavaScript values) during execution of a program. To support popular language features that allow for strong integration with other web-based systems, malicious code is allowed to perform operations locally (e.g., on the client), and a detection and prevention mechanism identifies and stops malicious code from sending requests or gathered information over the network, naturalizing attacks and improving the security of applications that embed dynamic language code.

    摘要翻译: 用于以动态语言值对安全标签进行编码的方法,服务器和系统,以允许客户端应用程序内的跨脚本通信,同时限制允许传回主机服务器的信息类型。 在编译期间执行静态分析,结果用于生成和插入在执行程序期间更新,修改和传播附加到值(例如JavaScript值)的标签(例如JavaScript标签)的附加代码。 为了支持允许与其他基于Web的系统强大集成的流行语言特征,允许恶意代码在本地执行操作(例如,在客户端上),并且检测和预防机制识别并阻止恶意代码发送请求或收集的信息 通过网络归化攻击并提高嵌入动态语言代码的应用程序的安全性。

    HTML5 I-FRAME EXTENSION
    3.
    发明申请

    公开(公告)号:US20130262978A1

    公开(公告)日:2013-10-03

    申请号:US13451981

    申请日:2012-04-20

    IPC分类号: G06F17/22

    摘要: The various aspects provide methods, servers, and systems for identifying independent portions of an HTML document so that the identified portions may be processed in parallel. The independent portions may be associated with an iframe tag having both the seamless and sandbox attributes. At runtime, a browser may detect the presence of both attributes, and process the contents of the iframe in parallel.

    摘要翻译: 各个方面提供用于识别HTML文档的独立部分的方法,服务器和系统,使得可以并行地处理所识别的部分。 独立部分可以与具有无缝和沙箱属性的iframe标签相关联。 在运行时,浏览器可能会检测到两个属性的存在,并且并行处理iframe的内容。

    Hardware support for hashtables in dynamic languages
    4.
    发明授权
    Hardware support for hashtables in dynamic languages 有权
    硬件支持动态语言的哈希表

    公开(公告)号:US09063749B2

    公开(公告)日:2015-06-23

    申请号:US13181712

    申请日:2011-07-13

    IPC分类号: G06F9/44 G06F9/45

    CPC分类号: G06F8/44 G06F8/31 G06F9/4492

    摘要: The aspects enable a computing device to execute traditionally software-based JavaScript® operations in hardware. Each JavaScript® object is hashed into a master hashtable that may be stored in the software. A portion of the software hashtable may be pushed to a hardware hashtable using special instruction set registers dedicated to hashtable processing. Each time a software process requests a hashtable operation (e.g., lookup) the hardware hashtable is checked to determine if the value exists in hardware. If the requested value is in the hardware hashtable, the requested value is accessed in a single operation step. If the requested value is not in the hardware hashtable, the requested value is extracted from the master hashtable in the software and a portion of the master hashtable containing the extracted value is pushed to the hardware using special instruction set registers.

    摘要翻译: 这些方面使计算设备能够在硬件中执行传统的基于软件的JavaScript®操作。 每个JavaScript®对象被散列成可以存储在软件中的主哈希表。 可以使用专用于散列表处理的专用指令集寄存器将软件散列表的一部分推送到硬件散列表。 每当软件进程请求哈希表操作(例如,查找)时,检查硬件散列表以确定该值是否存在于硬件中。 如果请求的值在硬件哈希表中,则在单个操作步骤中访问所请求的值。 如果请求的值不在硬件哈希表中,则从软件中的主哈希表中提取所请求的值,并且使用特殊指令集寄存器将包含提取的值的主要哈希表的一部分推送到硬件。

    REDUCING WEB BROWSING OVERHEADS WITH EXTERNAL CODE CERTIFICATION
    5.
    发明申请
    REDUCING WEB BROWSING OVERHEADS WITH EXTERNAL CODE CERTIFICATION 有权
    减少网络浏览超出外部代码认证

    公开(公告)号:US20130198612A1

    公开(公告)日:2013-08-01

    申请号:US13399126

    申请日:2012-02-17

    IPC分类号: G06F21/00 G06F17/00

    摘要: Methods, servers, and systems for using signatures/certifications embedded in pre-processed code to enable use or reuse of pre-processed code to obviate the need to perform some operations or execute some scripts within the web page content. One or more operations may be performed within an executable script in web page content and signing the result of the operation in a manner that can be used to verify that the corresponding operation may be skipped by a browser. A browser receiving signed pre-processed code may use a signature verification process to determine whether the browser can bypass executing corresponding scripts in the web page content or perform alternative operations. Operations may be pre-performed and the results signed by off-line tools and included in the web page content. Results of operations may be stored in memory along with a signature so the results of the operation can be reused in the future.

    摘要翻译: 使用嵌入在预处理代码中的签名/认证的方法,服务器和系统能够使用或重新使用预处理的代码,以避免在网页内容中执行某些操作或执行某些脚本的需要。 可以在网页内容中的可执行脚本内执行一个或多个操作,并以可用于验证相应操作可能被浏览器跳过的方式对操作结果进行签名。 接收签名的预处理代码的浏览器可以使用签名验证过程来确定浏览器是否可以绕过在网页内容中执行相应的脚本或执行替代操作。 操作可能是预先执行的,结果由离线工具签名并包含在网页内容中。 操作结果可以与签名一起存储在存储器中,因此可以在将来重复使用该操作的结果。

    Retargetable instruction set simulators
    6.
    发明授权
    Retargetable instruction set simulators 有权
    可重定向指令集模拟器

    公开(公告)号:US08621444B2

    公开(公告)日:2013-12-31

    申请号:US10599593

    申请日:2004-09-30

    IPC分类号: G06F9/45

    CPC分类号: G06F9/45504

    摘要: Methods for simulating an instruction set architecture (ISA) with a instruction set simulator (ISS) are provided. One exemplary embodiment of the methods includes fetching a first decoded instruction during a run time, where the decoded instruction is decoded from an original instruction in a target application program during a compile time preceding the run time. The decoded instruction can designate a template configured to implement the functionality of the original instruction. The method also preferably includes determining whether the fetched instruction is modified from the original instruction and then executing the designated template if the instruction was not modified. The method can also include decoding the original instruction during the compile time by selecting a template corresponding to the original instruction and then customizing the template based on the data in original instruction. The method can also include optimizing the customized template during the compile time.

    摘要翻译: 提供了使用指令集模拟器(ISS)来模拟指令集体系结构(ISA)的方法。 所述方法的一个示例性实施例包括在运行时间期间获取第一解码指令,其中在运行时间之前的编译时间期间从目标应用程序中的原始指令对解码指令进行解码。 解码的指令可以指定被配置为实现原始指令的功能的模板。 该方法还优选地包括确定所获取的指令是否从原始指令修改,然后如果指令未被修改则执行指定的模板。 该方法还可以包括在编译期间通过选择与原始指令相对应的模板来解码原始指令,然后基于原始指令中的数据自定义模板。 该方法还可以包括在编译期间优化自定义模板。

    HARDWARE SUPPORT FOR HASHTABLES IN DYNAMIC LANGUAGES
    7.
    发明申请
    HARDWARE SUPPORT FOR HASHTABLES IN DYNAMIC LANGUAGES 有权
    动态语言中硬件支持的硬件支持

    公开(公告)号:US20120304159A1

    公开(公告)日:2012-11-29

    申请号:US13181712

    申请日:2011-07-13

    IPC分类号: G06F9/45

    CPC分类号: G06F8/44 G06F8/31 G06F9/4492

    摘要: The aspects enable a computing device to execute traditionally software-based JavaScript® operations in hardware. Each JavaScript® object is hashed into a master hashtable that may be stored in the software. A portion of the software hashtable may be pushed to a hardware hashtable using special instruction set registers dedicated to hashtable processing. Each time a software process requests a hashtable operation (e.g., lookup) the hardware hashtable is checked to determine if the value exists in hardware. If the requested value is in the hardware hashtable, the requested value is accessed in a single operation step. If the requested value is not in the hardware hashtable, the requested value is extracted from the master hashtable in the software and a portion of the master hashtable containing the extracted value is pushed to the hardware using special instruction set registers.

    摘要翻译: 这些方面使计算设备能够在硬件中执行传统的基于软件的JavaScript®操作。 每个JavaScript®对象被散列成可以存储在软件中的主哈希表。 可以使用专用于散列表处理的专用指令集寄存器将软件散列表的一部分推送到硬件散列表。 每当软件进程请求哈希表操作(例如,查找)时,检查硬件散列表以确定该值是否存在于硬件中。 如果请求的值在硬件哈希表中,则在单个操作步骤中访问所请求的值。 如果请求的值不在硬件哈希表中,则从软件中的主哈希表中提取所请求的值,并且使用特殊指令集寄存器将包含提取的值的主要哈希表的一部分推送到硬件。

    Reducing web browsing overheads with external code certification

    公开(公告)号:US09819687B2

    公开(公告)日:2017-11-14

    申请号:US13399126

    申请日:2012-02-17

    摘要: Methods, servers, and systems for using signatures/certifications embedded in pre-processed code to enable use or reuse of pre-processed code to obviate the need to perform some operations or execute some scripts within the web page content. One or more operations may be performed within an executable script in web page content and signing the result of the operation in a manner that can be used to verify that the corresponding operation may be skipped by a browser. A browser receiving signed pre-processed code may use a signature verification process to determine whether the browser can bypass executing corresponding scripts in the web page content or perform alternative operations. Operations may be pre-performed and the results signed by off-line tools and included in the web page content. Results of operations may be stored in memory along with a signature so the results of the operation can be reused in the future.

    HTML5 I-frame extension
    9.
    发明授权
    HTML5 I-frame extension 有权
    HTML5 I帧扩展

    公开(公告)号:US09372836B2

    公开(公告)日:2016-06-21

    申请号:US13451981

    申请日:2012-04-20

    摘要: The various aspects provide methods, servers, and systems for identifying independent portions of an HTML document so that the identified portions may be processed in parallel. The independent portions may be associated with an iframe tag having both the seamless and sandbox attributes. At runtime, a browser may detect the presence of both attributes, and process the contents of the iframe in parallel.

    摘要翻译: 各个方面提供用于识别HTML文档的独立部分的方法,服务器和系统,使得可以并行地处理所识别的部分。 独立部分可以与具有无缝和沙箱属性的iframe标签相关联。 在运行时,浏览器可能会检测到两个属性的存在,并且并行处理iframe的内容。

    Web browsing enhanced by cloud computing
    10.
    发明授权
    Web browsing enhanced by cloud computing 有权
    云计算增强网页浏览

    公开(公告)号:US09146909B2

    公开(公告)日:2015-09-29

    申请号:US13192064

    申请日:2011-07-27

    IPC分类号: G06F17/00 G06F17/22 G06F17/30

    摘要: Methods and devices include a server and at least two web browsers operable on at least two different computing devices. Each browser reports results of processing and rendering of webpages to the server. The server aggregates the data. The server generates metadata from the aggregated browsers. The server transmits the generated metadata to at least one computing device. The computing device renders a webpage using at least a portion of the provided metadata. The metadata may identify portions of JavaScript that can be processed in parallel. The metadata may identify a library portion that does not have to be loaded. The metadata may identify a portion of the webpage that may be rendered first before a second portion of the webpage. Returning metadata to the computing device can assist the computing device in parsing, analyzing or executing the request for the webpage.

    摘要翻译: 方法和设备包括服务器和至少两个可在至少两个不同计算设备上操作的网络浏览器。 每个浏览器报告处理和呈现网页到服务器的结果。 服务器汇总数据。 服务器从聚合浏览器生成元数据。 服务器将生成的元数据发送到至少一个计算设备。 计算设备使用提供的元数据的至少一部分呈现网页。 元数据可以标识可以并行处理的JavaScript的部分。 元数据可以标识不需要加载的库部分。 元数据可以标识可以在网页的第二部分之前首先呈现的网页的一部分。 将元数据返回到计算设备可以帮助计算设备解析,分析或执行对网页的请求。