公开(公告)号：US11025629B2

公开(公告)日：2021-06-01

申请号：US16151625

申请日：2018-10-04

Applicant: salesforce.com, inc.

Inventor： Doug Chasman ,  Caridy Patiño ,  Trevor James Bliss ,  Sergey Gorbaty

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/62 ,  G06F16/93 ,  G06F16/9535 ,  G06F16/80

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.

公开(公告)号：US20190036929A1

公开(公告)日：2019-01-31

申请号：US16151625

申请日：2018-10-04

Applicant: salesforce.com, inc.

Inventor： Doug Chasman ,  Caridy Patiño ,  Trevor James Bliss ,  Sergey Gorbaty

IPC: H04L29/06 ,  G06F17/30 ,  G06F21/62

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.

公开(公告)号：US10129258B2

公开(公告)日：2018-11-13

申请号：US15364939

申请日：2016-11-30

Applicant: salesforce.com, inc.

Inventor： Doug Chasman ,  Caridy Patiño ,  Trevor James Bliss ,  Sergey Gorbaty

IPC: H04L29/06 ,  G06F21/62 ,  G06F17/30

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.

公开(公告)号：US20180152456A1

公开(公告)日：2018-05-31

申请号：US15364929

申请日：2016-11-30

Applicant: salesforce.com, inc.

Inventor： Doug Chasman ,  Caridy Patiño ,  Trevor James Bliss ,  Sergey Gorbaty

IPC: H04L29/06

CPC classification number: H04L63/101 ,  G06F21/6218 ,  H04L63/06

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the components modeled in hierarchical form. Each API component is assigned to a system mode setting, where the system mode setting is configured to provide the API component access to all of the components in the application. One or more secure documents are generated for each custom component, with each secure document containing a key in accordance with the rules of capability security. Each custom component is then assigned to a user mode setting, where the user mode setting is configured to provide custom components access to other components in the application for which a key can be provided.

公开(公告)号：US10116660B2

公开(公告)日：2018-10-30

申请号：US15364929

申请日：2016-11-30

Applicant: salesforce.com, inc.

Inventor： Doug Chasman ,  Caridy Patiño ,  Trevor James Bliss ,  Sergey Gorbaty

IPC: H04L29/06

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the components modeled in hierarchical form. Each API component is assigned to a system mode setting, where the system mode setting is configured to provide the API component access to all of the components in the application. One or more secure documents are generated for each custom component, with each secure document containing a key in accordance with the rules of capability security. Each custom component is then assigned to a user mode setting, where the user mode setting is configured to provide custom components access to other components in the application for which a key can be provided.

公开(公告)号：US20180152450A1

公开(公告)日：2018-05-31

申请号：US15364939

申请日：2016-11-30

Applicant: salesforce.com, inc.

Inventor： Doug Chasman ,  Caridy Patiño ,  Trevor James Bliss ,  Sergey Gorbaty

IPC: H04L29/06 ,  G06F21/62 ,  G06F17/30

CPC classification number: H04L63/10 ,  G06F17/30908 ,  G06F21/629 ,  H04L63/06 ,  H04L63/102 ,  H04L63/20

Abstract: Disclosed are examples of systems, apparatus, methods and computer program products for providing a security model for component-based web applications. Documents for a web-based application are received, with the application containing custom components and Application Programming Interface (API) components. A Document Object Model (DOM) is processed corresponding to the web-based application, with the custom and API components modeled in hierarchical form. For each custom component, a key is assigned in accordance with the rules of capability security, accessible custom components are identified for which the custom component can provide the assigned key, a virtual DOM is generated for the custom component with the component and identified accessible custom components being modeled in hierarchical form, and the custom component is prohibited access to all inaccessible custom components.