US2007112814A1PendingUtilityA1
Methods and systems for providing improved security when using a uniform resource locator (URL) or other address or identifier
Est. expiryNov 12, 2025(expired)· nominal 20-yr term from priority
Inventors:Stuart D. Cheshire
G06F 16/955H04L 63/168H04L 63/1441H04L 63/1483
48
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
Methods and systems for improving security when accessing a URL, such as a Web site. In one exemplary method, a user is warned if a previously unvisited Web site being accessed originated from an email message or other electronic source external to a Web browser being used to access the Web site. Other methods, as well as data processing systems and machine-readable media, are also described.
Claims
exact text as granted — not AI-modified1 . A machine implemented method comprising:
obtaining a URL; determining automatically, in response to obtaining the URL, whether to add the URL to a list of trusted URLs.
2 . A method as in claim 1 further comprising:
receiving an input from a user to access a Web site through the URL (Uniform Resource Locator); verifying if the Web site is deemed to be trusted; and presenting a warning to the user if the Web site is not trusted.
3 . A method as in claim 2 wherein verifying if the Web site is trusted comprises determining a host name of the URL and comparing the host name to a history of host names of Web sites visited and indicated to be trusted.
4 . A method as in claim 3 wherein the host name is determined by heuristics based on the URL that is partly comprised of a host name and wherein the host name is further comprised of DNS labels.
5 . A method as in claim 2 wherein the verifying if the Web site has been deemed trusted comprises examining a history list containing all sites previously visited by the user and wherein the history list is shared among a plurality of application programs.
6 . A method as in claim 2 wherein an electronic document, which includes the URL, is presented through a non-Web browser application program and may be one of an email message, an instant messaging message, a PDF document or any other form of electronic communication or electronic document that can include a URL in its content.
7 . A method as in claim 5 wherein each entry in the user history list is one of a host name of a site visited by the user and accepted as trusted or a full URL.
8 . A method as in claim 5 wherein a listing service run by an operating system maintains and updates the history list and interacts with a plurality of application programs through which the user can access a Web site.
9 . A method as in claim 5 wherein entries to the history list are made by an importer program that reports at least a portion of the URL of any Web sites visited by the user using a plurality of application programs.
10 . A method as in claim 2 wherein the presenting of the warning to the user further comprises generating and displaying a list of Web sites with similar host names that have been previously visited by the user.
11 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of managing data, the method comprising:
obtaining a URL; determining automatically, in response to obtaining the URL, whether to add the URL to a list of trusted URLs.
12 . A machine-readable medium as in claim 11 further comprising:
receiving an input from a user to access a Web site through the URL included in an electronic document; verifying if the Web site is deemed to be trusted; and presenting a warning to the user if the Web site is not trusted.
13 . A machine-readable medium as in claim 12 wherein verifying if the Web site has been deemed trusted comprises determining a host name of the URL and comparing the host name to a history of host names of Web sites visited and indicated to be trusted.
14 . A machine-readable medium as in claim 12 wherein the verifying if the Web site has been deemed trusted comprises examining a history list containing all sites previously visited by the user and wherein the history list is shared among a plurality of application programs.
15 . A machine-readable medium as in claim 14 wherein the electronic document is presented through a non-Web browser application program and may be one of an email message, an instant messaging message, a PDF document or any other form of electronic communication or electronic document that can include a URL in its content.
16 . A machine-readable medium as in claim 14 wherein each entry in the history list is one of a full URL or is a host name of a site visited by the user and accepted as trusted.
17 . A machine-readable medium as in claim 14 wherein a listing service run by an operating system maintains and updates the history list and interacts with a plurality of application programs through which the user can access a Web site.
18 . A machine-readable medium as in claim 14 wherein entries to the history list are made by an importer program that reports at least a portion of the URL of any Web sites visited by the user using a plurality of application programs.
19 . A machine-readable medium as in claim 12 wherein the presenting of the warning to the user further comprises generating and displaying a list of Web sites with similar host names that have been previously visited by the user.
20 . A data processing system comprising:
means for receiving an input from a user to access a Web site through a URL included in an electronic document presented by other than a Web browser; means for verifying if the Web site has been deemed trusted by at least one of the user or the data processing system; and means for presenting a warning to the user if the Web site has not been previously accessed.
21 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of a URL (Uniform Resource Locator), wherein the determining results in classifying the source as at least one of a first class or a second class and wherein the URL includes a first portion; determining, in response to determining that the source is classified in the second class, whether the data processing system has previously accepted another URL as trusted and if not then presenting a warning, wherein the another URL includes the first portion.
22 . A machine-readable medium as in claim 21 wherein the first class comprises at least typing a URL into a text entry field of a Web browser and wherein the second class comprises at least passing a URL from a non-Web browser application program to a Web browser and wherein the first portion comprises a host name of the URL.
23 . A machine-readable medium as in claim 22 wherein the non-Web browser application program is one of an email application, an instant messaging application, a PDF (Portable Document Format) application, a word processing application, a spreadsheet application and an image displaying or processing application.
24 . A machine-readable medium as in claim 22 wherein the determining of whether the data processing system has previously accepted the another URL as trusted comprises examining a history list of previously trusted URLs, each having a corresponding host name.
25 . A machine-readable medium as in claim 24 wherein the history list is used by a plurality of application programs which access Web sites.
26 . A machine-readable medium as in claim 21 , further comprising:
recording automatically, in response to determining that the source is classified in the first class, a representation of the URL into a list of trusted URLs.
27 . A machine implemented method on a data processing system, the method comprising:
determining a source of a URL (Uniform Resource Locator), wherein the determining results in classifying the source as at least one of a first class or a second class and wherein the URL includes a first portion; determining, in response to determining that the source is classified in the second class, whether the data processing system has previously accepted another URL as trusted and if not then presenting a warning, wherein the another URL includes the first portion.
28 . A method as in claim 27 wherein the first class comprises at least typing a URL into a text entry field of a Web browser and wherein the second class comprises at least passing a URL from a non-Web browser application program to a Web browser and wherein the first portion comprises a host name of the selected URL.
29 . A method as in claim 28 wherein the non-Web browser application program is one of an email application, an instant messaging application, a PDF (Portable Document Format) application, a word processing application, a spreadsheet application and an image displaying or processing application.
30 . A method as in claim 28 wherein the determining of whether the data processing system has previously accepted the another URL as trusted comprises examining a history list of previously trusted URLs, each having a corresponding host name.
31 . A method as in claim 30 wherein the history list is used by a plurality of application programs which access Web sites.
32 . A method as in claim 27 wherein the method further comprises:
recording automatically, in response to determining that the source is classified in the first class, a representation of the URL into a list of trusted URLs.
33 . A data processing system comprising:
means for determining a source of a URL (Uniform Resource Locator), wherein the determining results in classifying the source as at least one of a first class or a second class and wherein the URL includes a first portion; means for determining, in response to determining that the source is classified in the second class, whether the data processing system has previously accepted another URL as trusted and if not then presenting a warning, wherein the another URL includes the first portion.
34 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
classifying a source of a URL (Uniform Resource Locator) as at least one of trustworthy or untrustworthy; and recording automatically, in response to classifying that the source is trustworthy, a representation of the URL into a list of trusted URLs.
35 . A machine-readable medium as in claim 34 wherein a source is trustworthy if it is one of: (a) typed by a user; (b) spoken, and recognized by the data processing system, by the user; or (c) selected as a URL on a trusted Web page.
36 . A machine implemented method comprising:
receiving an input from a user to access an information on a network through an address included in an electronic document; verifying if the information has been deemed trusted by at least one of the user or the machine; and presenting a warning to the user if the information has not been previously accessed.
37 . A method as in claim 36 wherein the electronic document is presented through a non-Web browser application program and may be one of an email message, an instant messaging message, a PDF document or any other form of electronic communication or electronic document that can include a URL in its content.
38 . A method as in claim 36 wherein verifying if the information has been deemed trusted by the user further comprises comparing at least a portion of the address to a history of addresses visited and indicated to be trusted.
39 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of managing data, the method comprising:
receiving an input from a user to access an information on a network through an address in an electronic document; verifying if the information has been deemed trusted by at least one of the user or the data processing system; and presenting a warning to the user if the information has not been previously accessed.
40 . A machine-readable medium as in claim 39 wherein the electronic document is presented through a non-Web browser application program and may be one of an email message, an instant messaging message, a PDF document or any other form of electronic communication or electronic document that can include a URL in its content.
41 . A machine-readable medium as in claim 39 wherein verifying if the information has been deemed trusted further comprises comparing at least a portion of the address to a history of addresses visited and indicated to be trusted.
42 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
classifying an address of information on a network as at least one of a first class or a second class, wherein the address includes a first portion; determining, in response to classifying the address in the second class, whether the data processing system has previously accepted another address as trusted and if not then presenting a warning, wherein the another address includes the first portion.
43 . A machine-readable medium as in claim 42 wherein the first class comprises at least typing the address into a text entry field of a Web browser and wherein the second class comprises at least passing the address from a non-Web browser application program to a Web browser and wherein the first portion comprises a host name.
44 . A machine-readable medium as in claim 43 wherein the non-Web browser application program is one of an email application, an instant messaging application, a PDF (Portable Document Format) application, a word processing application, a spreadsheet application and an image displaying or processing application.
45 . A machine-readable medium as in claim 43 wherein the determining of whether the data processing system has previously accepted the another address as trusted comprises examining a history list of previously trusted addresses.
46 . A machine-readable medium as in claim 42 further comprising:
recording automatically, in response to determining that the address is classified in the first class, a representation of the address into a list of trusted addresses.
47 . A machine implemented method on a data processing system, the method comprising:
classifying an address of information on a network as at least one of a first class or a second class and wherein the address includes a first portion; determining, in response to classifying the address in the second class, whether the data processing system has previously accepted another address as trusted and if not then presenting a warning, wherein the another address includes the first portion.
48 . A method as in claim 47 wherein the first class comprises at least typing the address into a text entry field of a Web browser and wherein the second class comprises at least passing the address from a non-Web browser application program to a Web browser and wherein the first portion comprises a host name.
49 . A method as in claim 48 wherein the non-Web browser application program is one of an email application, an instant messaging application, a PDF (Portable Document Format) application, a word processing application, a spreadsheet application and an image displaying or processing application.
50 . A method as in claim 48 wherein the determining of whether the data processing system has previously accepted the another address as trusted comprises examining a history list of previously trusted addresses.
51 . A method as in claim 47 wherein the method further comprises:
recording automatically, in response to determining that the address is classified in the first class, a representation of the address into a list of trusted addresses.
52 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an address of information on a network, wherein the determining results in classifying the source as at least one of trustworthy or untrustworthy; and recording automatically, in response to determining that the source is trustworthy, a representation of the address into a list of trusted addresses.
53 . A machine-readable medium as in claim 52 wherein a source is trustworthy if it is one of: (a) typed by a user; (b) spoken, and recognized by the data processing system, by the user; or (c) selected as an address on a trusted page.
54 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an address of information on a data network; determining automatically whether to warn a user based on whether the source is trustworthy or not.
55 . A machine-readable medium as in claim 54 , the method further comprising:
presenting a user interface to allow the user to select settings for how to determine the source or how to warn the user.
56 . A machine implemented method comprising:
determining a source of an address of information on a data network; determining automatically whether to warn a user based on whether the source is trustworthy or not.
57 . A method as in claim 56 , the method further comprising:
presenting a user interface to allow the user to select settings for how to determine the source or how to warn the user.
58 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an address of information on a data network; classifying automatically the address based on whether the source is trustworthy or not.
59 . A machine-readable medium as in claim 58 , the method further comprising:
disabling an input field if the source is not trustworthy.
60 . A machine-readable medium as in claim 58 , the method further comprising:
presenting a user interface to allow a user to select settings for control of the determining or the classifying.
61 . A machine implemented method comprising:
determining a source of an address of information on a data network; classifying automatically the address based on whether the source is trustworthy or not.
62 . A machine implemented method as in claim 61 , the method further comprising:
disabling an input field if the source is not trustworthy.
63 . A machine implemented method as in claim 61 , the method further comprising:
presenting a user interface to allow a user to select settings for control of the determining or the classifying.
64 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method, the method comprising:
classifying an identifier of information on a network as at least one of a first class or a second class and wherein the identifier includes a first portion; determining, in response to classifying the identifier in the second class, whether the data processing system has previously accepted another identifier as trusted and if not then presenting a warning, wherein the another identifier includes the first portion.
65 . A medium as in claim 64 wherein the first class comprises at least typing the address into a text entry field of a Web browser and wherein the second class comprises at least passing the address from a non-Web browser application program to a Web browser and wherein the first portion comprises a host name.
66 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an identifier of information on a network, wherein the determining results in classifying the source as at least one of trustworthy or untrustworthy; and recording automatically, in response to determining that the source is trustworthy, a representation of the identifier into a list of trusted addresses.
67 . A machine-readable medium as in claim 66 wherein a source is trustworthy if it is one of: (a) typed by a user; (b) spoken, and recognized by the data processing system, by the user; or (c) selected as an address on a trusted page.
68 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an identifier of information on a data network; determining automatically whether to warn a user based on whether the source is trustworthy or not.
69 . A machine-readable medium as in claim 68 , the method further comprising:
presenting a user interface to allow the user to select settings for how to determine the source or how to warn the user.
70 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an identifier of information on a data network; classifying automatically the identifier based on whether the source is trustworthy or not.
71 . A machine-readable medium as in claim 70 , the method further comprising:
disabling an input field if the source is not trustworthy.
72 . A machine-readable medium as in claim 70 , the method further comprising:
presenting a user interface to allow a user to select settings for control of the determining or the classifying.
73 . A machine-readable medium providing executable program instructions for causing a data processing system to perform a method comprising:
determining, prior to displaying information designated by an identifier, whether the information is believed to be trustworthy by consulting a list having representations of identifiers for trusted information; displaying the information normally if the consulting indicates that the identifier is believed trustworthy; displaying the information in a safe mode if the consulting indicates that the identifier is believed to be not trustworthy.
74 . The medium of claim 73 wherein the identifier is a URL, and the list is a list of trusted host names, and the determination of whether a URL is believed trustworthy is made by determining whether the host name pat of the URL appears in the list of trusted host names and wherein the safe mode comprises at least one of a warning, disabled user interface elements, disabled user-input elements, and disabled program elements.
75 . The medium of claim 73 wherein, prior to performing the determining, the method determines whether the identifier was received from a trusted source, and if so, a representation of the identifier is added to the list (e.g. a sub-portion of the identifier is added to the list) or a rule is added to a rules database, or other modification is made to the list or pattern matching rules or instructions to cause the identifier to be subsequently recognized as trusted.
76 . The medium of claim 75 wherein a source of an identifier is deemed to be trusted if the source was a user typing it on a keyboard, but not if the identifier was received via a user pasting the identifier from some other source via a copy-and-paste operation, or dropping the identifier from some other source via a drag-and-drop operation.
77 . The medium of claim 75 wherein a source of an identifier is deemed to be trusted if the source was some other information already displayed as trusted.
78 . The medium of claim 77 wherein the identifier is a URL, and the source of the URL is deemed to be trusted if it was a link on an already-trusted Web page, but not if the source was an instruction received from some other program (e.g. an email client, PDF viewer, instant messaging client, another Web browser, etc.) telling the Web browser to display the page indicated by the given URL.
79 . The medium of claim 78 wherein a link on a Web page may indicate, via a tag or other mechanism, an explicit non-conferral of trust, to allow, for example, an anti-phishing Web page to intentionally contain a link to a known phishing Web page, without causing Web browsers to inadvertently conclude that the phishing Web page should be regarded as trustworthy.
80 . The medium of claim 73 , wherein any entries in the user's Web browser bookmarks or favorites list are added to the list or instructions, such that those bookmarks will be determined to be trusted.
81 . A Web browser stored on a machine-readable medium providing executable program instructions for causing a data processing system to perform a method, the method comprising:
classifying an identifier of information on a network as at least one of a first class or a second class and wherein the identifier includes a first portion; determining, in response to classifying the identifier in the second class, whether the data processing system has previously accepted another identifier as trusted and if not then presenting a warning, wherein the another identifier includes the first portion.
82 . A Web browser as in claim 81 wherein the first class comprises at least typing the address into a text entry field of the Web browser and wherein the second class comprises at least passing the address from a non-Web browser application program to a Web browser and wherein the first portion comprises a host name.
83 . A Web browser stored on a machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an identifier of information on a network, wherein the determining results in classifying the source as at least one of trustworthy or untrustworthy; and recording automatically, in response to determining that the source is trustworthy, a representation of the identifier into a list of trusted addresses.
84 . A Web browser as in claim 83 wherein a source is trustworthy if it is one of: (a) typed by a user; (b) spoken, and recognized by the data processing system, by the user; or (c) selected as an address on a trusted page.
85 . A Web browser stored on a machine-readable medium providing executable program instructions for causing a data processing system to perform a method of processing data, the method comprising:
determining a source of an identifier of information on a data network; determining automatically whether to warn a user based on whether the source is trustworthy or not.
86 . A medium as in claim 73 wherein the safe mode comprises a warning banner which contains a button or other user interface element by which the user may explicitly indicate that the identifier for the currently-displayed information should be added to the list of trusted identifiers, or a sub-portion of the identifier should be added to the list, or a rule should be added to the rules database, or other modification made to the list of identifiers, rules or instructions to cause said identifier to be subsequently recognized as trusted.
87 . A medium as in claim 73 wherein the list is pre-populated by the vendor with information pertaining to identifiers that are known to be trusted.Join the waitlist — get patent alerts
Track US2007112814A1 — get alerts on status changes and closely related new filings.
We store only your email — no account needed. See our privacy policy.