US2021144155A1PendingUtilityA1

Code domain isolation

61
Assignee: ISOLATED TECH LLCPriority: Dec 17, 2010Filed: Jan 17, 2021Published: May 13, 2021
Est. expiryDec 17, 2030(~4.4 yrs left)· nominal 20-yr term from priority
G06F 21/53H04L 63/1408G06F 21/74G06F 3/04842G06F 16/986G06F 21/568H04L 63/02G06F 21/56H04L 63/145
61
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A method for achieving code domain isolation. A first set of data is received in a first domain format. The first set of data is changed to a second domain format. The first set of data in the second domain format is captured. The first set of data in the second domain format is changed to a third domain format. The first set of data in the third domain format is prepared for receipt by a user computer system.

Claims

exact text as granted — not AI-modified
1 . A method, performed by an intermediate device, for prevention of malware infection of a user device, the method comprising:
 receiving, from a browser operating on the user device, a request for a first web page associated with an Internet web site, the browser being capable of rendering the first web page;   requesting the first web page;   receiving the first web page;   generating graphical image data corresponding to a rendering of first web page; and   transmitting, to the browser, in place of the first web page, the graphical image data.   
     
     
         2 . The method of  claim 1 , further comprising:
 receiving, from the browser, a command for interacting with the first web page;   forwarding the command to the web site for execution;   receiving, in response to the forwarded command, a second web page;   generating graphical image data corresponding to a rendering of the second web page; and   transmitting, to the browser, in place of the second web page, the graphical image data.   
     
     
         3 . The method of  claim 1 , further comprising:
 receiving, from the browser, a user input to the first web page;   forwarding, to the web site, the user input;   generating graphical image data corresponding to the user input; and   transmitting, to the browser, the graphical image data corresponding to the user input.   
     
     
         4 . The method of  claim 1 , wherein:
 receiving, from the browser, a request for a first web page associated with an Internet web site, comprises receiving the request over a first interface; and   transmitting, to the browser, the graphical image data corresponding to the rendering of the first web page comprises transmitting the graphical image data over a second interface, separate from the first interface.   
     
     
         5 . The method of  claim 1 , wherein generating graphical image data corresponding to a rendering of the first web page comprises rendering the first web page in a video format. 
     
     
         6 . The method of  claim 1 , wherein the intermediate device comprises two or more devices. 
     
     
         7 . The method of  claim 1 , wherein the intermediate device comprises one or more virtual machines. 
     
     
         8 . A method, performed by an intermediate device, for prevention of malware infection of a user device, the method comprising:
 receiving, from a browser operating on the user device, a request for a first web page associated with an Internet web site;   comparing the web site against a safe list;   if the web site is on the safe list:
 requesting the first web page; 
 receiving the first web page; and 
 transmitting the first web page to the browser; and 
   if the web site is not on the safe list:
 requesting the first web page; 
 receiving the first web page; 
 generating graphical image data corresponding to a rendering of the first web page; and 
 transmitting, to the browser, in place of the first web page, the graphical image data corresponding to the rendering of the first web page. 
   
     
     
         9 . The method of  claim 8 , further comprising:
 receiving, from the browser, a command for interacting with the first web page;   forwarding the command to the web site for execution;   receiving, in response to the forwarded command, a second web page;   if the web site is not on the safe list:   generating graphical image data corresponding to a rendering of the second web page; and   transmitting, to the browser, in place of the second web page, the graphical image data corresponding to the rendering of the second web page.   
     
     
         10 . The method of  claim 8 , further comprising:
 receiving, from the browser, a user input to the first web page;   forwarding, to the web site, the user input;   receiving first web page as modified by user input;   if the web site is not on the safe list:   generating graphical image data corresponding to the user input; and   transmitting, to the browser, the graphical image data corresponding to the user input.   
     
     
         11 . The method of  claim 8 , wherein:
 receiving, from the browser, a request for a first web page associated with an Internet web site, comprises receiving the request over a first interface; and   transmitting, to the browser, the graphical image data corresponding to the rendering of the first web page comprises transmitting the graphical image data over a second interface, separate from the first interface.   
     
     
         12 . The method of  claim 8 , wherein generating graphical image data corresponding to a rendering of the first web page comprises rendering the first web page in a video format. 
     
     
         13 . The method of  claim 8 , wherein the intermediate device comprises two or more devices. 
     
     
         14 . The method of  claim 8 , wherein the intermediate device comprises one or more virtual machines. 
     
     
         15 . A method, performed by an intermediate device, for prevention of malware infection of a user device, the method comprising:
 receiving, from the user device, a request for an executable component, the user device being capable of executing the executable component;   rendering the executable component to generate graphical image data corresponding to the rendered executable component; and   transmitting, to the user device, in place of the executable component, the graphical image data corresponding to the rendered executable component.   
     
     
         16 . The method of  claim 15 , wherein:
 receiving, from the user device, a request for an executable component, comprises receiving the request over a first interface; and   transmitting, to the user device, the graphical image data corresponding to the rendered executable component comprises transmitting the graphical image data over a second interface, separate from the first interface.   
     
     
         17 . The method of  claim 15 , wherein rendering the executable component to generate graphical image data corresponding to the rendered executable component comprises rendering the executable in a video format. 
     
     
         18 . The method of  claim 15 , wherein the intermediate device comprises two or more devices. 
     
     
         19 . The method of  claim 15 , wherein the intermediate device comprises one or more virtual machines. 
     
     
         20 . A method, performed by an intermediate device residing on a network, for protecting a user device on the network from executing malicious code, the method comprising:
 receiving, from the user device, a request for a first web page associated with an Internet web site;   requesting, over the network, the first web page;   receiving the requested first web page;   rendering the first web page as received to generate a visual representation of the first web page, wherein rendering the first web page as received includes executing code included with the first web page;   enabling user interaction with visual representation of the first web page; and   transmitting, to the user device, the visual representation of the first web page, such that the user device may display the visual representation and interact with the first web page as though the first web page was rendered by the user device.   
     
     
         21 . The method of  claim 20 , wherein enabling user interaction with visual representation of the first web page comprises:
 correlating aspects of the visual representation of the first web page with any interactive components in the rendered first web page.   
     
     
         22 . The method of  claim 20 , wherein enabling user interaction with visual representation of the first web page comprises:
 overlaying the visual representation of the first web page with an HTML image map correlated to the first web page.   
     
     
         23 . The method of  claim 22 , wherein the HTML image map is wrapped in a frame compatible with a browser operating on the user device. 
     
     
         24 . The method of  claim 20 , further comprising:
 receiving, from the user device, a command for interacting with the first web page;   forwarding, over the network, the command to the web site for execution;   receiving, over the network in response to the forwarded command, a second web page;   rendering the second web page as received to generate a visual representation of the second web page; and   transmitting, to the user device, in place of the second web page, the visual representation of the second web page.   
     
     
         25 . The method of  claim 20 , further comprising:
 receiving, from the user device, a user input to the first web page;   forwarding, to the web site over the network, the user input;   generating graphical image data corresponding to the user input; and   transmitting, to the user device, the graphical image data corresponding to the user input.   
     
     
         26 . The method of  claim 20 , wherein:
 receiving, from the user device, a request for a first web page associated with an Internet web site, comprises receiving the request over a first interface; and   transmitting, to the user device, the visual representation of the first web page comprises transmitting the visual representation over a second interface, separate from the first interface.   
     
     
         27 . The method of  claim 20 , wherein rendering the first web page as received to generate the visual representation of the first web page comprises rendering the first web page in a video format. 
     
     
         28 . The method of  claim 20 , wherein the intermediate device comprises two or more devices. 
     
     
         29 . The method of  claim 20 , wherein the intermediate device comprises one or more virtual machines. 
     
     
         30 . The method of  claim 20 , further comprising:
 comparing the web site against a safe list;   if the web site is on the safe list:
 requesting, over the network, the first web page; 
 receiving, over the network, the first web page; and 
 transmitting the first web page to the user device; and 
   if the web site is not on the safe list:
 requesting, over the network, the first web page; 
 receiving, over the network, the first web page; 
 rendering the first web page as received to generate the visual representation of the first web page; and 
 transmitting, to the user device, in place of the first web page, the visual representation of the first web page.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.