[go: up one dir, main page]

HK1173528B - User interface accorded to tiered object related trust decisions - Google Patents

User interface accorded to tiered object related trust decisions Download PDF

Info

Publication number
HK1173528B
HK1173528B HK13100629.4A HK13100629A HK1173528B HK 1173528 B HK1173528 B HK 1173528B HK 13100629 A HK13100629 A HK 13100629A HK 1173528 B HK1173528 B HK 1173528B
Authority
HK
Hong Kong
Prior art keywords
action
user
activation
opportunity
computer
Prior art date
Application number
HK13100629.4A
Other languages
Chinese (zh)
Other versions
HK1173528A (en
Inventor
A.索韦
J.C.哈利
L.-H.黄
T.施莱纳
J.戴维斯
T.皮波尼齐
J.加斯
Original Assignee
微软技术许可有限责任公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 微软技术许可有限责任公司 filed Critical 微软技术许可有限责任公司
Publication of HK1173528A publication Critical patent/HK1173528A/en
Publication of HK1173528B publication Critical patent/HK1173528B/en

Links

Description

User interface consistent with stacked object related trust decisions
The present application is a divisional application of the chinese patent application having an application number 200480001362.7 "user interface conforming to trust determination related to stacked objects" on 7/22/2004.
Technical Field
The present invention is directed to a user interface for use in connection with trust analysis with respect to objects detected as being associated with a web page.
Background
The quality of the browsing experience on the internet or intranet is often in the hands of WEB site administrators, WEB administrators, and others who can code for a WEB site. That is, such a person can associate an object with a web page so that when the web page is loaded on a browser for the internet or an intranet, an action is activated for the object. Such objects may be embedded in the code for the web page, or they may be linked to the web page. Examples of such objects include adware and virus programs ("viruses"). Objects for adware and viruses may include downloadable code, links, URLs, pop-up windows, and data files (e.g., graphics, video, audio, and/or text). Activating actions with respect to such objects often exposes the user's computing device to rogue software that is harmful, unwanted, unnecessary, and/or unseen.
As described above, when an Internet or intranet browser loads a web page associated with the object, an action may be automatically activated with respect to such object. Alternatively, a modal dialog may be displayed when the browser loads the web page so that the user may accept or decline the opportunity to "activate the action". The intent to display such a dialog may be: the user is tricked into activating the action by hiding or removing the option of "refusing the activation opportunity". As a result, any user interaction with the dialog may result in acceptance of the activation opportunity. A further intention may be: the user is given the activation opportunity by displaying the modal dialog after each attempt by the user to decline the activation opportunity. In that case, the user may inadvertently or intentionally accept the activation opportunity due to such frustration, since the user is not in vain attempting to remove the modal dialog from the browser.
Summary of The Invention
A user interface that conforms to object-related trust decisions is described herein.
Objects related to the advertising software or virus programs may be embedded in the web page or linked to the web page. When such an object is detected as being associated with a web page loaded on a browser, an analysis may be performed to determine a trust level for the object. The object may be blocked based on the trust level. A prompt may be displayed to inform the user that the object and/or action is being suppressed, provide a description of the object, and provide an opportunity to interactively accept or decline activation of the action with respect to the object.
Brief Description of Drawings
In the following detailed description, the described embodiments are to be considered as illustrative only, since various changes and modifications will become apparent to those skilled in the art from the following detailed description. In the drawings, the left-most digit(s) of a reference number identifies the figure in which the reference number first appears. The use of the same reference numbers in different drawings indicates similar or identical items.
FIG. 1 shows a computing device in a network environment for implementing object-related trust decisions in accordance with example embodiments described herein.
Fig. 2 illustrates examples of functional components that implement these object-related trust decisions.
FIG. 3 illustrates an example of a process flow involving these components in FIG. 2.
Fig. 4 shows a process flow further to the example in fig. 3.
Fig. 5 shows another process flow further to the example in fig. 3.
FIG. 6 illustrates another process flow further to the example in FIG. 3.
FIG. 7 illustrates another process flow further to the example in FIG. 3.
FIG. 8A illustrates an example of a modeless prompt user interface provided consistent with these example embodiments of object-related trust decisions.
FIG. 8B illustrates an example of a modal prompt user interface provided consistent with these example embodiments of object-related trust decisions.
FIG. 8C illustrates an example of another modeless prompt user interface provided consistent with further example embodiments of object-related trust decisions.
FIG. 9 illustrates an example process flow with respect to the user interface of FIG. 8.
FIG. 10 illustrates an example of a general computer network environment that can be used to implement the various techniques described herein.
Detailed description of the preferred embodiments
The following is directed to various techniques for: when such an object is detected as being embedded in, linked to, or associated with a web page, a trust level is evaluated with respect to the object and/or an action associated with the object. The description further relates to a user interface with modeless prompting to inform a user that an object-related action is being suppressed, and further provides the user with an interactive opportunity to accept or decline activation of the suppressed object-related action according to the trust level for the object.
FIG. 1 shows an example of a computing device 105, the computing device 105 having a trust level analysis component 107 to perform trust level analysis with respect to detected objects. The detected object is associated with a web page received over network 110 from source 115 or 120.
Computing device 105 may be any of a variety of conventional computing devices (e.g., a desktop Personal Computer (PC)). Alternatively, computing device 105 may be a network-associated device such as, but not limited to, a Personal Digital Assistant (PDA), laptop computer, smart phone, etc., that may communicate with network 110 via a wired and/or wireless link. An example embodiment of the client device 105 is described in further detail below with reference to fig. 10.
Any of data sources 115 and 120 may be server devices that provide any of a variety of data and/or functionality to computing device 105. Data sources 115 and 120 may be server devices such as web servers or application servers. A web server is a server device that delivers content to computing device 105 via network 110. Such content may include web content encoded in hypertext markup language (HTML) that may also contain JavaScript code or other commands. It will be understood that: either of the data sources 115 and 120 may be used in other networks that are part of the "world wide web" (e.g., where the network 110 includes the internet), as well as in other networks that are not part of the "world wide web" (e.g., intranets).
FIG. 2 represents the functional components of an embodiment for performing trust level analysis with respect to objects detected as being associated with a web page. This example in FIG. 2 is described with reference to this example in FIG. 1, where trust level analysis 107 is performed on computing device 105 with respect to detected objects associated with a web page received over network 110 from source 115 or 120.
According to this example in fig. 2, when web page 207 is loaded onto a browser of computing device 105, object detector 205 is capable of detecting object 208 embedded in web page 207, linked to web page 207, or associated with web page 207. Examples of objects 208 include adware and viruses, any of which may be exposed to computing device 105 as downloadable code, links, URLs, pop-up windows, and data files. Object detector 205 may be a module on the browser or in the operating system of computing device 105. The object is detected prior to activating the action associated with the object, and the detecting may include: an attempt to, for example, load code, open an HTML document, access and/or open a data file is detected.
Trust analyzer 210 evaluates a trust level to be met by detected object 208 based on at least one of the content, source, or action associated with object 208. This level of trust that conforms to object 208 affects: whether the action can be activated with respect to the object without being blocked; whether to suppress the action while providing the user with an opportunity to interactively accept or decline activation of the action with respect to the object; or whether the action with respect to the object is completely blocked. It will be understood that: other trust levels and their consequences can be appreciated by those versed in the art; and the examples provided herein are not to be considered as limiting.
Objects that are evaluated as having an explicit trustworthiness rating may have their associated actions activated unimpeded. All other objects have their associated actions suppressed by suppressor 215. A user interface 220 is provided to inform the user of the suppression of the action with respect to the object and further to provide the user with an opportunity to interactively accept or decline activation of the action with respect to the object.
FIG. 3 provides a process overview of an example embodiment. This example in fig. 3 is explained with reference to the example embodiments in fig. 1 and 2 described above.
With respect to FIG. 3, when web page 207 is loaded on a browser on computing device 105 for the Internet or an intranet, object 208 is detected 310 as being associated with web page 207. This detection 310 of the object 208 includes: the code of object 208 is evaluated to determine at least one of the content, source, and action of the object 208. It should be noted that the embodiments described herein are not limited to browsers for the internet or intranets. For example, any reader or player of multimedia documents may be incorporated therein. However, these example embodiments are described in terms of Internet and intranet browsers-with the understanding that such examples are not limiting.
It may optionally be further determined 315: whether the user has initiated an action with respect to object 208. That is, these browser settings may be evaluated to determine: whether the action on object 208 was previously requested or initiated by the user of computing device 105 before or during the loading of web page 207 on the browser. For example, if the certificate corresponding to object 208 is deemed equivalent to a certificate for an existing program on computing device 105, object 208 may be detected as including a file to upgrade the existing program on computing device 105.
Activation opportunity 320 may include: an action is automatically activated with respect to object 208. Alternative embodiments may display modal prompts to provide the user with an opportunity to interactively accept or decline activation of the action for object 208; alternatively, a modeless prompt is displayed to inform the user of the impending action. Security settings and/or browser settings for computing device 105 may be configured to accommodate any of the above options for activation opportunity 320.
In the present example of FIG. 3, the action of object 208 may be automatically activated when the action has been determined 315 to be user initiated. However, given the increasing amount of poor quality software scattered throughout network 110, additional warning measures may be taken by displaying a prompt to inform the user that the action for object 208 is about to be activated and/or providing the user with the last opportunity to "cancel such activation". The prompt may be a modal prompt or a modeless prompt.
And modal prompt request: the user interactively accepts or denies activation of the action with respect to object 208. Modeless prompts, on the other hand, only inform the user of the action, thereby reducing the likelihood that the user will inadvertently activate the action. The modeless prompt does not provide the user with an opportunity to interactively accept or decline activation of the action with respect to object 208, but the modeless prompt may display a description of object 208 that facilitates providing the user with a further opportunity to interactively accept or decline activation of the action. Further details of such modeless prompts are provided below with respect to fig. 8A, 8B and 9.
A trust analysis is performed 325 on actions with respect to object 208 that are optionally determined 315 to not be user initiated. As set forth above with respect to fig. 2, when the security settings of the browser have been evaluated, a trust level conforms to detected object 208 based on, for example, at least one of the content, source, and action associated with object 208. As such, these trust levels may be considered tiered. That is, object 208 may conform to a variable trust level based on the content, source, and action corresponding to object 208, rather than merely being determined to be only trusted or untrusted. This level of trust with respect to object 208 may affect which option within activation opportunity 320 may be performed for this action of object 208. Trust analysis 325 will be described in further detail with reference to these examples in fig. 4-7.
When an object 208 does not meet at least one threshold trust level according to a variable combination of its content, source, and action, the object is blocked 330. When an object is blocked, the action with respect to the object is suppressed. Thus, any attempt to load code, open an HTML document, access and/or open a data file will not succeed unless the user interactively accepts the opportunity to "open the object".
With respect to object 208 having its actions blocked, further warning measures may be taken to prevent exposure of computing device 105 to harmful, unwanted, and/or unnecessary software. Accordingly, either of the modal prompt or modeless prompt may be displayed in response to object 208 being blocked; alternatively, the action on object 208 may be deprived of any activation opportunity altogether. As described above, modal cues provide the user with an opportunity to interactively override the action for object 208 being blocked. The modeless prompt informs the user that the action for object 208 has been blocked, but may further present the user with an opportunity to interactively accept activation of the action for object 208.
When object 208 and/or the associated action are blocked 330 and either a modal prompt or modeless prompt is displayed, the user receives a further opportunity to activate the action with respect to object 208. Modal prompts typically include an option for the user to "accept" or "decline" activation of the action with respect to object 208. Modeless prompts display a report indicating "block the action for object," but also provide the user with an opportunity to investigate details of object 208 and the blocked action, which may result in a further opportunity to interactively accept or decline activation of the action. Details of examples of modeless prompts are provided below with respect to figures 8A, 8B and 9.
When the user interactively accepts the opportunity to activate the action for object 208, web page 207 is typically reloaded (i.e., refreshed) in order to activate the action. On the other hand, when the user interactively declines activation of the action with respect to object 208, the object may be blocked 330 by either deleting the object 208 entirely from computing device 105 or by displaying another prompt for the user.
Fig. 4-7 are provided to illustrate further embodiments of this example to fig. 3. More specifically, fig. 4-7 provide details regarding the trust level analysis 325 performed by analyzer 210 in fig. 3 to evaluate which of these stacked trust levels may conform to object 208. FIG. 4 depicts an example in which a trust level analysis is performed on a non-user activated code download on the browser; FIG. 5 depicts an example in which trust level analysis is performed on code downloads that may or may not be securely executed on the browser; FIG. 6 depicts an example in which a trust level analysis is performed on a pop-up window; also, FIG. 7 depicts an example in which a trust level analysis is performed on navigation objects that may or may not override these security settings of computing device 105.
Fig. 4-7 differ from fig. 3 primarily in this performance aspect of trust analysis 325. Thus, the following description of FIGS. 4-7 is provided — with an emphasis on this performance of the trust analysis 325. Any further variations in fig. 4-7 that differ from this illustration of fig. 3 will be described.
FIG. 4 depicts an example in which a trust level analysis is performed on a non-user activated code download on the browser. More specifically, when web page 207 is loaded on a browser with respect to computing device 105, object 208 is detected 310 as being associated with web page 207. According to the present embodiment, based on an evaluation of the code for object 208, object 208 is determined to be a software module that enables functionality by calling off-the-shelf components that are incorporated and appear to be part of the code for web page 207. A non-limiting example of such code found in object 208 is an ActiveX control, which is based on the "component object model" (COM) structure developed by Microsoft corporation. On the internet or on an intranet, an ActiveX control can be linked to a web page 207 and downloaded by an associated browser and activated as any other executable program.
Determining 315: whether the user has initiated an action with respect to object 208. If so, then activation opportunity 320 may include: an action is automatically activated with respect to object 208. Alternative embodiments may display modal prompts to provide the user with an opportunity to interactively accept or decline activation of the action for object 208; alternatively, a modeless prompt is displayed to inform the user of the impending action.
This trust level analysis 325 with respect to non-user activated code downloads determines: whether the source of object 208 is trusted. A source may be determined to be trusted if content from the source already exists on computing device 105 or if other security settings of computing device 105 have indicated that "the content from the source of object 208 is acceptable on computing device 105".
A positive trust evaluation 426 for object 208 results in an activation opportunity 320 for this action for object 208. With respect to trusted object 208, activation opportunity 320 may include automatic activation of the action with respect to object 208. Alternatively, activation opportunity 320 may include any of a modal prompt or modeless prompt as a warning measure, as described above with respect to FIG. 3. The security settings and/or browser settings for computing device 105 may be configured to accommodate any options for activation opportunity 320.
If the source of object 208 is determined 426 to be untrustworthy, then the browser's settings are evaluated to determine: whether the source of object 208 is explicitly untrusted. If object 208 is determined 427 to originate from an explicitly untrusted source, then the action with respect to object 208 is blocked 330. An example of an explicit untrusted source is the origin of a previously detected virus, which may then be stored in the security settings for the browser. Alternatively, if no credentials exist on the downloaded code, if the user has previously chosen to distrust the publisher to which the credentials refer, or according to the security settings of the browser, the source may be considered explicitly untrusted.
According to the example embodiments described herein, when an object is blocked 330, the action is suppressed with respect to object 208. The browser then displays a modeless prompt to notify the user to: the action has been suppressed with respect to object 208. The continued interaction with the modeless prompt performed by the user may result in an opportunity for the user to gather details about object 208 and the suppressed action, which may result in a further opportunity to interactively accept or decline activation of the action about object 208. However, with regard to the untrusted object 208, further alternatives may include: object 208 is completely deleted from computing device 105 without providing the user with the opportunity to expose computing device 105 to content from an untrusted source.
If the source of object 208 is not determined 427 to be explicitly untrusted, then determination 428: whether object 208 contains an upgrade with respect to an object or program already present on computing device 105. If the evaluation of the browser and program settings of computing device 105 determines 428 that object 208 upgrades an existing object or program, activation opportunity 320 is provided for the action of object 208. Activation opportunity 320 may include any of the modal prompt or modeless prompt being displayed for the user, as described above with respect to fig. 3. The security settings and/or browser settings for computing device 105 may be configured to accommodate any options for activation opportunity 320.
If the evaluation of these browser settings, program settings, or security settings on computing device 105 determines 428 that object 208 does not upgrade an object or program already present on computing device 105, then a determination 429 is made: whether a flag is set on computing device 105. For example, the download flag may be set for any of these browser settings, program settings, or security settings on computing device 105. For example, the download flag may pertain to downloads from a particular source or for particular content.
If the evaluation of the settings for the browser or computing device 105 determines 429 that a flag is set, the action of object 208 is provided with an activation opportunity 320 to display either a modal prompt or a modeless prompt for the user, as described above with respect to FIG. 3.
If the evaluation of the browser and settings of computing device 105 determines 429 that the download flag is not set, object 208 is blocked 330 and the action with respect to object 208 is suppressed. The browser then displays a modeless prompt to notify the user to: the action has been suppressed with respect to object 208. Continued interaction with the modeless prompt by the user may result in an opportunity for the user to investigate details about object 208 and the suppressed action, which may result in a further opportunity to interactively accept or decline activation of the action about object 208.
If the user interactively accepts 335 the opportunity to activate the action for object 208, then web page 207 is reloaded or refreshed, thereby activating the action for object 208. However, if the user interactively declines the opportunity to activate the action for object 208, object 208 is still blocked. It will be understood that: when object 208 is blocked 330, the user's browsing experience on web page 207 will continue, but will not be exposed to the content of object 208.
FIG. 5 depicts an example in which a trust level analysis is performed on content that may not be securely shown within the browser. More specifically, when web page 207 is loaded on a browser with respect to computing device 105, object 208 is detected 310 as being associated with web page 207. According to the present embodiment, object 208 is determined to be a content type that is not hosted by the browser of computing device 105 based on an evaluation of the code for object 208. That is, the content or data associated with object 208 is not of a type such as HTML, XML, or plain text that the browser can directly process, and is not of a type that can be attached to a browser (e.g., Adobe and Adobe)Or Microsoft WindowsAttachments included together) will be required: or eitherLaunching an application outside the browser, or executing the file itself.
A determination is made 315: whether the user has initiated the loading of object 208 on the browser of computing device 105. If so, the activation opportunity 320 may include: the object 208 is automatically loaded on the browser. Alternative embodiments may display modal prompts to provide the user with an opportunity to interactively accept or decline activation of the action for object 208; alternatively, a modeless prompt is displayed to inform the user of the impending action.
A trust analysis 325 is performed on the content for the object 208 that is determined 315 to not be user-initiated. According to the present embodiment, based on an evaluation of this code for object 208, a determination 526 is made: whether the content of object 208 may be rendered on the browser of computing device 105 based on the perceived security of the content type. A positive determination 526 for object 208 may result in an activation opportunity 320 for object 208. With respect to trusted object 208, activation opportunity 320 may include: the content of object 208 is automatically rendered. Alternatively, activation opportunity 320 may include any of a modal prompt or modeless prompt, as described above with respect to FIG. 3. The security settings and/or browser settings for computing device 105 may be configured to accommodate any options for activation opportunity 320.
If the content of object 208 is determined 526 to be non-renderable, then determination 527: whether the content of object 208 requires downloading. If it is determined 527 that the content of object 208 does not require downloading, then object 208 is provided with an activation opportunity 320. Activation opportunity 320 may include: the content of object 208 is automatically rendered on the browser. Alternatively, a modal prompt may be displayed to provide the user with an opportunity to interactively accept or decline this presentation of object 208; alternatively, a modeless prompt may be displayed to inform the user of the rendering opportunity for object 208.
If determination 527 "this content of object 208 is security required", then determination 528: whether a flag is set on computing device 105. For example, the download flag may be set for any of these browser settings, program settings, or security settings on computing device 105. Further to this example, the flag indicating that the user temporarily grants at least partial trust may pertain to downloads from a particular source or for particular content, for example. If the evaluation of these browser settings, program settings, or security settings on computing device 105 determines 528 that the download flag is set, activation opportunity 320 is provided to render the content of object 208 so that a modal prompt or modeless prompt is displayed by the browser.
If the evaluation of the browser and settings of computing device 105 determines 528 that the download flag is not set, object 208 is blocked 330 and its rendering is suppressed. The browser then displays a modeless prompt to notify the user to: this rendering of object 208 has been suppressed. Continued interaction with the modeless prompt by the user may result in an opportunity for the user to investigate details about object 208 and the suppressed action, which may result in a further opportunity to interactively accept or decline presentation of object 208.
If the user interactively accepts 335 the opportunity to render object 208, then web page 207 is reloaded or refreshed, rendering object 208. However, if the user interactively declines this opportunity to "render object 208," object 208 is still blocked. The user's browsing experience on web page 207 continues, but without performing the rendering of object 208.
FIG. 6 depicts an example in which a trust level analysis is performed on a pop-up window. A pop-up window is an overlapping window that is typically used for dialog boxes, message boxes, and other temporary windows that appear separate from the main window of web page 207. It will be understood that: the logic for determining whether object 208 is a pop-up window may be adjusted to include or exclude particular objects (e.g., alarms, acknowledgements, etc.).
A determination is made 315: whether the user has launched object 208. If so, the activation opportunity 320 may include: the pop-up window of objects 208 is automatically displayed on the browser. Alternative embodiments may display modal prompts to provide the user with an opportunity to interactively accept or decline the display of the pop-up window for object 208; alternatively, a modeless prompt is displayed to inform the user of this impending display.
For the example embodiment in FIG. 6, trust analysis 325 may optionally be performed on the content of object 208 that is determined 315 to not be user-initiated because: this analysis may be redundant for content determined to include pop-up windows. In any event, if it is optionally determined 626 from, for example, further evaluation of the code of object 208 that "the content of object 208 does not include a pop-up window," then activation opportunity 320 is provided for object 208.
However, if the evaluation of object 208 determines that "its content is a pop-up window," object 208 is blocked 330 and its display is suppressed. The browser then displays a modeless prompt to notify the user to: the display of object 208 has been suppressed. The continued interaction with the modeless prompt performed by the user may result in an opportunity for the user to gather details about object 208 and the suppressed action, which may result in a further opportunity to interactively accept or decline presentation of object 208.
If the user interactively accepts 335 the opportunity to render object 208, the pop-up window is replayed 337. However, if the user interactively declines the opportunity to "show the pop-up window for object 208," object 208 is still blocked. The user's browsing experience on web page 207 continues unchanged.
FIG. 7 depicts an example in which a trust level analysis is performed on navigation objects that may override these security settings of computing device 105. This example pertains to detected object 208 (for example), where detected object 208 contains a URL that links the browser to another web page.
If it is determined that the Internet or intranet security settings for the browser on computing device 105 permit access to the URL of object 208, activation opportunity 320 may include: the web page linked by object 208 is automatically opened on the browser. Alternative embodiments may display modal prompts to provide the user with an opportunity to interactively accept or decline the 'opportunity to open the web page linked by object 208'; alternatively, a modeless prompt is displayed to inform the user to: the web page is about to open.
A trust analysis 325 is performed on the object 208 that is optionally determined 315 to not be user-initiated. Determining 726: whether the security settings of the browser permit opening of the web page linked by object 208. For example, the determination may include: it is evaluated whether the web page linked by object 208 is associated with an intranet for which the browser of computing device 105 is authorized, or a web page on the internet permitted by a firewall for network 110. Determining 726: whether a security setting flag is set. The security setting flag may have been set based on a previous activation opportunity. A positive determination may result in an activation opportunity 320 for object 208.
If the evaluation of object 208 determines that "these security settings do not permit the web page to be opened," then the action is suppressed. The browser then displays a modeless prompt to notify the user to: the web page linked by object 208 has been suppressed. Continued interaction with the modeless prompt by the user may result in an opportunity for the user to gather details about object 208 and the suppressed action, which may result in a further opportunity to interactively accept or decline to open the web page linked by object 208.
If the user interactively accepts 335 the opportunity to open the web page linked by object 208, then web page 207 is reloaded or refreshed, which also opens the web page linked by object 208. However, if the user interactively declines this opportunity to "render object 208," object 208 is still blocked. The user's browsing experience on web page 207 continues without opening the web page linked by object 208.
Fig. 8A shows an example embodiment of a user interface 800 described with reference to the example embodiments in fig. 1-7. In particular, user interface 800 includes a browser toolbar 802 and modeless prompt 805, which may be displayed for activation opportunity 320 or block object 320 described with respect to FIGS. 3-7. In such instances, modeless prompt 805 is displayed to inform the user that the object-related action is being suppressed, and further provides the user with an opportunity to interactively accept or decline activation of this suppressed object-related action.
More specifically, toolbar 802 is displayed as a browser (e.g.,internet explorer), which can be used to browse the internet or an intranet on computing device 105. In conjunction with these process flows in fig. 3-7, modeless prompt 805 includes a text field to provide a report to the user: inhibiting actions with respect to object 208. To catch the user's attention, the text field of modeless prompt 205 may displace web page 207 as opposed to being "displayed on top of a portion of the web page". In addition, the text in modeless prompt 805 may be broken into two lines, and an omission symbol may be provided to indicate: whether certain content is missing. Thus, for example, example FIG. 8A (relates toInternet Explorer), the text in modeless prompt 805 states: "Internet Explorer has blocked the download of untrusted software". However, such embodiments are merely examples and are not intended to be limiting.
Example embodiments of modeless prompt 805 may also provide the user with an interactive opportunity to "investigate details of object 208," which action of object 208 has been suppressed as described above. For example, when cursor 807 hovers over a portion of modeless prompt 805 (which may or may not require the user to activate the pointer), menu 810 may be displayed to inform the user of the characteristics of any object 208 for which an action has been suppressed 208. For example, menu 810 lists these features of object 208 in FIGS. 4-7 above, although this embodiment is used as an example only. In FIG. 8A, menu 810 indicates actions for the following objects to be suppressed: non-user initiated code installation 815, code that may not be securely shown inside browser 820, pop-up window 825, and object override security settings 830. However, alternative embodiments of menu 810 may include only one of items 815, 820, 825, and 830. That is, such alternative embodiments may display menu items related to the most recently blocked object 208.
In particular menu 810, example embodiments of modeless prompt 805 may provide the user with a further opportunity to interactively accept or decline activation of the action for object 208. In particular, modal cues may be displayed when the cursor 807 hovers over a selected object in the menu 810, which may or may not require the user to activate the pointer. In this way, the user is provided with an opportunity to interactively accept or decline activation of the action for object 208 corresponding to the description over which cursor 807 is hovering.
Fig. 8B shows an example of modal prompt 840 described with reference to the example embodiments in fig. 1-8A. In particular, modal prompt 840 may be displayed for activation opportunity 320 or blocking object 320 described with respect to FIGS. 3-7, or as this further opportunity to interactively accept or decline activation of object 208 described with respect to FIG. 8A. In such instances, modal prompt 840 is displayed to request the user's interactive selection to either accept 845 or decline 850 activation of this suppressed object-related action.
Fig. 8C shows an example of modeless prompt 850 described with reference to the example embodiments of fig. 7-1 (and in particular fig. 4). Modeless prompt 850 may be displayed if object 208 is determined to be explicitly untrusted, or if a credential corresponding to object 208 has been previously blocked by the user or does not exist at all. In this case, modeless prompt 850 may inform the user that an action for an untrusted object has been suppressed, but further provide the user with an opportunity to interactively accept or decline activation of this suppressed object-related action.
FIG. 9 illustrates an example process flow with respect to the user interface of FIG. 8A.
In connection with the example embodiments of fig. 3-8A, modeless prompt 805 is displayed 905 as a text field to inform the user to: inhibiting actions with respect to object 208.
For example, when modeless prompt 805 is activated, a user action is detected 910, which may or may not require the user to activate the pointer by clicking a mouse. This display 915 of the menu 810 depicts the object 208, with the action for the object 208 suppressed. Further user interaction with the modeless prompt may result in the display of modal prompt 840. For example, when menu 810 is displayed and cursor 807 hovers over a selected object in menu 810 (which may or may not require the user to activate the pointer), a modal prompt may be displayed, and modal prompt 840 may be displayed to provide the user with an opportunity to interactively accept or decline activation of the action for object 208. Even further user interaction actions are detected 920 in conjunction with modal prompt 840 to interactively accept or decline activation of the action with respect to object 208.
FIG. 10 illustrates a general computer environment 1000, which can be used to implement the various techniques described herein. The computer environment 1000 is only one example of a computing environment and is not intended to suggest any limitation as to the scope of use or functionality of the computer and network architectures. Neither should the computer environment 1000 be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the example computer environment 1000.
The computer environment 1000 includes a general-purpose computing device in the form of a computer 1002, which may include the computing device 105 described in accordance with the embodiments described above. These components of computer 1002 may include, but are not limited to, one or more processors or processing units 1004, a system memory 1006, and a system bus 1008 that couples various system components including the processor 1004 to the system memory 1006.
The system bus 1008 represents one or more of any of several types of bus structures, including a memory bus or memory controller, a peripheral bus, an accelerated graphics port, and a processor or local bus using any of a variety of bus architectures. By way of example, such architectures can include an Industry Standard Architecture (ISA) bus, a Micro Channel Architecture (MCA) bus, an Enhanced ISA (EISA) bus, a Video Electronics Standards Association (VESA) local bus, a Peripheral Component Interconnect (PCI) bus (also known as a Mezzanine bus), a PCI Express bus, a Universal Serial Bus (USB), a Secure Digital (SD) bus, or an IEEE 1394 (i.e., FireWire) bus.
Computer 1002 may include a variety of computer readable media. Such media can be any available media that is accessible by computer 1002 and includes both volatile and nonvolatile media, removable and non-removable media.
The system memory 1006 includes computer-readable media in the form of volatile memory (e.g., Random Access Memory (RAM)1010) and/or non-volatile memory (e.g., Read Only Memory (ROM)1012 or flash RAM). A basic input/output system (BIOS)1014, containing the basic routines that help to transfer information between elements within computer 1002, such as during start-up, is stored in ROM1012 or flash RAM. RAM 1010 typically contains data and/or program modules that are immediately accessible to and/or presently being operated on by processing unit 1004.
Computer 1002 may also include other removable/non-removable, volatile/nonvolatile computer storage media. By way of example, FIG. 10 illustrates a hard disk drive 1016 that reads from or writes to non-removable, nonvolatile magnetic media (not shown), a magnetic disk drive 1018 that reads from or writes to a removable, nonvolatile magnetic disk 1020 (e.g., a "floppy disk"), and an optical disk drive 1022 that reads from or writes to a removable, nonvolatile optical disk 1024 such as a CD-ROM, DVD-ROM, or other optical media. The hard disk drive 1016, magnetic disk drive 1018, and optical disk drive 1022 are each connected to the system bus 1008 by one or more data media interfaces 1025. Alternatively, the hard disk drive 1016, magnetic disk drive 1018, and optical disk drive 1022 may be connected to the system bus 1008 by one or more interfaces (not shown).
The disk drives and their associated computer-readable media provide nonvolatile storage of computer readable instructions, data structures, program modules and other data for computer 1002. Although this example illustrates a hard disk 1016, a removable magnetic disk 1020, and a removable optical disk 1024, it is to be understood that: other types of computer-readable media that can store data that is accessible by a computer (e.g., magnetic cassettes or other magnetic storage devices, flash memory cards, CD-ROM, Digital Versatile Disks (DVD) or other optical storage, Random Access Memories (RAM), Read Only Memories (ROM), electrically erasable programmable read-only memory (EEPROM), and the like) can also be used to implement the example computing system and environment.
Any number of program modules can be stored on the hard disk 1016, magnetic disk 1020, optical disk 1024, ROM1012, and/or RAM 1010, including by way of example, an operating system 1026, one or more application programs 1028, other program modules 1030, and program data 1032. Each of such operating system 1026, one or more application programs 1028, other program modules 1030, and program data 1032 (or some combination thereof) may execute in support of all or part of the resident components of the distributed file system.
A user may enter commands and information into the computer 1002 through input devices such as a keyboard 1034 and pointing device 1036 (e.g., a "mouse"), other input devices 1038 (not expressly shown) may include a microphone, joystick, game pad, satellite dish, serial port, scanner, and/or the like, these and other input devices being connected to the processing unit 1004 via input/output interfaces 1040 that are coupled to the system bus 1008, but may be connected by other interface and bus structures, such as a parallel port, game port, or a Universal Serial Bus (USB).
A monitor 1042 or other type of display device can also be connected to the system bus 1008 via an interface, such as a video adapter 1044. In addition to the monitor 1042, other output peripheral devices can also include components such as speakers (not shown) and a printer 1046 which can be connected to computer 1002 via the I/O interfaces 1040.
Computer 1002 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computing device 1048. By way of example, remote computing device 1048 can be a PC, portable computer, a server, a router, a network computer, a peer device or other common network node, and the like. The remote computing device 1048 is illustrated as a portable computer that may include many or all of the elements and features described herein relative to computer 1002. Alternatively, the computer 1002 may operate in a non-networked environment.
Logical connections between computer 1002 and the remote computer 1048 are depicted as a Local Area Network (LAN)1050 and a general Wide Area Network (WAN) 1052. Such networking environments are commonplace in offices, enterprise-wide computer networks, intranets and the Internet.
When implemented in a LAN networking environment, the computer 1002 is connected to the local network 1050 via a network interface or adapter 1054. When performed in a WAN networking environment, the computer 1002 typically includes a modem 1056 or other means for establishing communications over the wide network 1052. The modem 1056, which can be internal or external to computer 1002, can be connected to the system bus 1008 via the I/O interfaces 1040 or other appropriate mechanisms. It will be understood that: the network connections shown are examples and other means of establishing at least one communication link between the computers 1002 and 1048 can be used.
In a networked environment, such as that illustrated with computing environment 1000, program modules depicted relative to the computer 1002, or portions thereof, may be stored in a remote memory storage device. By way of example, remote application programs 1058 reside on a memory device of remote computer 1048. For purposes of illustration, applications or programs and other executable program components (e.g., the operating system) are illustrated herein as discrete blocks, although it is recognized that: such programs and components reside at various times in different storage components of computing device 1002, and are executed by at least one data processor of the computer.
Various modules and techniques may be described herein in the general context of computer-executable instructions, such as program modules, executed by one or more computers or other devices. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. Typically, the functionality of the program modules may be combined or distributed as desired in various embodiments.
An implementation of these modules and techniques may be stored on or transmitted across some form of computer readable media. Computer readable media can be any available media that can be accessed by a computer. By way of example, and not limitation, computer readable media may comprise "computer storage media" and "communication media".
"computer storage media" include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules, or other data. Computer storage media includes, but is not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, Digital Versatile Disks (DVD) or other optical disk storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store the desired information and which can be accessed by a computer.
"communication media" typically embodies computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism. Communication media also includes any information delivery media. The term "modulated data signal" means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of non-limiting example, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. Combinations of any of the above are also included within the scope of computer readable media.
While example embodiments and applications of the present invention have been shown and described, it will be understood that: the present invention is not limited to the precise configurations and resources described above. Various modifications, changes, and variations apparent to those skilled in the art may be made in the arrangement, operation, and details of the methods and systems of the present invention disclosed herein without departing from the scope of the claimed invention.
However, one skilled in the relevant art will recognize that: the invention may be practiced without one or more of these specific details, or with other methods, resources, materials, etc. In other instances, well-known structures, resources, or operations have not been shown or described in detail merely to avoid obscuring aspects of the invention.

Claims (10)

1. A method associated with a computer having a user interface, the method comprising:
performing an analysis to determine a trust level for the object;
in response to determining that the object relates to at least one of a non-user initiated code installation, code that is not securely shown inside a browser, a pop-up window, and an object that overrides a security setting of the computer, suppressing an action of the object;
displaying a modeless prompt, the modeless prompt providing information that an action of the subject has been suppressed;
receiving an activation of the modeless prompt;
in response to receiving activation of the modeless prompt, performing operations comprising:
displaying at least one characteristic relating to the object;
displaying an activation opportunity for the object, wherein the activation opportunity provides an opportunity to interactively accept activation of the suppressed object; and
receiving an indication to activate an action with respect to the object; and
in response to receiving the activation, allowing activation of an action of the object.
2. A method associated with a computer having a user interface, the method comprising:
performing an analysis to determine a trust level for at least one object of a plurality of objects associated with a web page;
in response to determining that the at least one object relates to at least one of a non-user initiated code installation, a code that is not securely shown inside a browser, a pop-up window, and an object that overrides a security setting of the computer, inhibiting an action of the at least one object;
displaying a report that the motion of the at least one object is suppressed; and
displaying a description of the at least one object in a modeless prompt without any modal interaction by the user, wherein a description of all objects of the plurality of objects may be displayed;
displaying an interactive prompt to cause an action to be performed on the at least one object;
wherein the description of the at least one object is displayed with a sequential listing of blocked objects associated with the web page.
3. The method of claim 2, wherein the interactive prompt enables user interaction to disarm the action.
4. The method of claim 2,
displaying a description of the at least one object in accordance with a description of a further blocked object associated with the web page, an
The method further comprises the following steps: allowing an action to be performed on at least one of the blocked object and the further blocked object.
5. The method of claim 2, wherein the displaying of the description of the at least one object is performed in response to a user action.
6. The method of claim 2, wherein the displaying of the description of the at least one object is performed in response to a user action, the user action comprising clicking while a pointer hovers over a portion of the modeless prompt.
7. The method of claim 2, wherein the at least one object comprises any of downloadable code, a URL, a pop-up window, or a link to a file.
8. The method of claim 2, wherein the at least one object is a link to an object on a remote server; and the object on the remote server includes any of downloadable code, a script, a pop-up window, a link to a video file, a link to an audio file, or a link to a text file.
9. A computer-readable storage medium storing instructions that, when executed, cause a computer to perform the method of any of claims 1-8.
10. A computer system comprising means for performing the method of any one of claims 1-8.
HK13100629.4A 2004-02-17 2013-01-15 User interface accorded to tiered object related trust decisions HK1173528B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/779,925 2004-02-17

Publications (2)

Publication Number Publication Date
HK1173528A HK1173528A (en) 2013-05-16
HK1173528B true HK1173528B (en) 2018-10-26

Family

ID=

Similar Documents

Publication Publication Date Title
US20190260773A1 (en) Tiered object-related trust decisions
JP4104640B2 (en) User interface adapted to stepped object-related trust decisions
US6779117B1 (en) Authentication program for a computer operating system
US20100037317A1 (en) Mehtod and system for security monitoring of the interface between a browser and an external browser module
US20110106948A1 (en) Running Internet Applications with Low Rights
US20100192165A1 (en) Ascertaining domain contexts
US11073994B2 (en) System and method to secure a computer system by selective control of write access to a data storage medium
HK1173528B (en) User interface accorded to tiered object related trust decisions
HK1173528A (en) User interface accorded to tiered object related trust decisions
HK1174410A (en) Tiered object-related trust decisions
HK1174410B (en) Tiered object-related trust decisions
CN111538990A (en) Internet analysis system