COMPUTER DEVICE AND METHOD FOR SELECTIVE CONTENT ISOLATION

Organization Name

Microsoft Technology Licensing, LLC

Inventor(s)

Vikas Malik of Bothell WA (US)

Nir Mardiks Rappaport of Bellevue WA (US)

Vinay Kumar Shiva of Sunnyvale CA (US)

COMPUTER DEVICE AND METHOD FOR SELECTIVE CONTENT ISOLATION - A simplified explanation of the abstract

This abstract first appeared for US patent application 18069615 titled 'COMPUTER DEVICE AND METHOD FOR SELECTIVE CONTENT ISOLATION

Simplified Explanation: The patent application describes a network proxy agent that operates within an isolated execution environment, routing network traffic to and from a non-isolated application instance through this environment. A content access policy agent enforces content access policies within the isolated environment.

Key Features and Innovation:

• Network proxy agent operates within an isolated execution environment.
• Content access policy agent enforces content access policies within the isolated environment.
• Network traffic to and from the non-isolated application instance is routed through the network proxy agent.

Potential Applications: This technology could be applied in secure web browsing, content filtering, and data protection applications.

Problems Solved: This technology addresses the need for secure network communication, content access control, and data protection in online environments.

Benefits:

• Enhanced security for network communication.
• Improved content access control.
• Increased data protection measures.

Commercial Applications: Potential commercial applications include secure browsing solutions for businesses, content filtering services for educational institutions, and data protection tools for sensitive industries.

Prior Art: Prior art related to this technology may include research on network proxies, content filtering systems, and secure browsing solutions.

Frequently Updated Research: Ongoing research in the field of network security, content filtering, and data protection may provide valuable insights into the development and implementation of this technology.

Questions about Network Proxy Agent Technology: 1. How does the network proxy agent ensure secure communication between the isolated execution environment and the non-isolated application instance? 2. What are the potential challenges in implementing and maintaining a content access policy agent within an isolated execution environment?

Original Abstract Submitted

In one or more examples, a network proxy agent runs inside an isolated (e.g. sandboxed or virtualized) execution environment and a non-isolated application (e.g., web browser) instance runs outside of the isolated execution environment. The network proxy agent acts as a proxy in the sense that network traffic to and from the application instance is routed through the network proxy agent, and thus via the isolated execution environment. A content access policy is supplied to the content access policy agent, and the content access policy agent enforces the content access policy inside the isolated execution environment in relation to the network traffic. For example, content from a certain resource may be restricted according to the content access policy, in which case content requested from that resource is contained within the isolated environment, and replacement content is served to the non-isolated application instance instead.