Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Web Browser Plug-In Permissions

IP.com Disclosure Number: IPCOM000012357D
Original Publication Date: 2003-Apr-30
Included in the Prior Art Database: 2003-Apr-30
Document File: 2 page(s) / 58K

Publishing Venue

IBM

Abstract

Described herein is a formal permissions scheme devised for limiting the execution of web browser plug-ins and thereby reducing the occurance of intrusive third-party web content.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 53% of the total text.

Page 1 of 2

Invention Disclosure Publication for RPS8-2003-0011

Prepared for and/or by an IBM Attorney - IBM Confidential

Created By Michele M Fitzsimmons On 04/04/2003 10:03:59 AM

Last Modified By William G Pagan On04/04/2003 11:06:59 AM

Required fields are marked with the asterisk ( * ) and must be filled in to complete the form .

Editors of this article William G Pagan/Raleigh/IBM Status Awaiting IP Approval
Title Web Browser Plug-In Permissions Inventors William G Pagan
Attorney Martin McKinley/Raleigh/IBM Functional Area (SERVER) SERVER click on "Select" in the action bar Processing Loc RPS

Publication Information

Date Approved

Publication Name Research Disclosure Date Sent
Date Published
Article Number
Page Number
Issue Number
Number of Pages

* Enter a brief abstract for this article

Described herein is a formal permissions scheme devised for limiting the execution of web browser plug-ins and thereby reducing the occurance of intrusive third-party web content.

* Enter the body of your Invention Disclosure Publication below. You may include drawings and highlighting as appropriate.

    In an attempt to circumvent currently enacted security measures taken by modern web browsers, many sites are resorting to alternative means of loading undesired content on a user's machine. Often times, browser plug-ins are exploited to accomplish this task. Advertisements are one realm where content is being pumped through Flash, Real Media and other plug-ins. Other times, sites deploy sound schemes, themes and other annoying oddities. Proposed herein is a methodology to counteract the vulnerability of modern web browsers to exploitation by plug-ins. This methodology can be implemented and enforced by the browser, by plug-ins themselves, or by a combination of the two.

    Before a browser can invoke a plug-in in this proposed scheme, it will first have to check for proper permissions. The browser can provide such permission based on user-specified criteria. For example, the user could select one from the following four available choices: "Always load", "Ask permission", "Manual load only" or "Do Not Load". The definition of these settings is as follows:

1) Always Load - The specified plug-in has full permissions to load without any

[This page contains 2 pictures or other non-text objects]

Page 2 of 2

user intervention.

    2) Ask Permission - The specified plug-in cannot load unless the browser prompts the user for permission via a standardiz...