Patent Number: 6,490,626

Title: Browser system

Abstract: A Web browser (210) is configured to run in a middle compartment (206) of aCompartmented Mode Workstation (CMW) (200). The operation of the Webbrowser (210) is prevented from accessing or damaging other compartmentsof the CMW machine (200) as a result of mandatory access control (MAC),which is configured appropriately.The Web browser (210) communicates with Web servers (252) attached to theinternet (240), the Internet being connected to an outside compartment ofthe CMW machine (210), via a trusted outside process (TPO) (214). TPO(214) has the privileges required to override MAC. The Web browser (210)communicates with a display server (232), which is attached to an insidecompartment (204) of the CMW machine (210), via a trusted inside process(TPI) (204). TPI also has privileges to override MAC. The Web browser(210) can request and receive Web pages incorporating mobile code, and canprocess the mobile code safely within the middle compartment (206). As aresult of processing the mobile code, the Web browser (210) sends onlyX-messages to the display server (232), in order that the display servercan render the images resulting from the processed mobile code.

Inventors: Edwards; Nigel (Bristol, GB), Rees; Owen (Newport, GB), Zhong; Qun (San Jose, CA)


International Classification: G06F 9/46 (20060101); G06F 9/50 (20060101); G06F 013/00 ()

Expiration Date: 12/02015