GB2517021A - Context transfer from web page to application - Google Patents

Context transfer from web page to application Download PDF

Info

Publication number
GB2517021A
GB2517021A GB1408483.4A GB201408483A GB2517021A GB 2517021 A GB2517021 A GB 2517021A GB 201408483 A GB201408483 A GB 201408483A GB 2517021 A GB2517021 A GB 2517021A
Authority
GB
United Kingdom
Prior art keywords
framework
event
action
server
plugin
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB1408483.4A
Other versions
GB201408483D0 (en
Inventor
Paul Keith Branton
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
AppSense Ltd
Original Assignee
AppSense Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US13/892,678 external-priority patent/US10291615B2/en
Application filed by AppSense Ltd filed Critical AppSense Ltd
Publication of GB201408483D0 publication Critical patent/GB201408483D0/en
Publication of GB2517021A publication Critical patent/GB2517021A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/542Event management; Broadcasting; Multicasting; Notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/95Retrieval from the web
    • G06F16/957Browsing optimisation, e.g. caching or content distillation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0246Exchanging or transporting network management information using the Internet; Embedding network management web servers in network elements; Web-services-based protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/37Managing security policies for mobile devices or for controlling mobile applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/445Program loading or initiating
    • G06F9/44521Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
    • G06F9/44526Plug-ins; Add-ons
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic

Abstract

A computerized method includes receiving, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser. The framework action is by the framework plugin 705, wherein executing the framework action comprises retrieving the specified context data from the web page and generating, by the framework plugin, a framework event 710 including the context data. The framework event is forwarded 715 to a framework server coupled to the framework plugin. The framework event is received at the framework server 720 from the framework plugin. At the framework server, a framework action is determined 740 based on the framework event, including the specified data, and a framework policy. Instructions are then sent 775 to an external process based on the specified data and the framework action. The framework server can reside locally on the same device as the framework plugin or can reside remotely on a different computing device.

Description

CONTEXT TRANSFER FROM WEB PAGE TO APPLICATION
CROSS REFERENCE TO RELATED APPLICATION
[0001] This application is a continuation-in-part of U.S. Application No. 13/892,678, filed May 13, 2013, which is incorporated by reference in its entirety as though fully disclosed herein.
TECHNICAL FIELD
[0002] This application relates generally to centralized software environment management, and more specifically to a framework for network-based remote management of client systems.
BACKGROUND
[0003] Computer systems can provide user environment management and/or policy control for computing devices (e.g., Windows based PC5). A system policy can be defined within an enterprise computer network either: to respond to system events such as computer startup/shutdown, user login/logoff, process start/stop, and session changes, etc.; or to prevent or control user behavior in applications and the desktop environment. For example, a pre-defined script can run when a user logs in to a corporate network; a particular group of users can be prevented from using parts of an application. The conventional user environment and/or policy control mechanisms, however, are limited to handle application and system level events and policies, not events and policies related to web browsers. Some examples of web events include webpage loading, URL clicking, adding/deleting a tab within a web browser, etc. Typical policies include, for example, blocking of URLs and redirection and preventing use of particular buttons or menus inside an web page.
SUMIVIARY
[0004] In accordance with the disclosed subject matter, systems and methods are described for a web event framework.
[0005] Disclosed subject matter includes, in one aspect, a computerized method, which includes receiving, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data
-I-
to retrieve from a web page loaded on the web browser; executing the framework action by the framework plugin; forwarding the framework event to a framework server coupled to the framework plugin; receiving at the framework server the framework event from the framework plugin; determining, at the framework server, a framework action based on the framework event, including the specified data, and a framework policy; and sending instructions to an external process based on the specified data and the framework action.
Executing the framework action includes retrieving the specified context data from the web page and generating, by the framework plugin, a framework event including the context data.
[0006] In some embodiments, the framework action is determined at the framework server based on a previous framework event received from the framework plugin.
[0007] In some other embodiments, the previous framework event is generated by the framework server in response to the framework server receiving a web event from the web browser.
[00081 In some other embodiments the web event is the web browser loading the web page.
[0009] In some other embodiments wherein the external process is a desktop application run on the same client computing device as the web browser.
[0010] In some other embodiments sending the instructions comprises sending inputs that the external process interprets according to a user interface.
[00111 In some other embodiments, the computerized method includes receiving the framework policy from a policy store.
[0012] In some other embodiments, the computerized method includes customizing the framework server based on the framework policy.
[0013] In some other embodiments, the computerized method includes receiving at the framework server an external event from an external event source and determining, at the framework server, the framework action based on the external event and the framework policy.
[0014] In some other embodiments, the computerized method includes forwarding the framework action over a network to a second framework server.
[0015] In some other embodiments, the computerized method includes processing the framework action by the second framework server.
[0016] In some other embodiments, the computerized method includes forwarding the framework event over a network to a second framework server.
[0017] In some other embodiments, the computerized method includes determining at the second framework server a second framework action based on the framework event and a second framework policy.
[0018] Disclosed subject matter includes, in another aspect, a computer system for a web event framework, which includes a processor configured as a framework plugin coupled to a web browser. The framework plugin includes a framework server interface configured to receive a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser, a browser interface configured to communicate with the web browser and retrieve the specified context data from the web page, and a framework event generator configured to generate a framework event including the context data. The framework server interface is further configured to send the framework event to the framework server. The processor is frirther configured as a framework server communicating with the framework plugin, induding framework plugin interface configured to receive the framework event from the framework plugin, a framework action determiner configured to determine a framework action based on the framework event, including the specified data, and a framework policy, and an external process interface configured to send instructions to an external process based on the specified data and the framework action.
[0019] In some other embodiments, the framework server also includes a policy store interface configured to receive the framework policy from a policy store.
[0020] In some other embodiments, the framework server also includes a framework policy configurator configured to customize the framework server based on the framework policy, [0021] In some other embodiments, the framework server also includes a webpage updater configured to generate or modify a webpage.
[0022] In some other embodiments, the framework server also includes an external event interface configured to receive an external event from an external event source and the framework action determiner is further configured to determine the framework action based on the external event and the framework policy.
[0023] In some other embodiments, the framework plugin interface is fbrther configured to communicate with a second framework plugin coupled with a second web browser.
[0024] Disclosed subject matter includes, in yet another aspect, a non-transitory computer readable medium having executable instructions operable to, when executed by a processor, cause the processor to receive, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser; execute the framework action by the framework plugin; forward the framework event to a framework server coupled to the framework plugin; receive at the framework sewer the framework event from the framework plugin; determine, at the framework sewer, a framework action based on the framework event, including the specified data, and a framework policy; and send instructions to an external process based on the specified data and the framework action.
Executing the framework action includes retrieving the specified context data from the web page and generating, by the framework plugin, a framework event including the context data.
[0025] Various embodiments of the subj ect matter disclosed herein can provide one or more of the following capabilities. Systems and methods for a web event framework can reduce system complexity. Framework servers and framework plugins can be designed without complex business logic. For example, a framework sewer can act as a simple event sink while a framework plugin can act as an event producer. A framework server can receive framework events from all event sources and determine framework actions based on a framework policy. Systems and methods for a web event framework can also improve flexibility and maintainability. Changing a framework policy itself can change the behaviors of a web event framework. There is no need to modify the framework server and/or the framework plugin. Systems and methods for a web event framework can also increase extendibility. Adding framework events to a framework policy can expand the list of events handled by a web event framework without updating the framework server and/or the framework plugin.
[0026] These and other capabilities of embodiments of the disclosed subject matter will be more fully understood after a review of the following figures, detailed description, and claims.
BRIEF DESCRIPTION OF THE DRAWINGS
[0027] Various objects, features, and advantages of the disclosed subject matter can be more fully appreciated with reference to the following detailed description of the disclosed subject matter when considered in connection with the following drawings, in which like reference numerals identify like elements.
[0028] FIG. 1 illustrates an exemplary networked computing environment in accordance with some embodiments.
[0029] FIG. 2 illustrates an exemplary web event framework arrangement in accordance with some embodiments.
[0030] FIG. 3 illustrates another exemplary web event framework arrangement in accordance with some embodiments.
[0031] FIG. 4 illustrates yet another exemplary web event framework arrangement in accordance with some embodiments.
[0032] FIG. 5 illustrates a block diagram of an exemplary web event framework plugin in accordance with some embodiments.
[0033] FIG. 6 illustrates a block diagram of an exemplary web event framework server in accordance with some embodiments.
[0034] FIG. 7 includes an exemplary operation of an exemplary web event framework in accordance with some embodiments.
[0035] FIG. 8 illustrates a block diagram of an exemplary computing device in accordance with some embodiments.
[0036] FIG. 9 illustrates a further exemplary web event framework arrangement in accordance with some embodiments.
DESCRIPTION
[0037] In the following description, numerous specific details are set forth regarding the systems and methods of the disclosed subject matter and the environment in which such systems and methods may operate, in order to provide a thorough understanding of the disclosed subject matter. It will be apparent to one skilled in the art, however, that the disclosed subject matter may be practiced without such specific details, and that certain features, which are well known in the art, are not described in detail in order to avoid complication of the disclosed subject matter. In addition, it will be understood that the embodiments described below are only examples, and that it is contemplated that there are other systems and methods that are within the scope of the disclosed subject matter.
[0038] Mechanisms, such as browser extensions, can potentially modify a user's browser experience. The logic and control of these mechanisms are typically self-contained in the web browser, making these mechanism more complex, less flexible and robust, and more difficult to maintain and extend. Embodiments of the disclosed subject matter can provide features for a web event framework, which can reduce system complexity, improve flexibility and robustness, and increase maintainability and extendibility.
[0039] In one exemplary implementation, a web event framework can include a framework plugin, a framework server, and a framework policy store. The framework plugin can be embedded inside a web browser. The framework server can be independent and outside the realm of web browsers and can receive framework events from one or more framework plugins or other external event sources. The framework server can determine a framework action based on the framework event and a framework policy stored in a policy store, and then forward the framework action back to the framework plugin embedded within the web browser or execute the framework action, for example, if it's a system command.
The framework policy can be updated to customize the web event framework. The framework plugin can process web pages based on the framework actions received from the framework sewer. Some exemplary user scenarios include: a certain event is triggered when a particular URL is hit; certain web pages or applications are locked or disabled based on a corporate policy; certain browser settings and security policies are customized based on a user's location, IP address, or credentials, etc.; and web browsers respond to remote connection session changes.
[0040] In one exemplary use scenario, a framework sewer can generate a framework action to automatically launch a frequently-used work-related website in a user's web browser when it is 9A1\4 on weekdays or to block certain company secure websites when it is 5PM or during weekends. In another exemplary use scenario, when a framework server receives an external event indicating a laptop computer has left the corporate building, the framework sewer can generate a framework action closing all browser windows/tabs loaded with corporate confidential information.
[0041] Embodiments of the disclosed subject matter can be implemented in a networked computing environment, FIG. 1 illustrates an exemplary networked computing environment in accordance with certain embodiments of the disclosed subject matter. The networked computing environment 100 can include a server 04, at least one client 106 (e.g., client O6- 1, 106-2, ... 106-N), a physical storage medium 108, and cloud storage 110 and 112, which can all be coupled, directly or indirectly to a communication network 102.
[0042] Each client 106 can communicate with the server 104 to send data to, and receive data from, the sewer 104 across the communication network 102. Each client 106 can be directly coupled to the sewer 104, Additionally, each client 06 can be connected to sewer 104 via any other suitable device, communication network, or combination thereof For example, each client 106 can be coupled to the sewer 104 via one or more routers, switches, access points, and/or communication network (as described below in connection with communication network 102). A client 106 can include, for example, a desktop computer, a mobile computer, a tablet computer, a cellular device, a smartphone, or any computing systems that are capable of performing computation.
[0043] Server 104 can be coupled to at least one physical storage medium 108, which can be configured to store data for the server 104, Preferably, any client 06 can store data in, and access data from, the physical storage medium 108 via the sewer 04. FTG. I shows the server 104 and the physical storage medium 108 as separate components; however, the sewer 104 and physical storage medium 108 can be combined together. FIG. 1 also shows the server 104 as a single server; however, server 104 can include more than one server, FIG, 1 shows the physical storage medium 108 as a single physical storage medium; however, physical storage medium 108 can include more than one physical storage medium, The physical storage medium 108 can be located in the same physical location as the server 104, at a remote location, or any other suitable location or combination of locations, [0044] FIG, 1 shows two embodiments of a cloud storage 110 and 112, Cloud storage and/or 112 can store data from physical storage medium 108 with the same restrictions, security measures, authentication measures, policies, and other features associated with the physical storage medium 108. While FIG. I shows the cloud storage 112 separate from the communication network 102, cloud storage 112 can also be part of communication network 102 or another communication network, The server 104 can use only cloud storage 110, only cloud storage 112, or both cloud storages 110 and 112. While, FIG. I shows one cloud storage 110 and one cloud storage 112, more than one cloud storage 110 and/or more than one cloud storage 112 or any suitable combination thereof can be used.
[0045] The communication network 102 can include the Internet, a cellular network, a telephone network, a computer network, a packet switching network, a line switching network, a local area network (LAN), a wide area network (WAN), a global area network, or any number of private networks currently referred to as an Intranet, and/or any other network or combination of networks that can accommodate data communication. Such networks may be implemented with any number of hardware and software components, transmission media and network protocols. While FIG. 1 shows the network 102 as a single network, the network 102 can also include multiple interconnected networks listed above.
[0046] FIG. 2 illustrates an exemplary web event framework arrangement 200 according to certain embodiments of the disclosed subject matter. The web event framework arrangement 200 can include a framework plugin 210, a framework server 220, and a policy store 230.
[0047] Referring to FIG. 2, the framework plugin 210 can be associated with a web browser 202, A web browser 202 can be associated with one or more of the framework plugins 210. When multiple plugins are associated with one web browser, functionalities can be split among the multiple plugins. In one example, the framework plugin 210 can be embedded within the web browser 202; in another example, only a portion of the framework plugin 2i0 is embedded within web browser 202 and the rest can be outside but coupled to the web browser 202. The framework plugin 210 can receive events (e.g., 204-1 and 204-2, etc.) from the web browser 202. One type of such received events are web events generated by the web browser 202, such as navigating to a webpage. The framework plugin 210 can also perform actions in connection with the web browser 202, such as generating or modifying pages (e.g., 206-1 and 206-2, etc.). More examples of actions that can be performed by the framework plugin 210 are discussed later.
[0048] The framework server 220 can communicate with the framework plugin 210. The framework sewer 220 can receive an event (e.g., a framework event) from the framework plugin 210, determine an action (e.g., a framework action) based on the framework event, and forward the action to the framework plugin 210. In some embodiments, the framework server 220 can be outside and not associated with the web browser 202. In one example, the framework server 220 can reside locally on the same computing device as the framework plugin 210; in another example, the framework server 220 can reside remotely on a different computing device.
[0049] In addition, the framework server 220 can receive events (e.g., external event 240) from an external event source and can also perform external actions (e.g., initiating an external process 250). An external event source can either be local at the same computing device or be remote at a different computing device. An external action can be performed either locally at the same computing device or remotely at a different computing device.
Additional details about external events and external actions are discussed later in this document.
[0050] In some embodiments, a framework server 220 can run a communication server (e.g., a socket server) listening for connections from one or more framework plugins 210. In some other embodiments, a framework server 220 can also run a communication server (e.g., a HTTP sewer) listening for messages (e.g., HTTP POST messages) from external event sources or other framework servers, A framework server 220 in a web event framework can be different from a traditional web server or proxy. According to embodiments of the disclosed subject matter, web pages can still be served by traditional web servers and a framework server 220 does not need to serve or download web pages directly.
[0051] In some embodiments, a framework plugin 210 can connect to a framework server 220 when it is first loaded (e.g., when its associated web browser 202 starts).
Alternatively, a framework plugin 210 can connect to a framework server 220 at a later time, In some embodiments, a framework server 220 can halt or suspend web browser activities if a framework plugin is not detected. For example, AppSense' s Application Manager product can be utilized to detect process launches and control the execution and/or internet access of the launched process, [0052] The framework sewer 220 can also receive a policy (e.g., a framework policy) from a policy store 230, A framework policy can define how the framework sewer 220 determine a framework action based on a framework event. In one example, the policy store 230 can reside locally on the same computing device as the framework server 220; in another example the policy store 230 can reside remotely on a different computing device, In some embodiments, the policy store 230 can contain one configuration file per end user. In other embodiments, for example for a large enterprise, the policy store 230 can contain a generic configuration file suitable for a plurality of users. The generic configuration file can be customized and delivered, via the policy store, to each unique end user. In some other embodiments, there can be a global universal configuration file.
[0053] FIG. 3 illustrates another exemplary web event framework arrangement 300 according to certain embodiments of the disclosed subject matter, The web event framework arrangement 300 can include multiple framework plugins 210 and 210, a framework server 220, and a policy store 230. In this embodiment, the framework server 220 can operate in a manner similar to that described above with respect to FIG. 2, while being connected to multiple framework plugins.
[0054] Referring to FIG. 3, the framework plugin 210 can be associated with a web browser 202 while the framework plugin 210' can be associated with a web browser 202'.
The web browsers 202 and 202' can be different types of web browsers. For example, the web browser 202 can be an Internet Explorer (IF) from Microsoft while the web browser 202' can be a Chrome browser from Google. The web browsers 202 and 202' can also be different sessions of a same type of web browsers. For example, the web browser 202 can be one lIE browser session while the web browser 202' can be a different lIE browser session.
The framework plugin 210 can receive events (e.g., 204) from the web browser 202 while the framework plugin 210' can receive events (e.g., 204') from the web browser 202'. The framework plugin 210 can also perform actions (e.g., modifying a page 206) in the web browser 202 while the framework plugin 210' can also perform actions (e.g., modifying a page 206') in the web browser 202'.
[0055] The framework server 220 can communicate with both framework plugins 210 arid 210'. The framework server 220 can receive an event (e.g., a framework event) from the framework plugin 210, determine an action (e.g., a framework action) based on the framework event, and forward the action to the other framework plugin 210' associated with the other web browser 202'. In this manner, an event at one web browser can cause an action at another web browser. In some embodiments, the framework server 220 can be outside and not associated with either web browser 202 or 202'. In one example, the framework server 220 can reside locally on the same computing device as the framework plugin 210 or 210'; in -10-another example the framework sewer 220 can reside remotely on a different computing device. The framework server 220 can also receive a policy (e.g., a framework policy) from a policy store 230. A framework policy can define how the framework server 220 determine a framework action based on a framework event. In one example, the policy store 230 can reside locally on the same computing device as the framework sewer 220; in another example the policy store 230 can reside remotely on a different computing device.
[0056] In some embodiments, security considerations in some web browsers may prevent the framework sewer 220 from initiating an inbound connection into a framework plugin (e.g., 210'). In these situations, the framework plugin (e.g., 210') can initiate an outbound connection out to the framework sewer 220. Once a connection has been made, data traffic can flow freely in both directions. In other embodiments, additional security measures, for example in Internet Explorer 10 on Windows 8, may allow a connectivity to the framework sewer 220 only if the framework sewer 220 has a known DNS name (e.g., localhost). In these situations, a framework server on a remote machine may need to have a valid DNS entry to be accessible.
[0057] In addition, like illustrated in FIG. 2, the framework sewer 220 in FIG. 3 can also receive events from an external event source and perform external actions (e.g., initiating an external process). Tn one exemplary scenario, clicking on "I'm feeling lucky" at Google.com in an IE browser can open a tab with the search results in a Safari browser.
[0058] FIG. 4 illustrates yet another exemplary web event framework arrangement 400 according to certain embodiments of the disclosed subject matter, The web event framework arrangement 400 can include multiple framework plugins 210 and 210', multiple framework sewers 220 and 220', and a network 260.
[0059] Referring to FIG. 4, the framework plugin 210 can be associated with a web browser 202 while the framework plugin 210" can be associated with a web browser 202".
The web browsers 202 and 202" can be the same or different types of web browsers, In one example, the web browsers 202 and 202" can both be an IE browser on different computing devices. In another example, the web browsers 202 can be an lIE on one computer device (e.g., a Windows PC) while the web browser 202" can be a Chrome browser from Google on a different computing device (e.g., a Mac computer from Apple). The framework plugin 210 carl receive events (e.g., 204) from the web browser 202 while the framework plugin 210" can receive events (e.g., 204') from the web browser 202'. The framework plugin 210 carl also perform actions (e.g., modifying a page 206) in the web browser 202 while the framework plugin 210" can also perform actions (e.g., modifying a page 206") in the web browser 202". The framework plugin 210 and the web browser 202 can reside on a different computing device from the framework plugin 210" and the web browser 202".
[0060] The framework server 220 can communicate with the framework plugins 210.
The framework server 220" can communicate with the framework plugins 210". The framework sewer 220 can communicate with the framework server 220" over a network 260.
In some embodiments, a framework server 220/220" can run a communication sewer (e.g., a HTTP server) listening for framework events/actions (e.g., via HTTP POST messages) from other framework servers. A HTTP server can be chosen, for example, because of its compatibility with firewalls. The framework plugins 202 and 202" can communicate with each other via the framework sewers 220 and 220". In some embodiments, the framework sewer 220 can receive a framework event from the framework plugin 210, determine a framework action based on the framework event, and forward the framework action over the network 260 to the other framework server 220", which can in turn forward the received framework action to the other framework plugin 210" associated with the other web browser 202". In some other embodiments, the framework sewer 220 can receive a framework event from the framework plugin 210 and forward the framework event over the network 260 to the other framework server 220", which can in turn determine a framework action based on the framework event and then forward the determined framework action to the other framework plugin 210" associated with the other web browser 202', In some embodiments, the framework servers 220 and 220" can each have its own policy store or framework policy.
In some other embodiments, the framework servers 220 and 220" can share one common policy store or framework policy, which can reside locally with either framework server 220/220' or be accessed remotely via the network 260.
[0061] In addition, like illustrated in FIG. 2, the framework servers 220 and 220" in FIG. 4 can also receive events from an external event source and perform external actions (e.g., initiating an external process). In one exemplary scenario, clicking on "I'm feeling lucky" at Google.com in an IF browser on a PC can open a tab with the search results in a Safari browser on a Mac, -12- [0062] FIG. 9 illustrates yet another exemplary web event framework arrangement 900 according to certain embodiments of the disclosed subject matter. The web event framework arrangement 900 call include a web browser 202 with a framework plugin 210, a framework server 220, and a policy store 230. The arrangement 900 can also include a desktop application 902, which may be stored on the same or a separate computer system from the other components and may be an application other than a web browser. For example, the desktop application 902 may be a dedicated interface for an internal database associated with a client network, productivity software such as a document generator or docket manager, or any other desktop application for which one or more policies is created by a user or administrator of the web framework. Any number of desktop applications 902 may be included in the arrangement 900.
[0063] The desktop application 902 may include a user interface 904 by which a user can interact with the application 902. The interface 904 may include the ability to interpret user input, such as mouse and keyboard input, into instructions that can be carried out by the application 902. As a particular example of an external action as described above with respect to FIG. 2, the framework server 220 may submit inputs to the user interface 904 in order to initiate commands on the desktop application 902. These commands may be carded out as a framework action initiated in response to one or more framework events being submitted to the framework server 220 by the framework plugin 210, which may in turn reflect activity on the web browser 202. As further described below, the web framework may allow for contextual information from a page 206 shown on the web browser 202 to be retrieved and used in the desktop application 902. For example, a reference to a particular document (such as a patent) within a web browser 206 may result in a command to a document database 902 to retrieve additional data regarding the document. As another example, log-in information submitted within a browser window 206 may be submitted within a desktop application 902 to automatically log in a user to additional services.
Context liansfer may occur by means of specific framework actions and events described below.
[0064] FIG. 5 illustrates a block diagram of an exemplary web event framework plugin 210 according to certain embodiments of the disclosed subject matter, The framework plugin 210 can include a browser interface 510, a web event monitor 520, a framework event in -1.) -generator 530, a framework sewer interface 540, a framework action executor 550, and a webpage update 560. The framework plugin 210 carl include additional modules, fewer modules, or any other suitable combination of modules that perform any suitable operation or combination of operations.
[0065] The browser interface 510 can allow the framework plugin 210 to communicate with a web browser (e.g. 202). In one examp'e, the browser plugin 210 can receive events (e.g., web browsing events) generated by the web browser through the browser interface 510.
In another example, the browser plugin 210 can send actions (e.g., closing a browser window) or action results (e.g., a modified webpage) to the web browser through the browser interface 510.
[0066] The web event monitor 520 can monitor the events received, e.g., via the browser interface 510, from a web browser (e.g., 202). Examples of web events monitored by the web event monitor 520 can include: * "Before Navigate" * "Tab Changed" * "Page Loaded" * "Body Clicked" The "Before Navigate" web event can occur when a web browser is just about to navigate to a new webpage. The "Tab Changed" web event can occur when a web browser changes to a new tab, For example, when a Google search result is clicked on, a "Tab Changed" web event is generated. The "Page Loaded" web event can occur when a document (e.g., a webpage) has been loaded into a tab. The "Body Clicked" web event can occur when an element (e.g., a button or a link) on a webpage is clicked. The list of web events being monitored by the framework plugin 210 can be updated and customized to fit individual needs. In some embodiments, the list of web events being monitored by the framework plugin 210 can be defined in an external file, such as a framework policy stored in a policy store (e.g., 230). If the web event monitor 520 detects an event it does not recognize, it can be configured to ignore this event. Optionally, an alert (e.g., an error message) can be generated and presented to the user or administrator, -14- [0067] The framework event generator 530 can generate a framework event based on a web event, e.g., detected by the web event monitor 520. Examples of framework events generated by the framework event generator 530 can include: * "navigate" * "pageLoaded" * "bodyClick" A "navigate" framework event can be generated when a "Before Navigate" or "Tab Changed" web event is detected (e.g., when a web browser is just about to navigate to a new webpage or change to a new tab). A "pageLoaded" framework event can be generated when a "Page Loaded" web event is detected (e.g., when a webpage has been loaded into a tab). A "bodyClick" framework event can be generated when a "Body Clicked" web event is detected (e.g., when a hyperlink on a webpage is clicked).
[0068] Additionally, the framework event generator 530 may generate a framework event in response to particular framework actions received from the framework server 220. For example, a "getContext" framework action (as further described below) automatically triggers the patti cul a.r fra.ni ework event "context" which returns context data. from a specified web page. The "context" framework event is therefore generated by the framework event generator 530 each time the framework executor 550 (described below) executes a "getContext" action received at the framework server interface 540 (described below).
[0069] In some embodiments, a framework event can be associated with one or more parameters which can be either required or optional. Examples of parameters associated with framework events can include: * "source" -the TJRL of the webpage where the framework event originates * "tablD" -the ID of the tab where the framework event originates * "text" -the inner text of a clicked element on a webpage * "href' -the href of a clicked element on a webpage * "value" -the value of a clicked element on a webpage * "id" -the lID of a clicked element on a webpage * "name" -the name of a clicked element on a webpage * "type" -the type of a clicked element (e.g., a button or a link, etc.) on a webpage -15- * "items" -the data specified by a "getContext" action In some embodiments, the "source" and "tablD" parameters can be required for all framework events; the "type" parameter can be required for some framework events (e.g., "bodyClick" framework events). The list of framework events generated by the framework plugin 210, how they are generated, and how they correspond to certain web events can be updated and customized to fit individual needs. In some embodiments, the list of framework events, how they are generated, and how they correspond to certain web events can be defined in an external file, such as a framework policy stored in a policy store (e.g., 230). If the framework event generator 530 does not know how to handle a detected web event, it can be configured to ignore this web event. Optionally, an alert (e.g., an error message) can be generated and presented to the user or administrator.
[0070] The framework server interface 540 can allow the framework plugin 210 to communicate with a framework server (e.g. 220). In one example, the browser plugin 210 can forward a framework event generated by the framework event generator 530 to a framework server through the framework server interface 540. In another example, the browser plugin 210 can receive a framework action from a framework server through the framework server interface 540. In one example, the framework server interface 540 can be implemented using JavaScript and the socket.io library. A listener can be set up in the framework server, The framework plugins can connect to the listener and then maintain a permanent connection between the server and plugins. Communication can then be bi-directional using packets constructed from, e.g., JavaScript Object Notation (JSON) key/value pairs.
[0071] The framework action executor 550 can execute a framework action, e.g., received from a framework server. More details about the framework action executor 550 executing framework actions will be discussed later in this document.
[0072] The webpage updater 560 can generate or update a webpage based on the framework action received from a framework server, In some embodiments, the webpage updater 560 can work with the framework action executor 550 to generate or update a webpage. More details about the webpage updater 560 generating/updating webpages will be discussed later in this document. -16-
[0073] FIG. 6 illustrates a block diagram of an exemplary web event framework sewer 220 according to certain embodiments of the disclosed subject matter. The framework server 220 can include a framework plugin interface 610, a framework action determiner 620, an external event interface 630, an external process interface 640, a peer framework server interface 650, a policy store interface 660, and a framework policy configurator 670. The framework sewer 220 can include additional modules, fewer modules, or any other suitable combination of modules that perform any suitable operation or combination of operations.
[0074] The framework plugin interface 610 can allow the framework server 220 to communicate with a framework plugin (e.g. 210). In one example, the framework sewer 220 can receive a framework event generated at a framework plugin through the framework plugin interface 610. In another example, the framework sewer 220 can forward a framework action to a framework plugin through the framework plugin interface 610. In some embodiments, the framework server 220 can communicate with multiple framework plugins through a common framework plugin interface 610. In some other embodiments, the framework sewer 220 can communicate with multiple framework plugins through different framework plugin interfaces 610, each of which corresponds to one of the multiple framework plugins 210, [0075] The framework action determiner 620 can determine a framework action. In some embodiments, the framework action can be determined based on a framework event, e.g., received at the framework plugin interface 610. Examples of framework actions can include: * "navigate" * "relink" * "disableElement" * "closeTab" * "externalProcess" * "getContext" A framework action can be associated with one or more arguments which can be either required or optional. For example, a "navigate" framework action can cause a web browser to navigate to a target URL and can thus have an argument specifying this target URL; a "navigate" framework event can also have an argument defining whether the webpage -17-specified by the target UTRL should be opened in a new or existing page/tab. A "relink" framework action can cause a web browser to change all hyperlinks on a webpage that match a given pattern to a target URL or certain JavaScript function and can thus have an argument specifying this given pattern and target IJRL or JavaScript function. A "disableElement" framework action can cause a web browser to disable a certain element on a webpage based on the web element's ID, name, text, or css selector and can thus have an argument identifying this element on the webpage. A "closelab" framework action can cause a web browser to close the curent tab, a specific tab, or a range of tabs and can thus have an argument identifying the tab(s) to be closed. An "externalProcess" framework action can initiate an external process or application and can thus have an argument defining the launching options for the external application. Alternatively, an "externalProcess" framework action may control an existing program by, for example, providing a script for automatically submitting inputs to the program by means of the program's user interface, or submitting commands by means of a program API. A "getContext" action can be used to retrieve specific data from a web page, and may include a unique ID matching the "getContext" action to a "context" event, as well as an argument defining what context data to retrieve (the "keys").
[0076] In some embodiments, the argument(s) for a framework action can be fixed, pre-configured based on the type of framework action, or generated dynamically based on the corresponding framework event and its parameters. For example, a target argument for a "navigate" framework action specifying the target URL can be derived from a domain parameter of a coresponding "navigate" framework event defining the URL a web browser is about to navigate to. In some other embodiments, more data can be collected from web events to provide more information for the corresponding framework action. For example, text entered into a web form on a webpage can be extracted and used to generate one or more arguments for a framework action.
[0077] The external event interface 630 can allow the framework server 220 to receive external events (e.g., 240) from an external event source, An external event source can either be local at the same computing device or be remote at a different computing device. In one example, the framework server 220 can receive a time event via the external event interface 630 from a system clock module indicating the time is 9AlvI or 5PM. In another example, -18-the framework server 220 can receive a location event via the external event interface 630 from a system GPS module indicating a computing device (e.g., a laptop computer) has left or entered a corporate building. The framework action determiner 620 can determine a framework event based on the external event received from the external event source. In one example, the framework action determiner 620 can generate a framework action to automatically launch a frequently-used work-related website in a user's web browser when it is 9AM on weekdays or to block certain company secure websites when it is 5PM or during weekends. In another example, when the framework sewer 220 receives an external event indicating a laptop computer has left the corporate building, the framework sewer 220 can generate a framework action closing all browser windows/tabs loaded with corporate confidential information.
[0078] Examples of external event sources can include hardware modules (e.g., GPS device), software modules (e.g., AppSense Environment Manager or AppSense Application Manager), or combinations of both. In one example, an AppSense Environment Manager can generate an external event indicating a user login/logoff In another examp'e, an AppSense Application Manager can generate an external event indicating an application startup/shutdown, In some embodiments, an external event can originate from various remote technologies, such as Remote Desktop Protocol (RDP) from Microsoft or Independent Computing Architecture (ICA) from Citrix.
[0079] The external process interface 640 can allow the framework server 220 to initiate certain external processes (e.g., 250). An external process can be executed either locally at the same computing device or remotely at a different computing device, In one example, the framework sewer 220 can launch a Microsoft Word application via the external process interface 640. The external process being initiated can be based on a framework action generated by the framework action determiner 620. For example, when the framework server 220 receives a framework event indicating a stock-trading webpage has been loaded in a web browser, the framework server 220 can generate a framework action launching the Calculator application on the local computing device. In some embodiments, an external process can be initiated through various remote technologies, such as Remote Desktop Protocol (RDP) from Microsoft or Independent Computing Architecture (ICA) from Citrix, -19- [0080] In some implementations, the external process interface 640 may activate a process or provide instructions to an active process in response to an "context" event, which provides specific data from a web page 206 in response to a "getContext" action sent to the framework plugin 210 associated with the web browser 202, The "context" event may include specific inputs which can be submitted to the process to be interpreted as user inputs in order to carry out one or more instructions.
[0081] The peer framework server interface 650 call allow the framework server 220 to communicate with other framework sewer (e.g., 220") over a network (e.g., 260). The framework sewer 220 can send/receive framework events or actions via the peer framework sewer interface 650 to/from another framework server (e.g., 220"). In some embodiments, a framework sewer (e.g., 220) can receive a framework event from an associated framework plugin (e.g., 210) and forward the framework event to the other framework server (e.g., 220"), which can in turn determine a framework action based on the received framework event and then forward the determined framework action to its associated framework plugin (e.g., 210), In some other embodiments, the framework server (e.g., 220) can receive a framework event from an associated framework plugin (e.g., 210), determine a framework action based on the framework event, and forward the framework action to the other framework sewer (e.g., 220"), which can in turn forward the received framework action to its associated framework plugin (e.g., 210"). In one exemplary scenario, clicking on "I'm feeling lucky" at Google.com in an IE browser on a PC can open a tab with the search results in a Safari browser on a Mac, [0082] Still referring to the framework sewer 220 in FIG, 6 and in particular to the framework action determiner 620, a framework action can also be determined based on a framework policy. In some embodiments, a framework policy can define whether and how to handle a particular framework event, and what, if any, framework action should be generated in response to a particular framework event with certain parameter(s). Some exemplary framework policies are described below. In these examples, the framework policies are presented and stored in JavaScript Object Notation (JSON) format. A framework policy file can contain one or more framework policies like the ones discussed below.
[0083] Framework Policy A: "onNavigate": [ -20 - "action": "navigate", "domain": "www.bing.com", "target": "http://www.googl e. corn"
I
According to Framework Policy A, when a "navigate" framework event is received at the framework sewer with a domain parameter "www.bing.com," a "navigate" framework action is generated with a target argument "http://www.google.corn." When this framework policy is implemented, a user trying to use the Bing search engine will be redirected to use the Google search engine. The framework sewer 220 can look up the domain names in a framework policy and identify one matching the domain parameter in an received framework event. The matching can be done by exact text matching or by some more robust matching rnechani sms (e.g., regular expressions).
[0084] Framework Policy B: "onPageLoaded": "action": "relink", "domain": "www.bbc.co.uk", "source": "http:/!www.bbc.co.uk/news/england/", "target": "http://www,bbc,co,uklnews/scotlandl" 5' "action": "disableElement", "domain": "eui,salesforce,com", "id": "phSearchButton"
I
According to Framework Policy B, when a "pageLoaded" framework event is received at the framework server with a domain parameter "www.bbc.co.uk," a "relink" framework action is generated with a source argument "hftp://www,bbc.co,uklnews/england" and a target -21 -argument "http://www. bbc. co.uklnews/scotland." Upon implementing this framework policy, when a user visiting BBC's UK website, the links to England news will be changed to linking to Scotland news. Also according to Framework Policy B, when a "pageLoaded" framework event is received at the framework server with a domain parameter "eul.salesforce.com," a "disableElement" framework action is generated with an id argument "phSearchButton" When this framework policy is implemented, the search button on the salesforce.com webpage is disabled, [0085] Framework Policy C: "onBodyClick": "action": "externalProcess", "domain": ",", "commandLine": "say %text% %title%"
I
According to Framework Policy C, when a "bodyClick" framework event is received at the framework server, an "external Process" framework action is generated with a commandLine argument "say %text% %title%." The "." domain parameter can indicate that the domain name is irrelevant for this particular framework event and/or action. Upon implementing Framework Policy C, when a user clicks on any element on a webpage, the computing device speaks out the text of the element.
[0086] Framework Policy D: "on External Events": "action": "closeTab", "domain": "external: sessionChanged", "tabUrl": "https:/f'
I
According to Framework Policy D, when an external event is received with a domain parameter "external:sessionChanged" at the framework server, a "closeTab" framework -22 -action is generated with a tabUEl argument "https://." The "external:sessionChanged" domain parameter can be treated as a peudo domain name. The "https://" tabUrl argument can indicate the "closeTab" action applies to all tabs when an URL starts with "https://".
Upon implementing Framework Policy C, when a user's secure session changes, the web browser closes all tabs of secure webpages.
[0087] Framework Policy E: "onPageLoaded" : [ ( "action": "getContext", "domain": "www.bbc.co.uk", "items" :[ "key":"Username", "id":"textTitlel" {"key":"Fullname","id":"textTitle2" H, "contextGUlD":" 1234-5678-90" I' "onContext": [ "action":"extemalProcess", "contextGUlD":" 1234-5678-90", "process":"appName.exe", "script" :/Navigale to app page with Usernarne and Eu//name]
I
I
According to Framework Policy E, upon loading a page within the "www.bbc.co.uk" domain, a "getContext" framework action is generated with an "items" argument having two keys: a username and a full name. The "getContext" framework action also has a context GUID which is used to associated it with the appropriate "context" event.
[0088] Upon being sent a "getContext" action with these arguments, the browser plugin responds by generating a "context" event with "items" parameters equal to the user name and fullname of the web page and the appropriate "contextGUlD" parameter. This event, according to the Framework Policy E, results in the generation of an "externalProcess" nfl
-
action in which "appName" is controlled to navigate to a particular app page using the particular received user name and full name as parameters. The italicized text within the value field for the "script" argument represents a set of user inputs or API commands which carry out such a function, which will be dependent on the particular application or process being controlled.
[0089] If the framework action determiner 620 does not know how to handle a received framework event, it can be configured to ignore this framework event. Optionally, an alert (e.g., an eror message) can be generated and sent to users and/or administrators.
[0090] Refening now to the framework plugin 210 in FIG. 5, the framework action executor 550 can execute a framework action, e.g., received from a framework server; the webpage updater 560 can generate or update a webpage based on the framework action received from a framework server. In one example, the framework action executor 550 can execute the "closeTab" action illustrated in Framework Policy D -closing tabs of secure webpages. In another example, the webpage updater 560 can coordinate with the framework action executor 550 to execute the "disableElement" action illustrated in Framework Policy B -disabling the search button on the saleforce,com webpage, If the framework action executor 550 does not know how to handle a received framework action, it can be configured to ignore this framework action. Optionally, an alert (e.g., an error message) can be generated and sent to users and/or administrators.
[0091] According to embodiments of the disclosed subject matter, a web event framework can reduce system complexity. For example, the framework server 220 and the framework plugin 210 can be implemented free of complex business logic. The framework server 220 can simply be an event sink, receiving framework events from all event sources and determining framework actions based on the framework policy. According to embodiments of the disclosed subject matter, a web event framework can also improve flexibility and maintainability. For example, changing a framework policy itself can change the behaviors of a web event framework without modifying the framework server 220 and/or the framework plugin 210. According to embodiments of the disclosed subject matter, a web event framework can also increase extendibility. For example, adding framework events to a framework policy can expand the list of events handled by a web event framework without updating the framework server 220 and/or the framework plugin 210.
-24 - [0092] Referring back to the framework server 220 in FIG. 6, the policy store interface can allow the framework server 220 to retrieve or save a framework policy fromlto a policy store (e.g., 230). A policy store can reside locally on the same computing device as the framework server 220 or remotely on a different computing device, The framework policy configurator 670 can configure the framework server 220, e.g., based on a framework policy.
In some embodiments, the framework policy configurator 670 cail also customize a framework policy based on a user's or administrator's needs, [0093] FIG, 7 illustrates an exemplary operation 700 of an exemplary web event framework according to certain embodiments of the disclosed subject matter, The operation 700 can be modified by, for example, having stages rearranged, changed, added and/or removed.
[0094] At stage 705, a web event can be received at a framework plugin (e,g,, 210), The web event can be received from a web browser (e,g., 202) associated with the framework plugin. For example, a "Before Navigate" web event can be received when a web browser is about to navigate to a new webpage.
[0095] Alternatively, at stage 705', a framework action can be executed at the framework plugin (e,g., 210). The framework action may have been received from the framework server (e.g., 220; see steps 745 and 750) and may be the sort of action that produces a response from the plugin in the form of a framework event. For example, a "getContext" action can be received when the framework server is requiring specific data from a web page (e.g., 206) in order to carry out one or more framework policies, [0096] At stage 70, a framework event can be generated based on the web event or framework action. The framework event can be generated by the framework plugin (e.g., 210). For example, a "navigate" framework event can be generated in response to a "Before Navigate" web event, or a "context" event can be generated in response to a "getContext" action. If the framework plugin does not recognize a received web event, the web event can be ignored. Optionally, an alert (e.g., an error message) can be generated and sent to users and/or administrators, [0097] At stage 715, the framework event can be forwarded to a framework sewer (e.g., 220), The framework server 220 can be independent from and not associated with any web browser (e,g., 202), In one example, the framework server 220 can reside locally on the -25 -same computing device as the framework plugin 210 or browser 202; in another example the framework server 220 can reside remotely on a different computing device (e.g., over a network). The communication between a framework plugin and a framework server can be synchronous or asynchronous, e.g., based on a framework policy.
[0098] At stage 720, the framework event can be received at the framework server (e.g., 220). The framework event can be received from one or more framework plugins from a local or remote computing devices.
[0099] Alternatively or additionally, at stage 725, an external event can be received at the framework server (e.g., 220). The external event can be received from an external event source on a local or remote computing device. For example, the framework server 220 can receive a time event via the external event interface 630 from a system clock module indicating the time is 9AM or 5PM.
[01001 Optionally, at stage 730, a framework policy can be received. A framework policy can define how the framework server 220 determines a framework action based on an event. A framework policy can be received from a policy store (e.g., 230), which can reside either locally on the same computing device as the framework server 220 or remotely on a different computing device, At stage 735, the framework server (e.g., 220) can be customized, e.g., based on the framework policy received. In some embodiments, the framework policy configurator 670 can customize the framework server based on a framework policy.
[0101] At stage 740, a framework action can be determined at the framework server (e.g., 220). The framework action can be determined based on a framework event and/or an external event, The determination of a framework action can also be based on a framework policy as discussed earlier in this document. If the framework server does not recognize a received event, the event (framework event or external event) can be ignored, Optionally, an alert (e.g., an error message) can be generated and sent to users and/or administrators, [0102] At stage 745, the framework action can be forwarded to the framework plugin, e,g., by the framework server, In some embodiments, the framework plugin can be the same framework plugin where the corresponding framework event originates.
[0103] At stage 750, the framework action can be executed by the framework plugin.
The framework plugin can execute the framework action immediately, after a certain delay, -26 -or upon certain triggering event. The timing of execution can be customized and can be defined in a framework policy. In some embodiments, the framework action can be executed by the framework action executor 550 and/or webpage updater 560. If the framework plugin does not recognize a received framework action, the framework action can be ignored.
Optionally, an alert (e.g., an error message) can be generated and sent to users and/or administrators.
[0104] Alternatively or additionally, at stage 755, the framework action can be forwarded to a second framework plugin, e.g., by the framework server, In some embodiments, the second framework plugin can be different from the framework plugin where the corresponding framework event originates.
[0105] At stage 760, the framework action can be executed by the second framework plugin. The second framework plugin can execute the framework action immediately, after a certain delay, or upon certain triggering event. The timing of execution can be defined in a framework policy, In some embodiments, the framework action can be customized and can be executed by the framework action executor 550 and/or webpage updater 560 in the second framework plugin, If the second framework plugin does not recognize a received framework action, the framework action can be ignored. Optionally, an alert (eg,, an error message) can be generated and sent to users and/or administrators.
[0106] Alternatively or additionally, at stage 765, the framework action or event can be forwarded to a second framework server, e.g., by the framework server. In some embodiments, the second framework server can reside remotely and can communicate with other peer framework servers over a network, [0107] At stage 770, the framework action or event can be processed by the second framework server. When the second framework server receives a framework action from the framework server, the second framework server can forward to a second framework plugin associated with the second framework server. When the second framework server receives a framework event from the framework server, the second framework server can determine a second framework action based on the received framework event and a second framework policy, then forward the determined framework action to the second framework plugin associated with the second framework server, The second framework plugin can then execute the framework action received from the second framework server, -27 - [0108] Alternatively or additionally, at stage 775, an external process can be initiated.
The external process can be initiated based on the framework action. The external process can also be initiated based on a framework policy.
[0109] As an example of the framework operation 700, consider Framework Policy E above. In response to a web browser loading a page of the "www.bbc.co.uk" domain (step 705), the framework plugin associated with the browser generates a "pageLoad" event with parameters including the domain of the loaded page (step 710) and forwards the framework event to the framework sewer (step 715). The framework server receives the "pageLoad" event (step 720) and, based on the "onPageLoaded" policy from Framework Policy F, determines a "getContext" action (step 740) with a particular "contextGUlD" and certain "items" of data that it requires. The action is forwarded to the framework plugin (step 745) and executed by the framework plugin (step 745).
[0110] Upon executing the "getContext" framework action (step 705'), the framework plugin generates a "Context" framework event with the same "contextOulD" and parameters matching the required "items" of data (step 710). The framework plugin forwards the framework event to the framework server (715) which receives the "Context" framework event (720). Based on the "onContect" policy from Framework Policy F which matches the "contextGUllD" of the "Content" framework event, the framework sewer determines an "externaiProcess" action with a "script" argument based on the "items" parameters from the "Content" framework event (step 740). The system controls the "appName.exe" process according to the "externalProcess" framework action (step 775).
[0111] FIG. 8 illustrates a block diagram of an exemplary computing device 800 according to certain embodiments of the disclosed subject matter, The computing device 800 can include at least one processor 802 and at least one memory 804. The processor 802 can be hardware that is configured to execute computer readable instructions such as software.
The processor 802 can be a general processor or be an application specific hardware (e.g., an application specific integrated circuit (ASIC), programmable logic array (PLA), field programmable gate array (FPGA), or any other integrated circuit). The processor 802 can execute computer instmctions or computer code to perform desired tasks. The memory 804 can be a transitory or non-transitory computer readable medium, such as flash memory, a magnetic disk drive, an optical drive, a programmable read-only memory (PROM), a read- -28 -only memory (ROM), a random access memory (RAM), or any other memory or combination of memories, [0112] The computing device 800 can also optionally include a user interface (UI) 806, a file system module 808, and a communication interface 810. The UI 806 can provide an interface for users to interact with the computing device 800 in order to access the web event framework arrangement 2001300/400. The file system module 808 can be configured to maintain a list of all data files, including both local data files and remote data files, in every folder in a file system. The file system module 808 can be further configured to coordinate with the memory 804 to store and cache files/data. The communication interface 810 can allow the computing device 800 to communicate with external resources (e.g., a network or a remote client/server). The computing device 800 can also include a framework plugin 210, a framework server 220, and a policy store 230. The description of the framework plugin 210, the framework server 220, and the policy store 230 and their functionalities can be found in the discussion of FIGS. 1-7 and 9. The computing device 800 can include additional modules, fewer modules, or any other suitable combination of modules that perform any suitable operation or combination of operations.
[0113] It is to be understood that the disclosed subject matter is not limited in its application to the details of construction and to the arrangements of the components set forth in the following description or illustrated in the drawings. The disclosed subject matter is capable of other embodiments and of being practiced and carried out in various ways. Also, it is to be understood that the phraseology and terminology employed herein are for the purpose of description and should not be regarded as limiting.
[0114] As such, those skilled in the art will appreciate that the conception, upon which this disclosure is based, may readily be utilized as a basis for the designing of other stmctures, methods, and systems for carrying out the several purposes of the disclosed subject matter. It is important, therefore, that the claims be regarded as including such equivalent constructions insofar as they do not depart from the spirit and scope of the disclosed subject matter.
[0115] Although the disclosed subject matter has been described and illustrated in the foregoing exemplary embodiments, it is understood that the present disclosure has been made only by way of example, and that numerous changes in the details of implementation of the -29 -disclosed subject matter may be made without departing from the spirit and scope of the disclosed subject matter, which is limited only by the claims which follow.
[0116] A "server," "client," "agent," "module," "interface," and "host" is not software per se and includes at least some tangible, non-transitory hardware that is configured to execute computer readable instructions. In addition, the phrase "based on" does not imply exclusiveness -for example, if X is based on A, X can also be based on B, C, and/or D. What is claimed is:

Claims (10)

  1. CLAIMS1. A computerized method comprising: receiving, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser; executing the framework action by the framework plugin, wherein executing the framework action comprises: retrieving the specified context data from the web page; and generating, by the framework plugin, a framework event including the context data; forwarding the framework event to a framework server coupled to the framework plugin; receiving at the framework server the framework event from the framework plugin; determining, at the framework server, a framework action based on the framework event, including the specified data, and a framework policy; and sending instructions to an external process based on the specified data and the framework action.
  2. 2. The computerized method of claim 1, wherein the framework action is determined at the framework server based on a previous framework event received from the framework plugin.
  3. 3. The computerized method of claim 2, wherein the previous framework event is generated by the framework server in response to the framework server receiving a web event from the web browser.
  4. 4. The computeiized method of claim 3, wherein the web event is the web browser loading the web page.
  5. 5. The computerized method of claim 1, wherein the external process is a desktop application run on the same client computing device as the web browser.
  6. 6. The computerized method of claim 1, wherein sending the instructions comprises sending inputs that the external process interprets according to a user interface.
  7. 7. The computerized method of claim 1, further comprising receiving the framework policy from a policy store.
  8. 8. The computetized method of claim 2, further comprising customizing the framework server based on the framework policy.
  9. 9. The computerized method of claim 1, further comprising: receiving at the framework server an external event from an external event source; and determining, at the framework server, the framework action based on the external event and the framework policy.
  10. 10. The computerized method of claim 1, further comprising forwarding the framework action over a network to a second framework server.L The computerized method of claim 10, further comprising processing the framework action by the second framework server.2. The computerized method of claim 1, further comprising forwarding the framework event over a network to a second framework server.13. The computerized method of claim 12, further comprising determining at the second framework sewer a second framework action based on the framework event and a second framework policy.N. A computer system for a web event framework, comprising: a processor configured as a framework plugin coupled to a web browser, comprising: a framework server interface configured to receive a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browser; a browser interface configured to communicate with the web browser and retrieve the specified context data from the web page; and fin -).) -a framework event generator configured to generate a framework event including the context data; wherein the framework server interface is further configured to send the framework event to the framework sewer; the processor further configured as a framework server communicating with the framework plugin, comprising: a framework plugin interface configured to receive the framework event from the framework pugin, a framework action determiner configured to determine a framework action based on the framework event, including the specified data, and a framework policy, and an external process interface configured to send instructions to an external process based on the specified data and the framework action.15. The computer system of claim 14, wherein the framework server further comprises a policy store interface configured to receive the framework policy from a policy store.16. The computer system of claim 15, wherein the framework sewer further comprises a framework policy configurator configured to customize the framework server based on the framework policy.7. The computer system of claim 14, wherein the framework plugin further comprising a webpage updater configured to generate or modify a webpage, 18. The computer system of claim 14, wherein the framework sewer further comprises an external event interface configured to receive an external event from an external event source and the framework action determiner is further configured to determine the framework action based on the external event and the framework policy.19. The computer system of claim 14, wherein the framework plugin interface is further configured to communicate with a second framework plugin coupled with a second web browser.20. A non-transitory computer readable medium having executable instnictions operable to, when executed by a processor, cause the processor to: receive, at a framework plugin coupled to a web browser, a framework action from a framework server, the framework action including arguments specifying context data to retrieve from a web page loaded on the web browseç execute the framework action by the framework plugin, wherein executing the framework action comprises: retrieving the specified context data from the web page; and generating, by the framework plugin, a framework event including the context data; forward the framework event to a framework server coupled to the framework plugin; receive at the framework sewer the framework event from the framework plugin; determine, at the framework server, a framework action based on the framework event, including the specified data, and a framework policy; and send instnictions to an external process based on the specified data and the framework action.
GB1408483.4A 2013-05-13 2014-05-13 Context transfer from web page to application Withdrawn GB2517021A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/892,678 US10291615B2 (en) 2013-05-13 2013-05-13 Web event framework
US14/132,307 US9900367B2 (en) 2013-05-13 2013-12-18 Context transfer from web page to application

Publications (2)

Publication Number Publication Date
GB201408483D0 GB201408483D0 (en) 2014-06-25
GB2517021A true GB2517021A (en) 2015-02-11

Family

ID=51032700

Family Applications (1)

Application Number Title Priority Date Filing Date
GB1408483.4A Withdrawn GB2517021A (en) 2013-05-13 2014-05-13 Context transfer from web page to application

Country Status (2)

Country Link
US (1) US9900367B2 (en)
GB (1) GB2517021A (en)

Families Citing this family (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9912720B2 (en) 2013-05-13 2018-03-06 Appsense Us Llc Context aware browser policy
US10291615B2 (en) 2013-05-13 2019-05-14 Ivanti Us Llc Web event framework
US9450820B2 (en) * 2014-02-26 2016-09-20 International Business Machines Corporation Dynamic extensible application server management
US9876819B2 (en) * 2014-08-14 2018-01-23 Banff Cyber Technologies Pte Ltd Method and system for restoring websites
US11050789B2 (en) * 2017-06-15 2021-06-29 Palo Alto Networks, Inc. Location based security in service provider networks
US10708306B2 (en) 2017-06-15 2020-07-07 Palo Alto Networks, Inc. Mobile user identity and/or SIM-based IoT identity and application identity based security enforcement in service provider networks
US10812532B2 (en) 2017-06-15 2020-10-20 Palo Alto Networks, Inc. Security for cellular internet of things in mobile networks
US10721272B2 (en) 2017-06-15 2020-07-21 Palo Alto Networks, Inc. Mobile equipment identity and/or IOT equipment identity and application identity based security enforcement in service provider networks
US10834136B2 (en) 2017-06-15 2020-11-10 Palo Alto Networks, Inc. Access point name and application identity based security enforcement in service provider networks
US10693918B2 (en) 2017-06-15 2020-06-23 Palo Alto Networks, Inc. Radio access technology based security in service provider networks
US10671797B2 (en) * 2017-08-04 2020-06-02 Vmware, Inc. Unified graphical user interface views through frame break out
US11310284B2 (en) 2019-05-31 2022-04-19 Varmour Networks, Inc. Validation of cloud security policies
US11711374B2 (en) 2019-05-31 2023-07-25 Varmour Networks, Inc. Systems and methods for understanding identity and organizational access to applications within an enterprise environment
US11290493B2 (en) * 2019-05-31 2022-03-29 Varmour Networks, Inc. Template-driven intent-based security
US11290494B2 (en) 2019-05-31 2022-03-29 Varmour Networks, Inc. Reliability prediction for cloud security policies
US11575563B2 (en) 2019-05-31 2023-02-07 Varmour Networks, Inc. Cloud security management
US11863580B2 (en) 2019-05-31 2024-01-02 Varmour Networks, Inc. Modeling application dependencies to identify operational risk
US10997269B1 (en) * 2019-11-04 2021-05-04 EMC IP Holding Company LLC Using web application components with different web application frameworks in a web application
US11893199B2 (en) * 2020-06-10 2024-02-06 Microsoft Technology Licensing, Llc Systems and methods for viewing incompatible web pages via remote browser instances
US11876817B2 (en) 2020-12-23 2024-01-16 Varmour Networks, Inc. Modeling queue-based message-oriented middleware relationships in a security system
US11818152B2 (en) 2020-12-23 2023-11-14 Varmour Networks, Inc. Modeling topic-based message-oriented middleware within a security system
US11777978B2 (en) 2021-01-29 2023-10-03 Varmour Networks, Inc. Methods and systems for accurately assessing application access risk
US11734316B2 (en) 2021-07-08 2023-08-22 Varmour Networks, Inc. Relationship-based search in a computing environment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002031685A1 (en) * 2000-10-12 2002-04-18 Sap Portals Israel, Ltd. Client-based objectifying of hypertext pages
US20040003043A1 (en) * 2002-06-20 2004-01-01 International Business Machines Corporation Remote control of document objects in a collaborative environment
WO2005091107A1 (en) * 2004-03-16 2005-09-29 Netcraft Limited Security component for use with an internet browser application and method and apparatus associated therewith
US20090241143A1 (en) * 2008-03-18 2009-09-24 At&T Intellectual Property, Lp Method and System for Providing Set-Top Box Remote Access Functions in a Browser Extension

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7231661B1 (en) * 2001-06-21 2007-06-12 Oracle International Corporation Authorization services with external authentication
US6865599B2 (en) * 2001-09-04 2005-03-08 Chenglin Zhang Browser-to-browser, dom-based, peer-to-peer communication with delta synchronization
US7296235B2 (en) * 2002-10-10 2007-11-13 Sun Microsystems, Inc. Plugin architecture for extending polices
US7865931B1 (en) 2002-11-25 2011-01-04 Accenture Global Services Limited Universal authorization and access control security measure for applications
US7827607B2 (en) 2002-11-27 2010-11-02 Symantec Corporation Enhanced client compliancy using database of security sensor data
US7177915B2 (en) 2002-12-31 2007-02-13 Kurt Kopchik Method and apparatus for wirelessly establishing user preference settings on a computer
US7594256B2 (en) 2003-06-26 2009-09-22 Sun Microsystems, Inc. Remote interface for policy decisions governing access control
US7711832B1 (en) 2003-09-22 2010-05-04 Actional Corporation Enabling existing desktop applications to access web services through the use of a web service proxy
GB2412189B (en) * 2004-03-16 2007-04-04 Netcraft Ltd Security component for use with an internet browser application and method and apparatus associated therewith
US20050229104A1 (en) 2004-04-09 2005-10-13 Microsoft Corporation Add-on management
US7353375B2 (en) 2004-10-07 2008-04-01 Hewlett-Packard Development Company, L.P. Method and apparatus for managing processor availability using a microcode patch
US7937755B1 (en) 2005-01-27 2011-05-03 Juniper Networks, Inc. Identification of network policy violations
CN1835507A (en) * 2005-03-17 2006-09-20 国际商业机器公司 Method for the server side processing of user interactions with a web-browser
US20070198525A1 (en) 2006-02-13 2007-08-23 Microsoft Corporation Computer system with update-based quarantine
US8700788B2 (en) * 2006-08-18 2014-04-15 Smarticon Technologies, Llc Method and system for automatic login initiated upon a single action with encryption
US20080229288A1 (en) 2007-03-13 2008-09-18 Steve Nelson Software Plugin Modules for Device Testing
US8806637B2 (en) * 2007-06-11 2014-08-12 Red Hat, Inc. Authorization framework
US8286220B2 (en) 2008-09-23 2012-10-09 Zscaler, Inc. Browser access control
US20100313252A1 (en) 2009-06-08 2010-12-09 Erie Trouw System, method and apparatus for creating and using a virtual layer within a web browsing environment
US9137319B2 (en) 2009-11-13 2015-09-15 Adobe Systems Incorporated Browser privacy mode support
US9390172B2 (en) 2009-12-03 2016-07-12 Microsoft Technology Licensing, Llc Communication channel between web application and process outside browser
WO2011126911A1 (en) * 2010-03-30 2011-10-13 Authentic8, Inc Disposable browsers and authentication techniques for a secure online user environment
US8407461B2 (en) * 2010-12-17 2013-03-26 Oracle International Corporation Plug-in system for software applications
US8788627B2 (en) 2011-09-30 2014-07-22 Apple Inc. Interactive web application framework
US20130145361A1 (en) * 2011-12-01 2013-06-06 International Business Machines Corporation Discovering and installing web application plugins
US9679163B2 (en) 2012-01-17 2017-06-13 Microsoft Technology Licensing, Llc Installation and management of client extensions
US20140189804A1 (en) 2013-01-02 2014-07-03 Sap Ag Location-based application security mechanism
US9692854B2 (en) * 2013-01-23 2017-06-27 Facebook, Inc. Communication between a web-based application and a desktop application
US9912720B2 (en) 2013-05-13 2018-03-06 Appsense Us Llc Context aware browser policy
US10291615B2 (en) 2013-05-13 2019-05-14 Ivanti Us Llc Web event framework
US9167052B2 (en) 2013-05-13 2015-10-20 Appsense Limited Apparatus, systems, and methods for providing policy in network-based applications

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002031685A1 (en) * 2000-10-12 2002-04-18 Sap Portals Israel, Ltd. Client-based objectifying of hypertext pages
US20040003043A1 (en) * 2002-06-20 2004-01-01 International Business Machines Corporation Remote control of document objects in a collaborative environment
WO2005091107A1 (en) * 2004-03-16 2005-09-29 Netcraft Limited Security component for use with an internet browser application and method and apparatus associated therewith
US20090241143A1 (en) * 2008-03-18 2009-09-24 At&T Intellectual Property, Lp Method and System for Providing Set-Top Box Remote Access Functions in a Browser Extension

Also Published As

Publication number Publication date
US20140337743A1 (en) 2014-11-13
GB201408483D0 (en) 2014-06-25
US9900367B2 (en) 2018-02-20

Similar Documents

Publication Publication Date Title
US9900367B2 (en) Context transfer from web page to application
US10291615B2 (en) Web event framework
US10637888B2 (en) Automated lifecycle system operations for threat mitigation
US20120174225A1 (en) Systems and Methods for Malware Detection and Scanning
US20190036955A1 (en) Detecting data exfiltration as the data exfiltration occurs or after the data exfiltration occurs
AU2018318039B2 (en) Systems and methods for web collaboration
US11012400B1 (en) Triggering event notifications based on messages to application users
US10764352B2 (en) Context aware browser policy
US11704532B2 (en) Dynamic region based application operations
WO2021257289A1 (en) Invoking microapp actions from user applications
JP2014179025A (en) Connection destination information extraction device, connection destination information extraction method, and connection destination information extraction program
US11803635B2 (en) Passing local credentials to a secure browser session
US11651099B2 (en) Persisting encrypted remote browser data at a local browser for use in a remote browser
WO2022246635A1 (en) Shortcut keys for virtual keyboards
WO2021206832A1 (en) Remoting user credential information to a remote browser
US11949707B1 (en) Isolating suspicious links in email messages
US11824862B1 (en) Electronic resource access
US20240126913A1 (en) Persisting Encrypted Remote Browser Data At a Local Browser for Use in a Remote Browser
EP3308263B1 (en) Security of virtual desktop infrastructure clones

Legal Events

Date Code Title Description
732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20160602 AND 20160608

732E Amendments to the register in respect of changes of name or changes affecting rights (sect. 32/1977)

Free format text: REGISTERED BETWEEN 20190523 AND 20190529

WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)