Abstract: A browser application programming interface is exposed to a web application to verify an identify of a user using user-specific identity information stored by the browser. Cryptographic information associated with the user is transmitted from the browser application programming interface to the web application. User-specific content is provided to the user through the web application if the web application verifies an identify of the user via the browser application programming interface using the cryptographic information.

Abstract: Methods and systems for sharing a security model with heterogeneous virtual machines (VMs) are provided. A method for sharing a security model with heterogeneous VMs may include making a direct function call to an object model from each of two or more heterogeneous VMs using a direct binding generated for the respective VM based on the respective VM and a security policy. The direct bindings of the two or more heterogeneous VMs share the security policy. The method may also include ensuring only one of the two or more heterogeneous VMs interacts with the object model at a time. A system for sharing a security model with heterogeneous VMs may include a heterogeneous VM manager and a heterogeneous VM scheduler. The system may further include a principal tracker and a proxy component.

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Abstract: Systems, methods and articles of manufacture for process-based domain isolation are discussed herein. A method embodiment includes determining domains associated with a plurality of content areas and rendering content areas associated with different domains into separate processes, wherein each domain from the one or more domains is associated with a separate process that communicates with its respective individual domain. The method further comprises identifying browsing instances including content areas that can script each other, identifying site instances including content areas sharing a common domain, and controlling communication between content areas across the identified site instances within each browsing instance.

Abstract: Embodiments of invention relate to automatically updating browser extensions. In an embodiment, a method for updating browser extensions is provided. In the method, an input to execute a browser extension installed in a local browser extension database is received. In response to receipt of the input, a remote server is automatically communicated with to determine whether a portion of the browser extension should be updated. An updated portion of the browser extension is received if the browser extension should be updated. Finally, the updated portion of the browser extension is installed in the local browser extension database.

Abstract: A rendering engine may be configured to execute, within a first execution environment, a page script of a page to be rendered within a browser interface, the page script configured to interact with a page model to implement the rendering. An extension manager may be configured to execute an extension file which modifies a functionality of a browser application in association with the rendering of the page, including detecting a content script associated with the extension file which, during execution, interacts with the page model. An environment manager may be configured to create a second execution environment for execution of the content script file therein by the rendering engine.

Abstract: A browser application programming interface is exposed to a web application to verify an identify of a user using user-specific identity information stored by the browser. Cryptographic information associated with the user is transmitted from the browser application programming interface to the web application. User-specific content is provided to the user through the web application if the web application verifies an identify of the user via the browser application programming interface using the cryptographic information.

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Abstract: A system and a computer-implemented method for processing a cookie description file are provided. A browser provides the cookie description file that includes meta-information associated with cookies that are associated with a domain. The meta-information includes cookie information specific to each cookie. The cookie description file is parsed and the meta-information associated with each cookie is extracted. The parsed meta-information is displayed in a user-readable format on a client device.

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Abstract: Methods and systems for sharing a security model with heterogeneous virtual machines (VMs) are provided. A method for sharing a security model with heterogeneous VMs may include making a direct function call to an object model from each of two or more heterogeneous VMs using a direct binding generated for the respective VM based on the respective VM and a security policy. The direct bindings of the two or more heterogeneous VMs share the security policy. The method may also include ensuring only one of the two or more heterogeneous VMs interacts with the object model at a time. A system for sharing a security model with heterogeneous VMs may include a heterogeneous VM manager and a heterogeneous VM scheduler. The system may further include a principal tracker and a proxy component.

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Abstract: A rendering engine may be configured to execute, within a first execution environment, a page script of a page to be rendered within a browser interface, the page script configured to interact with a page model to implement the rendering. An extension manager may be configured to execute an extension file which modifies a functionality of a browser application in association with the rendering of the page, including detecting a content script associated with the extension file which, during execution, interacts with the page model. An environment manager may be configured to create a second execution environment for execution of the content script file therein by the rendering engine.

Abstract: According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.