Abstract: A remote browsing session is initiated between a remote browser client executing on a client device and a remote browser host executing on a remote browser server. The remote browser host receives from the client device, encrypted remote browser data of remote browser data that affects the remote browser session. The remote browser client does not have access to a decryption key for the encrypted remote browser data. The encrypted remote browser data is decrypted to reveal the remote browser data including data for one or more cookies. The remote browser host is configured with the remote browser data. The remote browser host manages updates to the remote browser data during the remote browsing session including updates to one or more cookies. Periodically, updates to the remote browser data are encrypted and transmitted to the remote browser client for storage.

Abstract: A server receives from a browser executing on a client device an HTTP request. The server transmits a response to the HTTP request to the browser. The response includes code that when executed by the browser, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network. The server receives, from the non-HTTP layer 7 protocol client executing in the browser, data related to the non-HTTP layer 7 protocol service. The server proxies the data related to the non-HTTP layer 7 protocol service over a layer 4 tunnel that is interfaced with the non-HTTP layer 7 protocol service. The server logs event data received from the non-HTTP layer 7 protocol client executing in the browser.

Abstract: Methods, systems, and techniques for application isolation by remote-enabling applications are provided. Example embodiments provide an Adaptive Rendering Application Isolation System (“ARAIS”), which transparently enables applications to run in an isolated execution environment yet be rendered locally in a manner that facilitates preventing theft of sensitive information while allowing users to interact with any third-party application or website via the local environment without overburdening available bandwidth or computational resources by, in some cases, evaluating only select information responsive only to select events, as compared to whitelist/blacklist techniques, monitoring all information provided by the user, or other techniques. The ARAIS typically includes an orchestrator server that comprises one or more of a sensitive-information theft-prevention logic engine, information-theft prevention engines, or a rules engine.

Abstract: A server receives from a client device that is executing a web browser application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the web browser application to render portion(s) of output based on the draw commands. The server receives an input event from the web browser application. The server provides the client one or more draw commands based on the input event to cause the web browser application to render portion(s) of output based on those draw commands.

Abstract: A client device instantiates an isolator application. A request to instantiate a remote application in a server device is sent by the isolator application instance. The isolator application instance receives, from the remote application instance, draw commands and position information that correspond to the draw commands. The isolator application instance renders one or more portions of output based on the draw commands and the position information.

Abstract: A server receives from a client device that is executing a client application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the client application to render portion(s) of output based on the draw commands. The server receives an input event from the client application. The server provides the client one or more draw commands based on the input event to cause the client application to render portion(s) of output based on those draw commands.

Abstract: A server receives from a client device that is executing a web browser application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the web browser application to render portion(s) of output based on the draw commands. The server receives an input event from the web browser application. The server provides the client one or more draw commands based on the input event to cause the web browser application to render portion(s) of output based on those draw commands.

Abstract: A server receives from a client device that is executing a client application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the client application to render portion(s) of output based on the draw commands. The server receives an input event from the client application. The server provides the client one or more draw commands based on the input event to cause the client application to render portion(s) of output based on those draw commands.

Abstract: A server receives from a browser executing on a client device an HTTP request. The server transmits a response to the HTTP request to the browser. The response includes code that when executed by the browser, executes a non-HTTP layer 7 protocol client that communicates with a non-HTTP layer 7 protocol service at an external network. The server receives, from the non-HTTP layer 7 protocol client executing in the browser, data related to the non-HTTP layer 7 protocol service. The server proxies the data related to the non-HTTP layer 7 protocol service over a layer 4 tunnel that is interfaced with the non-HTTP layer 7 protocol service. The server logs event data received from the non-HTTP layer 7 protocol client executing in the browser.

Abstract: A client device instantiates an isolator application. A request to instantiate a remote application in a server device is sent by the isolator application instance. The isolator application instance receives, from the remote application instance, draw commands and position information that correspond to the draw commands. The isolator application instance renders one or more portions of output based on the draw commands and the position information.

Abstract: A remote browsing session is initiated between a remote browser client executing on a client device and a remote browser host executing on a remote browser server. The remote browser host receives from the client device, encrypted remote browser data of remote browser data that affects the remote browser session. The remote browser client does not have access to a decryption key for the encrypted remote browser data. The encrypted remote browser data is decrypted to reveal the remote browser data including data for one or more cookies. The remote browser host is configured with the remote browser data. The remote browser host manages updates to the remote browser data during the remote browsing session including updates to one or more cookies. Periodically, updates to the remote browser data are encrypted and transmitted to the remote browser client for storage.

Abstract: Layer 7 protocol (non-HTTP) client applications are executed in the browser. The non-HTTP layer 7 protocol client application connects to a compute server that proxies layer 4 packets to the origin network that has the non-HTTP layer 7 protocol service. As an example, an SSH client (a non-HTTP layer 7 protocol) can execute in the browser and the TCP packets (layer 4 packets) are proxied by a compute server to the origin network that has the appropriate SSH server. The non-HTTP layer 7 protocol client application allows users to run commands or otherwise interact with the client as if they were using a native application (one that is not executed within the browser) without any client-side configuration or agent.

Abstract: Layer 7 protocol (non-HTTP) client applications are executed in the browser. The non-HTTP layer 7 protocol client application connects to a compute server that proxies layer 4 packets to the origin network that has the non-HTTP layer 7 protocol service. As an example, an SSH client (a non-HTTP layer 7 protocol) can execute in the browser and the TCP packets (layer 4 packets) are proxied by a compute server to the origin network that has the appropriate SSH server. The non-HTTP layer 7 protocol client application allows users to run commands or otherwise interact with the client as if they were using a native application (one that is not executed within the browser) without any client-side configuration or agent.

Abstract: A remote browsing session is initiated between a remote browser client executing on a client device and a remote browser host executing on a remote browser server. The remote browser host receives from the client device, encrypted remote browser data of remote browser data that affects the remote browser session. The remote browser client does not have access to a decryption key for the encrypted remote browser data. The encrypted remote browser data is decrypted to reveal the remote browser data including data for one or more cookies. The remote browser host is configured with the remote browser data. The remote browser host manages updates to the remote browser data during the remote browsing session including updates to one or more cookies. Periodically, updates to the remote browser data are encrypted and transmitted to the remote browser client for storage.

Abstract: A server receives from a client device that is executing a web browser application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the web browser application to render portion(s) of output based on the draw commands. The server receives an input event from the web browser application. The server provides the client one or more draw commands based on the input event to cause the web browser application to render portion(s) of output based on those draw commands.

Abstract: A server receives from a client device that is executing a web browser application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the web browser application to render portion(s) of output based on the draw commands. The server receives an input event from the web browser application. The server provides the client one or more draw commands based on the input event to cause the web browser application to render portion(s) of output based on those draw commands.

Abstract: Methods, systems, and techniques for application isolation by remote-enabling applications are provided. Example embodiments provide an Adaptive Rendering Application Isolation System (“ARAIS”), which transparently enables applications to run in an isolated execution environment yet be rendered locally in a manner that facilitates preventing theft of sensitive information while allowing users to interact with any third-party application or website via the local environment without overburdening available bandwidth or computational resources by, in some cases, evaluating only select information responsive only to select events, as compared to whitelist/blacklist techniques, monitoring all information provided by the user, or other techniques. The ARAIS typically includes an orchestrator server that comprises one or more of a sensitive-information theft-prevention logic engine, information-theft prevention engines, or a rules engine.

Abstract: A server receives from a client device that is executing a web browser application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the web browser application to render portion(s) of output based on the draw commands. The server receives an input event from the web browser application. The server provides the client one or more draw commands based on the input event to cause the web browser application to render portion(s) of output based on those draw commands.

Abstract: A server receives from a client device that is executing a client application a request to initiate a remote application in the server. The server instantiates an instance of the remote application. The server intercepts draw commands associated with the remote application instance. The server provides the draw commands to the client to cause the client application to render portion(s) of output based on the draw commands. The server receives an input event from the client application. The server provides the client one or more draw commands based on the input event to cause the client application to render portion(s) of output based on those draw commands.

Abstract: A client device instantiates an isolator application. A request to instantiate a remote application in a server device is sent by the isolator application instance. The isolator application instance receives, from the remote application instance, draw commands and position information that correspond to the draw commands. The isolator application instance renders one or more portions of output based on the draw commands and the position information.