Abstract: A computer device and respective method provides a primary clipboard accessible from a primary user account, while a sandbox is used to isolate and contain a secondary user account. A secondary clipboard is provisioned and associated with the secondary user account. The computer device, via an agent, intercepts requests from the secondary user account such as for cut, copy or paste type clipboard operations which are ordinarily directed toward the primary clipboard, and satisfies those clipboard operation requests instead by using the secondary clipboard.

Abstract: A computer device includes hardware with a connected peripheral device such as a camera or a microphone. An operating system is configured to operate the peripheral device using a device driver and a representative device object. An agent is configured to apply security attributes to the device object which permit access from a primary user account while preventing direct access to the device object by a secondary user account in a sandbox. The agent may intercept requests made toward the device object, examine each request, and then satisfy the request, when the request is allowed, by selectively arranging access to the device object from the sandboxed secondary user account.

Abstract: Content files are isolated in a sandbox as a content isolation environment formed by a secondary user account. Printing is controlled by an agent via a staging file of a secure file type. The agent intercepts print requests (e.g. print start requests and print end requests) in a printing sub-system of an operating system in order to coordinate and securely control printing of the untrusted content file via the intermediate staging file.

Abstract: A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

Abstract: Content files are isolated in a sandbox as a content isolation environment formed by a secondary user account. Printing is controlled by an agent via a staging file of a secure file type. The agent intercepts print requests (e.g. print start requests and print end requests) in a printing sub-system of an operating system in order to coordinate and securely control printing of the untrusted content file via the intermediate staging file.

Abstract: A computer device and method are described for controlling access to a resource. An execution environment executes a user process with access privileges according to a user security context. A security unit controls access to resources according to the user security context, with the user process making system calls to the security unit. A proxy hook module embedded within the user process intercepts the system call and generates a proxy resource access request. A proxy service module in a privileged security context validates the proxy resource access request from the proxy hook module and, if validated, obtains and returns a resource handle that permits access to the desired resource by the user process.

Abstract: A computer device and respective method provides a primary clipboard accessible from a primary user account, while a sandbox is used to isolate and contain a secondary user account. A secondary clipboard is provisioned and associated with the secondary user account. The computer device, via an agent, intercepts requests from the secondary user account such as for cut, copy or paste type clipboard operations which are ordinarily directed toward the primary clipboard, and satisfies those clipboard operation requests instead by using the secondary clipboard.

Abstract: A computer device includes hardware with a connected peripheral device such as a camera or a microphone. An operating system is configured to operate the peripheral device using a device driver and a representative device object. An agent is configured to apply security attributes to the device object which permit access from a primary user account while preventing direct access to the device object by a secondary user account in a sandbox. The agent may intercept requests made toward the device object, examine each request, and then satisfy the request, when the request is allowed, by selectively arranging access to the device object from the sandboxed secondary user account.

Abstract: A computer device and method are described for controlling access to a resource. An execution environment executes a user process with access privileges according to a user security context. A security unit controls access to resources according to the user security context, with the user process making system calls to the security unit. A proxy hook module embedded within the user process intercepts the system call and generates a proxy resource access request. A proxy service module in a privileged security context validates the proxy resource access request from the proxy hook module and, if validated, obtains and returns a resource handle that permits access to the desired resource by the user process.

Abstract: A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

Abstract: A computer device and method are provided to handle COM objects. A COM creating unit intercepts a request for creation of an elevated COM object by a first user process, determines whether the first user process is entitled to access the COM object, and creates the COM object without elevated privileges. A COM implementing unit intercepts a second user process that implements the COM object, confirms that the second user process is entitled to access the COM object and elevates the privilege level of the second user process to implement the elevated COM object.

Abstract: A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

Abstract: A computer device provides an execution environment that supports a plurality of processes. A plurality of key resources are associated with a security application that may perform process elevation to grant privileged access rights to a user process. A security module controls access to the key resources using an access control list. An anti-tamper mechanism creates a protection group as a local security group and adds a deny access control entry to the access control list. The anti-tamper mechanism intercepts the user process and creates a revised access token identifying the user process as a member of the protection group. The security module matches the protection group in the revised access token of the user process against the deny access control entry in the access control list of the key resources thereby restricting access by the user process even though the user process otherwise has privileges to access those resources.

Abstract: A computer device and method are provided to handle COM objects. A COM creating unit intercepts a request for creation of an elevated COM object by a first user process, determines whether the first user process is entitled to access the COM object, and creates the COM object without elevated privileges. A COM implementing unit intercepts a second user process that implements the COM object, confirms that the second user process is entitled to access the COM object and elevates the privilege level of the second user process to implement the elevated COM object.

Abstract: A computer device includes a download unit which downloads one or more files into a storage device. A file logging unit records a resource locator identifying a source network location of the file, when the file is downloaded, and associates the resource locator with a first fingerprint of the file. A system policy unit stores the resource locator associated with a process control policy relevant to the file. A process control unit is arranged to obtain a second fingerprint of the file upon launching a process in a runtime execution environment, retrieve the resource locator from the file logging unit by matching the second fingerprint with the first fingerprint, retrieve the process control policy from the system policy unit according to the retrieved resource locator, and selectively apply process execution privileges which determine execution of the process in the runtime execution environment according to the retrieved process control policy.

Abstract: A computer device and method are described for controlling access to a resource. An execution environment executes a user process with access privileges according to a user security context. A security unit controls access to resources according to the user security context, with the user process making system calls to the security unit. A proxy hook module embedded within the user process intercepts the system call and generates a proxy resource access request. A proxy service module in a privileged security context validates the proxy resource access request from the proxy hook module and, if validated, obtains and returns a resource handle that permits access to the desired resource by the user process.

Abstract: A computer device provides an execution environment that supports a plurality of processes. A plurality of key resources are associated with a security application that may perform process elevation to grant privileged access rights to a user process. A security module controls access to the key resources using an access control list. An anti-tamper mechanism creates a protection group as a local security group and adds a deny access control entry to the access control list. The anti-tamper mechanism intercepts the user process and creates a revised access token identifying the user process as a member of the protection group. The security module matches the protection group in the revised access token of the user process against the deny access control entry in the access control list of the key resources thereby restricting access by the user process even though the user process otherwise has privileges to access those resources.