Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

Abstract: Methods, systems, and apparatus, including medium-encoded computer program products, for installing software include receiving a request to install a software product on a device and identifying the software product and the source of the software product based on the request. A message, which includes data identifying the software product and the source of the software product, is transmitted to a remote update device. An authorization message is received from the remote update device indicating whether the source of the software product is authorized to provide the software product. If the authorization message indicates that the source of the software product is authorized to provide the software product, the software product is automatically installed on the device.

Abstract: A method and system for determining whether to allow a network browser action when a transition occurs between security zones as a result of the action is provided. Gaining access to a local machine zone may be a goal for unauthorized entities attempting to improperly access a user's content. The present invention therefore may be initiated to block transitions from the security zones with stricter security restrictions to zones with less security restrictions. In addition, a selected alternative may be commenced depending on the relative weight of the security zones involved the zone transition. Depending on the relative weight of security zones, the transition between zones may be allowed, prevented, or the user may be prompted to decide whether to allow or prevent the action that results in the zone transition.

Abstract: Described is a method and system by which document servers/applications (document objects) hosted by the browser may integrate with the browser's travel log. As a result, the user can use browser navigation commands, particularly forward and back commands, as well as a drop-down list of entries, to navigate among a hosted document's pages. Integration also allows the document object to add travel entries, persist relevant state, delete travel entries and update existing travel entries with new state. The browser and document object may communicate to update the browser's address bar, and to communicate various navigation events to keep each other synchronized. In one implementation, the browser limits navigation to top-level travel entries and the sub-navigation entries of the currently hosted document object, by filtering out sub-navigation entries that do not correspond to the currently-hosted document object. Frames no longer valid are also filtered from those available for navigation.

Abstract: Various embodiments pertain to ascertaining domain contexts. In one embodiment, an application receives content that may contain a script (i.e. code). In this case, the domain context is ascertained and the script is executed in the context of the domain associated with the received content, rather than requiring the application or some other component to navigate to a location, such as a web location, to attempt to ascertain the domain context of the script. In another embodiment, third party objects or code are required to provide their domain context to an application in order for the application to make a security-based decision.

Abstract: Described is a method and system by which document servers/applications (document objects) hosted by the browser may integrate with the browser's travel log. As a result, the user can use browser navigation commands, particularly forward and back commands, as well as a drop-down list of entries, to navigate among a hosted document's pages. Integration also allows the document object to add travel entries, persist relevant state, delete travel entries and update existing travel entries with new state. The browser and document object may communicate to update the browser's address bar, and to communicate various navigation events to keep each other synchronized. In one implementation, the browser limits navigation to top-level travel entries and the sub-navigation entries of the currently hosted document object, by filtering out sub-navigation entries that do not correspond to the currently-hosted document object. Frames no longer valid are also filtered from those available for navigation.

Abstract: A model restricts un-trusted data/objects from running on a user's machine without permission. The data is received by a protocol layer that reports a MIME type associated with the DATA, and caches the data and related cache file name (CFN). A MIME sniffer is arranged to identify a sniffed MIME type based on the cached data, the CFN, and the reported MIME type. Reconciliation logic evaluates the sniffed MIME type and the CFN to determine a reconciled MIME type, and to update the CFN. A class ID sniffer evaluates the updated CFN, the cached data, and the reconciled MIME type to determine an appropriate class ID. Security logic evaluates the updated CFN, the reported class ID, and other related system parameters to build a security matrix. Parameters from the security matrix are used to intercept data/objects before an un-trusted data/object can create a security breach on the machine.

Abstract: A security model restricts binary behaviors on a machine based on identified security zones. Binary behaviors can be attached to an element of a document, web-page, or email message. The binary behavior potentially threatens security on the local machine. A security manager intercepts download requests and/or execution requests, identifies a security zone for the requested binary behavior, and restricts access based on the security zone. The binary behavior can identify a security zone according to the related URL. In one example, all binary behaviors associated with a security zone are handled identically. In another example, a list of permissible binary behaviors is associated with a security zone such that only specified binary behaviors are granted access. In still another example, a list of impermissible binary behaviors is associated with a security zone such that binary behaviors that are found in the list cannot initiate access.

Abstract: A method and system for determining whether to allow a network browser action when a transition occurs between security zones as a result of the action is provided. Gaining access to a local machine zone may be a goal for unauthorized entities attempting to improperly access a user's content. The present invention therefore may be initiated to block transitions from the security zones with stricter security restrictions to zones with less security restrictions. In addition, a selected alternative may be commenced depending on the relative weight of the security zones involved the zone transition. Depending on the relative weight of security zones, the transition between zones may be allowed, prevented, or the user may be prompted to decide whether to allow or prevent the action that results in the zone transition.

Abstract: A method and system for locking down a local machine zone associated with a network browser is provided. Placing the local machine zone in a lockdown mode provides stricter security settings that are applied to active content attempting to publish within a local page open in the network browser. The stricter setting are provided in a new set of registry keys that correspond to the lockdown mode of the local machine zone. The original security settings remain unchanged so that other systems and applications functionality that depends on the original security settings remains unaffected for the local machine zone. A user may also selectively allow active content to render despite the local machine zone being locked down.

Abstract: An electronic circuit for use on a contactor is disclosed. The electronic circuit may be encased in a housing and mounted to a coil cover on the front of a contactor for applying control power to the coil for a selected time period to enable the contactor to change its state and be held in the changed state. Thereafter, the electronic circuit disconnects the supply to the coil thereby preventing coil burn out. The control power is only applied after initiation of an input signal from a switch and after a controller in the electronic circuit has slept for a first predetermined period of time so as not to register any bounce from the input signal. The electronic circuit may include an auxiliary contact status check for providing error free activation of the mechanically held contactor when changing state of the contactor. A contactor employing the electronic circuit of the present invention and a method of using the electronic circuit on a contactor are further disclosed.

Abstract: An electronic circuit for use on a contactor is disclosed. The electronic circuit may be encased in a housing and mounted to a coil cover on the front of a contactor for applying control power to the coil for a selected time period to enable the contactor to change its state and be held in the changed state. Thereafter, the electronic circuit disconnects the supply to the coil thereby preventing coil burn out. The control power is only applied after initiation of an input signal from a switch and after a controller in the electronic circuit has slept for a first predetermined period of time so as not to register any bounce from the input signal. The electronic circuit may include an auxiliary contact status check for providing error free activation of the mechanically held contactor when changing state of the contactor. A contactor employing the electronic circuit of the present invention and a method of using the electronic circuit on a contactor are further disclosed.