06321334 is referenced by 303 patents and cites 15 patents.

Computer-based systems and methods are disclosed for a comprehensive security model for managing foreign content downloaded from a computer network. The methods and systems include the configuration of a system security policy that is stored on a host computer. The system security policy includes one or more independently configurable security zones. Each security zone corresponds to a group of network locations and may have one or more associated configurable protected operations that control the access to the host system by foreign content downloaded from the computer network. A protected operations may have one or more associated configurable permissions that define the capabilities of the protected operation. Each permission may be defined by one or more parameters and each parameter may be defined by one or more primitives. The permissions may be defined to enable the permission, disable the permission, or prompt the user when the permission is required. The permission may also be configured to the “fine grained” level of the primitives. Default permission levels that provide predefined parameter and primitive entries that are grouped as high security, medium security, and low security may be selected by the user at most levels of the configuration.

Title
Administering permissions associated with a security zone in a computer system security model
Application Number
9/116514
Publication Number
6321334 (B1)
Application Date
July 15, 1998
Publication Date
November 20, 2001
Inventor
Michael J Toutonghi
Seattle
WA, US
Craig T Sinclair
Redmond
WA, US
Jeffrey A Bisset
Issaquah
WA, US
Michael S Jerger
Kirkland
WA, US
Agent
Christensen O&apos Connor Johnson Kindness PLLC
US
Assignee
Microsoft Corporation
WA, US
IPC
G06F 12/24
View Original Source