On May 11th, Google purchased security company Green Border Technologies, Inc.
Green Border has a handful of patent applications pending, and a granted patent for their security software. One of the names that appear on most of the documents is Ulfar Erlingsson, who left the company in 2003 to join Microsoft Research.
The software from the Mountain View, California based company works to isolate internet sessions from the rest of a user’s PC. I’ve seen speculation that this software might be offered to Google users as part of the free Google Pack software download. The software might also be used by the search engine to crawl sites using client software to locate malware.
Patent
Methods and systems for providing a secure application environment using derived user accounts
Invented by Ulfar Erlingsson
Assigned to Green Border Technologies
United States Patent 7,191,469
Granted March 13, 2007
Filed: June 14, 2002
Abstract
A secure application environment (“SAE”) may be created by using derivation transformations (“DTs”) to create a derived user account (“DUA”) based on the original user account (“OUA”). An SAE may be created by selecting for each resource whose access is controlled by the OUA a DT that provides security for that resource without, whenever possible, reducing the functionality of the system as a whole, and creating a means for accessing a version of each resource based on the selected DT that may be accessed by an insecure actor.
Patent Applications
Method and system for assured denotation of application semantics
Invented by Ulfar Erlingsson
US Patent Application 20030179244
Published September 25, 2003
Filed: March 3, 2003
Abstract
Method and system are disclosed for assured denotation of application semantics (“ADAS”). In a computer system operating at least one application, a method is disclosed for providing assured denotation of application semantics associated with the application. A graphical operation is received for the application. The graphical operation includes at least one argument. The argument is intercepted for the graphical operation, and modified for the graphical operation to provide an indication of at least one application semantic associated with the application.
Systems and methods for secure client applications
Invented by Amit Joshi, Ananta Iyengar, Anurag Sharma, Finnur Thorarinsson, Johann Sigurdsson, Sanjeev Radhakrishnan, Sigurdur Asgeirsson, Sunil Shilimkar, Tomas Gunnarsson, and Wayne Gray
US Patent Application 20050149726
Published July 7, 2005
Filed: October 21, 2004
Abstract
An innovative security solution which separates a client into a Protected Context, which is the real files and resources of the client, and an Isolated Context, which is a restricted execution environment which makes use of virtualized resources to execute applications and modify content in the Isolated Context, without allowing explicit access to the resources in the Protected Context. The solution further consolidates user interfaces to allow users to seamlessly work with content in both contexts, and provide a visual indication of which display windows are rendered from content executed in the Isolated Context.
Systems and methods for transparent configuration authentication of networked devices
Invented by Ulfar Erlingsson, Xavier Boyen, Darrell Anderson, and Wayne Gray
US Patent Application 20040083369
Published April 29, 2004
Filed: July 25, 2003
Abstract
Methods and systems are disclosed for providing secure transmissions across a network comprising a transmitting device and a receiving device. At the transmitting device, a stream of watermark bits is generated. Next, a plurality of watermarks is generated, each of the plurality of watermarks comprising an index number and a portion of the stream of watermark bits. The watermarks are inserted into each header of a plurality of outgoing packets. At the receiving device, the plurality of outgoing packets is received and it is determined if a received packet is valid based on the watermark in the header of the received packet. The stream of watermark bits may be generated using a stream cipher such as RC4, a block cipher such as 3DES in CBC mode, or other equivalent pseudo-random stream generating techniques.
Altered states of software component behavior
Invented by Ulfar Erlingsson
US Patent Application 20030131152
Published July 10, 2003
Filed: February 22, 2002
Abstract
An altered states engine executes in computer memory, controlling the execution of at least one software component based upon condition-dependent rules. Responses to requests for system resources are modified, and code is executed such that the software components execute desired functionality, as specified by the rules.
Thanks for the link Bill. If you’ve haven’t been by Social Strategist recently, make sure to come and see my post on The Google Information Ecosystem. I think you’ll find it interesting, and I’d love to get your feedback on it.
Best,
Jay