Security standards for providing services, such as files or socket connections, over the Internet have evolved to include a prohibition on cross domain access. Cross domain access to a service occurs when a program or other entity downloaded from one domain attempts to access a service on another domain. For example, using the security standards of the Internet, a program downloaded from one domain may be prevented from requesting a file from another domain. Such prohibitions can ensure that a party providing the file can control how it is used by other programs, and can help maintain the security of the system on which the program runs.
The party providing the file, socket connection, or other service may, however, wish to provide access to the service to programs from other domains. For example, the party providing the service may operate two domains, and it can be advantageous to allow one domain to supply services to the other domain when both domains are operated by the same party. Additionally, a party may wish to provide access to services to certain domains not operated by that party, but nevertheless trusted by that party. Some parties may not be concerned about controlling access to services, and may wish to allow such access to services provided on one domain to any other domain.
Some parties may wish to provide access to services provided by their domain to certain other domains or all other domains, but in a limited fashion. For example, a party may wish to allow programs provided from other domains that were provided under the HTTPS protocol to access an HTTPS file, but not allow programs provided under the HTTP protocol from those same domains to access an HTTPS file. A party may wish to provide access to files to programs downloaded from certain domains or all domains, but limit the access only to certain subdirectories of the providing party's domain. A party may wish to allow access to socket connections from programs provided by another domain or all domains, as long as the socket connection requests are limited to certain port numbers or a range of port numbers.
It may be desirable to provide maximum flexibility to the party providing the service to permit the service to be provided to a program from a different domain from the party providing the service, but not allow the party providing the service to grant access in all ways. For example, a party may wish to fulfill socket connection requests from programs downloaded from certain domains or all domains, but it may be desirable to limit certain requests for such service for security reasons, even if the party has otherwise granted that request. For example, a party that makes the decision to grant access to socket connections for ports equal to or above 1024 may not otherwise have control of the lower-numbered ports, and so it may be desirable to restrict such parties from granting access to all ports in a domain.
It may be desirable to require that the program requesting the service or services for which permission is being granted specify the location from which such permission can be granted, while allowing certain default locations for permissions to be specified for programs that do not otherwise specify how to access such permission. It may be desirable to enforce such permissions on the client computer system rather than the computer system from which the service is provided. The client computer system may be in the best position to enforce such permissions, and it eliminates compatibility issues that could occur if competing permission enforcement mechanisms were used on each computer system providing the service.
It would be possible to enforce permissions via a server under control of the entity operating the client computer systems, whereby those servers contacted the servers at the domain from which the service was requested, received a description of permitted services and then enforced the permissions at the server under control of the entity operating the client computer systems, but such a method could take additional bandwidth and slow the access to the services and would require access to such a server, to which the client may not have access.
What is needed is a system and method that can allow a party operating a domain to control whether services can be provided from the domain to programs or other items downloaded from other domains, to control the manner in which services are provided to programs or other items downloaded from other domains, optionally on a per domain basis, either using a program specified location or a default location from which the permission may be specified, while limiting availability of services in some cases even if the operator of the domain allows the provision of the services, and can enforce such control via the client computer system on which the program or other item requesting such services operates.