Users of computing devices often view, edit, and create digital information that is intended to remain within a single information domain. For instance, a user may work with an email client maintaining an employer-provided email account, while also interacting with a chat program hosting a chat between the user and a social acquaintance. The email client in this example is part of a corporate information domain managed by the employer, while the chat program is part of a personal information domain managed by the user. For security, privacy, or other reasons, it may be desired to prevent the exchange of data between these two information domains. The employer may desire that the information associated with the email client, such as the content of the email messages and the email account password stored by the program, remain within that corporate domain, and that the contents of the chat be prevented from entering the corporate domain, and vice versa. By way of specific example, the employer may wish to prevent a user from copying the contents of an email message (from within the email client) into a chat dialog box of the chat program, and the user may wish to prevent the inadvertent sending of a reply email in the corporate domain containing a message that was intended to be placed into the chat window in the personal domain.
Corporate and personal domains are just two examples of domains that might be defined for the containment of information. Other examples include, but are not limited to: a healthcare domain—containing patient information and/or applications that use patient information; finance—containing sensitive financial data; and government—containing encrypted confidential information that is decryptable by a verified application but that is not to be copied or duplicated.
What is needed is an effective and secure way of allowing a user to interact with separate domains as part of a single interface, while the cross-domain transfer of information is prevented.