An online system receives a content item including a link to a landing page and determines a likelihood the landing page violates an online system policy based on a structural similarity between the landing page and a web page violating the policy. To determine the likelihood, the online system determines a hierarchical structure associated with the web page violating the policy and an additional hierarchical structure associated with the landing page. The hierarchical structure represents a structure of at least a portion of the web page and the additional hierarchical structure represents a structure of a corresponding portion of the landing page. The online system compares the hierarchical structure and additional hierarchical structure. Based on the comparison, the online system computes a measure of dissimilarity between the hierarchical structure and additional hierarchical structure and determines a likelihood the landing page violates the policy based on the measure of dissimilarity.

A method, computer program product and computer system are provided to promote device usage compliance. A processor retrieves a current position for a device. A processor determines at least one nearby location based on the current position of the device. A processor retrieves search data regarding the at least one nearby location. A processor determines compliance information regarding the at least one location based, at least in part, on the search data. A processor configures the device based on the compliance information regarding the at least one location.

Methods, systems, and media are shown for session control by a proxy service of client-side applications in a client. A service request from a client is received by the proxy service and forwarded to a service provider, which sends a service response with a document. Event monitoring code is injected into the document and the response is forwarded to the client. The event monitoring code intercepts a user action and sends a query to the proxy service to determine whether the user action is permitted. The proxy service checks the user action against access data defined for the document and sends a query response to the event monitoring code indicating whether the user action is permitted. If the user action is permitted, the event monitoring code allows normal execution flow. If the user action is denied, the code blocks further execution.

Parental control of child's web-based digital content experience, which can be applied to other contexts such as education, the workplace or other organizations. Trust relationships authorize specified users or organizations to permit access to content or resources by other users. Collection curation including content reputation and age appropriate ratings disclosed.

Some embodiments may be associated with a cloud-based actor framework. A dispatcher platform may determine that a first tenant actor is to be created for a first tenant in connection with a workload associated with a plurality of tenant identifiers. The first tenant may be, for example, associated with a first tenant identifier. The dispatch platform may then select a first thread for the first tenant actor from a pool of available threads and spin a first web assembly module such that execution of the first web assembly module is associated with a first web assembly browser sandbox. The dispatcher platform can then securely create the first tenant actor within the first web assembly browser sandbox to execute the workflow for the first tenant identifier. Similarly, a second web assembly browser sandbox may execute a second tenant actor for a second tenant identifier.

Embodiments of the present disclosure provide methods, apparatus, systems, computer program products for supporting communication functionality in an interactive electronic technical manual system (IETM) configured to provide electronic and credentialed access via an IETM viewer to technical documentation for an item. In one embodiment, a method is provided comprising: providing a window comprising a communication session option; receiving input of a selection of the communication session option; responsive to receiving the input: identifying active users who are signed into the IETM for a particular object of the item based on credentials for the user and the user being signed into the IETM for the particular object; and causing display of an identifier for each active user on the window as selectable; receiving input of a selection of an indicator for an active user; and responsive to receiving the input, initiating a communication session with the active user within the IETM.

A technique for verifying an origin of a digital object in a digital object architecture is described. The technique includes the steps of receiving, from a handle registry, handle information for a digital object that includes an attestation that references the handle identification value for the handle and origin identification information; verifying the authenticity of the attestation; after verifying the authenticity of the attestation, using the origin information in determining authorizations applicable to the digital object.

A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response.

A system and method for authenticating a user that requests access to services of a computer network, including using a unique communication address for authentication and identification. One of the methods includes globally assigning unique communication addresses to users and devices, the devices being uniquely associated with respective users. Unique communication addresses associate with the users are used for authenticating and identifying the users. A login function is used through the devices, the devices each being mapped to a unique communication address using a hardware identity configured for sending and receiving information over a network.

Described herein is a system and method for identifying a vulnerability of an application (e.g., web application). A message comprising a request and associated execution flow of the application in response to the request is received. The message is analyzed to determine whether the execution flow includes a function pre-defined as interesting. In response to determining that the execution flow includes the function pre-defined as interesting, a determination is made that the function pre-defined as interesting comprises a vulnerability of the application. In response to determining that the function pre-defined as interesting comprises a vulnerability of the application, an action is taken with respect to the vulnerability. The action can include, for example, providing information regarding the identified vulnerability and/or blocking execution of particular code of the application.