Microsoft Corporation
CONTEXT MENU SECURITY POLICY ENFORCEMENT

Abstract:

Context menu item operations pose risks to sensitive data, such as confidentiality violations from data exfiltration during "search" or "translate" communications with external sites, as well as "paste", "delete", "move" and other context menu item operations that may harm data integrity or data availability even if no external site is involved. Control scripts injected by a security broker or proxy, working with event listeners in a web page, may be used to monitor and control web browser context menu item displays and functionalities based on suggested or mandated context menu policy actions obtained from a policy server. Policy that is specific to context menus is also enforced in other interactive programs that use context menus, thereby protecting sensitive data against both malevolent efforts and innocent mistakes. Protection may be provided for any kind of sensitive data, regardless of the sensitivity designation criteria or mechanism.