Multi-tenant environment using pre-readied trust boundary components
First Claim
1. A computing system comprising:
- one or more processors;
one or more computer-readable storage devices having stored thereon computer-executable instructions that are configured to be executed by the one or more processors to cause the computing system to configure the computing system to perform a method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising;
before determining that a new process associated with a tenant is to be run in the multi-tenancy environment, pre-readying a plurality of trust boundary components within the computing system, each of the pre-readied trust boundary components being instantiated, initialized, and pre-booted but not yet operating and each of the pre-readied trust boundary components being enabled, after having been started, to host one or more resource containers and one or more processes in the multi-tenancy environment;
determining that the new process associated with the tenant is to run in the multi-tenancy environment; and
in response to determining that the new process is to be run;
commencing running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and
hosting and running the new process associated with the tenant within the now running pre-readied trust boundary component.
1 Assignment
0 Petitions
Accused Products
Abstract
The low latency use of a multi-tenancy environment. To protect against hostility between tenants within different trust domains, tenant(s) of a common trust domain are run within a trust boundary component. Thus, there is security to protect against potential hostility between tenants of different trust domains. In order to quickly start up trust boundary components, there are multiple pre-readied (e.g., initialized, pre-booted, and/or snapshotted) trust boundary components that may be started up quickly when a new trust boundary is to be established. Processes within the trust boundary component may additionally be run within a resource container that facilitates allocation of resources amongst the various processes. Because trust boundary components may be started up quickly, the multi-tenancy environment may have security (as provided by the trust boundary components) while still being lower latency (due to the fast availability of pre-readied trust boundaries).
24 Citations
20 Claims
-
1. A computing system comprising:
-
one or more processors; one or more computer-readable storage devices having stored thereon computer-executable instructions that are configured to be executed by the one or more processors to cause the computing system to configure the computing system to perform a method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising; before determining that a new process associated with a tenant is to be run in the multi-tenancy environment, pre-readying a plurality of trust boundary components within the computing system, each of the pre-readied trust boundary components being instantiated, initialized, and pre-booted but not yet operating and each of the pre-readied trust boundary components being enabled, after having been started, to host one or more resource containers and one or more processes in the multi-tenancy environment; determining that the new process associated with the tenant is to run in the multi-tenancy environment; and in response to determining that the new process is to be run; commencing running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and hosting and running the new process associated with the tenant within the now running pre-readied trust boundary component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising:
-
before determining that a new process associated with a tenant is to be run in the multi-tenancy environment, pre-readying a plurality of trust boundary components within the computing system, each of the pre-readied trust boundary components being instantiated, initialized, and pre-booted but not yet operating and each of the pre-readied trust boundary components being enabled, after having been started, to host one or more resource containers and one or more processes in the multi-tenancy environment; determining that the new process associated with the tenant is to run in the multi-tenancy environment; and in response to determining that the new process is to be run; commencing running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and hosting and running the new process associated with the tenant within the now running pre-readied trust boundary component.
-
-
20. A computer program product comprising one or more computer-readable storage devices having thereon computer-executable instructions that are structured such that, when executed by one or more processors, cause the computing system to perform a method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising:
-
before determining that a new process associated with a tenant is to be run in the multi-tenancy environment, pre-readying a plurality of trust boundary components within the computing system, each of the pre-readied trust boundary components being instantiated, initialized, and pre-booted but not yet operating and each of the pre-readied trust boundary components being enabled, after having been started, to host one or more resource containers and one or more processes in the multi-tenancy environment; determining that the new process associated with the tenant is to run in the multi-tenancy environment; and in response to determining that the new process is to be run; commencing running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and hosting and running the new process associated with the tenant within the now running one of the plurality of pre-readied trust boundary components.
-
Specification