Secure and Stable Hosting of Third-Party Extensions to Web Services
First Claim
1. One or more computer operating environments comprising:
- a host computing system having one or more processing cores and one or more memory subsystems, the host computing system configured to execute computer-executable instructions of one or more isolation processes (isoprocs), wherein each isoproc'"'"'s ability to communicate is limited to only defined communication channels over which it has express permission to communicate;
a communication-channel regulator configured to selectively grant one or more isoprocs express permission to communicate over one or more defined communication channels.
2 Assignments
0 Petitions
Accused Products
Abstract
Described herein are one or more computer operating environments that include a standard set of web services via a communications network (e.g., the Internet) and a mechanism for extending the standard set of web services to execute one or more extended web services. Since these extended web services may be produced by an unconfirmed or untrusted source (e.g., a third-party software developer), the described computer operating environments isolate the extended web services from the standard set of web services and from the communication network. Furthermore, each extended web service is an isolated process (isoproc) with a limited ability to communicate with other services. In particular, each isoproc'"'"'s ability to communicate is limited to only associated defined communication channels over which it has express permission to communicate.
121 Citations
22 Claims
-
1. One or more computer operating environments comprising:
-
a host computing system having one or more processing cores and one or more memory subsystems, the host computing system configured to execute computer-executable instructions of one or more isolation processes (isoprocs), wherein each isoproc'"'"'s ability to communicate is limited to only defined communication channels over which it has express permission to communicate;
a communication-channel regulator configured to selectively grant one or more isoprocs express permission to communicate over one or more defined communication channels. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 14)
-
-
13. One or more computer operating environments further comprising a mediator configured to mediate communication via one or more isoprocs and communications network, the network being external to the host computing system.
-
15. One or more computer-readable media having computer-executable instructions that, when executed by a computer, perform a method comprising:
-
executing instructions of a defined standard set of one or more isolation processes (isoprocs), wherein each isoproc'"'"'s ability to communicate is limited to only associated defined communication channels over which it has express permission to communicate;
executing instructions of an extended isoproc, which is not part of the standard set, the extended isoproc having express permission to communicate with one or more defined members of the standard set and thus cannot communicate with the other members of the standard set. - View Dependent Claims (16, 17)
-
-
18. One or more computer-readable media having computer-executable instructions that, when executed by a computer, perform a method comprising:
-
providing a standard set of web services via a communications network;
providing a mechanism for extending the standard set of web services to execute one or more extended processes;
isolating the extended processes from the standard set of web services and from the communication network. - View Dependent Claims (19, 20, 21, 22)
-
Specification