METHOD AND SYSTEM FOR RESTRICTING EXECUTION OF VIRTUAL APPLICATIONS TO A MANAGED PROCESS ENVIRONMENT
3 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for restricting the launch of virtual application files. In one embodiment, a launching application is signed with a digital signature. When the launching application launches a runtime engine and instructs it to execute an application file, the runtime engine determines whether an entity identifier associated with the launching application identifies an authorized entity. If the entity identifier identifies an authorized entity and the digital signature is valid, the runtime engine executes the application file. In another embodiment, a ticket is transmitted to the launching application along with an instruction to launch the application file. The ticket includes a digital signature and an expiration date. The launching application communicates the ticket to the runtime engine, which will execute the application file only if the digital signature is valid and a current date is not later than the expiration date.
60 Citations
28 Claims
-
1-13. -13. (canceled)
-
14. A computer-implemented method for use with a launching application and a separate runtime engine, the launching application and the runtime engine being configured to access a shared memory location, the method comprising:
-
at the launching application, receiving a first instruction to execute an application file and a ticket, the ticket comprising a digital signature and an expiration date; at the launching application, storing the ticket in the shared memory location and sending a second instruction to the runtime engine instructing the runtime engine to execute the application file; and in response to the second instruction received from the launching application, at the runtime engine, reading the ticket from the shared memory block, determining whether the digital signature is valid, determining whether the ticket has expired, and executing the application file only when the runtime engine determines the ticket is valid and has not yet expired, whether the ticket is valid being determined based on the digital signature, and whether the ticket has expired being determined based on the expiration date. - View Dependent Claims (15, 16, 17)
-
-
18. A computer-implemented method for use with an application file, and a shared memory location storing a ticket comprising a digital signature and an expiration date, the application file comprising a digital rights management indicator, the method comprising:
-
receiving an instruction to execute the application file; in response to the instruction, reading the ticket from the shared memory location and reading the digital rights management indicator from the application file; if the digital rights management indicator indicates the ticket is to be validated, determining whether the digital signature is valid, determining whether the ticket has expired, and executing the application file only when the ticket is determined to be valid and not yet expired, whether the ticket is valid being determined based on the digital signature, and whether the ticket has expired being determined based on the expiration date; and if the digital rights management indicator indicates the ticket is not to be validated, executing the application file. - View Dependent Claims (19, 20)
-
-
21. A computer-implemented method for use with a remote computing device implementing a launching application and a separate runtime engine, the method comprising:
-
instructing the remote computing device to display a plurality of selectable options, each option corresponding to an application file; receiving a selection of one of the plurality of selectable options from the remote computing device; creating a ticket comprising a digital signature and an expiration date; instructing the launching application on the remote computing device to launch the application file corresponding to the selected one of the plurality of selectable options; and transmitting the ticket to the launching application, the launching application being operable to communicate the ticket to the runtime engine, the runtime engine being operable to execute the application file corresponding to the selected one of the plurality of selectable options in response to an instruction to do so only when the digital signature of the ticket is valid and a current date is not later than the expiration date. - View Dependent Claims (22, 23, 24, 25)
-
-
26. A computer-implemented method for use with a server computing device and a runtime engine, the method comprising:
-
receiving a ticket and a first instruction to execute an application file from the server computing device, the ticket comprising a digital signature and an expiration date; storing the ticket in a memory location accessible by the runtime engine; sending a second instruction to the runtime engine instructing the runtime engine to execute the application file, the runtime engine being operable to execute the application file in response to the instruction to do so only when the digital signature of the ticket is valid and a current date is not later than the expiration date. - View Dependent Claims (27, 28)
-
Specification