MULTI-TENANT ENVIRONMENT USING PRE-READIED TRUST BOUNDARY COMPONENTS
First Claim
1. A computing system comprising:
- one or more processors;
one or more computer-readable storage media having thereon computer-executable instructions that are configured to be executed by the one or more processors to cause the computing system to configure the computing system to perform a method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising;
an act of pre-readying a plurality of trust boundary components within the computing system;
an act of determining that a new process associated with a tenant is to run in the multi-tenancy environment,in response to the act of determining that the new process is to be run, an act of running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and
an act of running the new process associated with the tenant within the now running trust boundary component.
1 Assignment
0 Petitions
Accused Products
Abstract
The low latency use of a multi-tenancy environment. To protect against hostility between tenants within different trust domains, tenant(s) of a common trust domain are run within a trust boundary component. Thus, there is security to protect against potential hostility between tenants of different trust domains. In order to quickly start up trust boundary components, there are multiple pre-readied (e.g., initialized, pre-booted, and/or snapshotted) trust boundary components that may be started up quickly when a new trust boundary is to be established. Processes within the trust boundary component may additionally be run within a resource container that facilitates allocation of resources amongst the various processes. Because trust boundary components may be started up quickly, the multi-tenancy environment may have security (as provided by the trust boundary components) while still being lower latency (due to the fast availability of pre-readied trust boundaries).
8 Citations
20 Claims
-
1. A computing system comprising:
-
one or more processors; one or more computer-readable storage media having thereon computer-executable instructions that are configured to be executed by the one or more processors to cause the computing system to configure the computing system to perform a method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising; an act of pre-readying a plurality of trust boundary components within the computing system; an act of determining that a new process associated with a tenant is to run in the multi-tenancy environment, in response to the act of determining that the new process is to be run, an act of running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and an act of running the new process associated with the tenant within the now running trust boundary component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising:
-
an act of pre-readying a plurality of trust boundary components within the computing system; an act of determining that a new process associated with a tenant is to run in the multi-tenancy environment, in response to the act of determining that the new process is to be run, an act of running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and an act of running the new process associated with the tenant within the now running trust boundary component.
-
-
20. A computer program product comprising one or more computer-readable storage media having thereon computer-executable instructions that are structured such that, when executed by one or more processors, cause the computing system to perform a method for providing a multi-tenancy environment in which a plurality of tenants share physical resources, the method comprising:
-
an act of pre-readying a plurality of trust boundary components within the computing system; an act of determining that a new process associated with a tenant is to run in the multi-tenancy environment, in response to the act of determining that the new process is to be run, an act of running one of the plurality of pre-readied trust boundary components in the multi-tenancy environment; and an act of running the new process associated with the tenant with the trust boundary component that began running in the act of running.
-
Specification