Operating system abstraction and protection layer
First Claim
1. A system for providing one or more application environments on a client computer, the system comprising:
- an operating system protection layer, executing on an operating system of the client computer, one or more applications executing on said operating system, the operating system protection layer comprising one or more subsystems, wherein said protection layer is provided between one or more applications and said operating system and between each of the one or more applications, wherein the protection layer providing each of the one or more applications with its respective virtual operating environment in which each of the one or more applications execute, wherein said respective virtual operating environment appears to each of the one or more applications to be an installation environment without performing an installation, whereby a “
pseudo installation”
is created in which at least one of the settings are brought into the respective virtual operating environment at the time the one or more applications executes, and wherein the operating system protection layer comprises a virtual registry that provides a full function registry to each of the one or more applications.
5 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a system for creating an application software environment without changing an operating system of a client computer, the system comprising an operating system abstraction and protection layer, wherein said abstraction and protection layer is interposed between a running software application and said operating system, whereby a virtual environment in which an application may run is provided and application level interactions are substantially removed. Preferably, any changes directly to the operating system are selectively made within the context of the running application and the abstraction and protection layer dynamically changes the virtual environment according to administrative settings. Additionally, in certain embodiments, the system continually monitors the use of shared system resources and acts as a service to apply and remove changes to system components. The present thus invention defines an “Operating System Guard.” These components cover the protection semantics required by .DLLs and other shared library code as well as system device drivers, fonts, registries and other configuration items, files, and environment variables.
-
Citations
18 Claims
-
1. A system for providing one or more application environments on a client computer, the system comprising:
an operating system protection layer, executing on an operating system of the client computer, one or more applications executing on said operating system, the operating system protection layer comprising one or more subsystems, wherein said protection layer is provided between one or more applications and said operating system and between each of the one or more applications, wherein the protection layer providing each of the one or more applications with its respective virtual operating environment in which each of the one or more applications execute, wherein said respective virtual operating environment appears to each of the one or more applications to be an installation environment without performing an installation, whereby a “
pseudo installation”
is created in which at least one of the settings are brought into the respective virtual operating environment at the time the one or more applications executes, and wherein the operating system protection layer comprises a virtual registry that provides a full function registry to each of the one or more applications.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 17, 18)
-
15. A method for executing one or more application programs, comprising:
-
providing a computer system having an operating system therein, the operating system having access to and brokering the use of system resources; executing a protective program on the operating system, the protective program providing a customized logically protected environment for running one or more application programs, wherein said customized logically protected environment appears to each of the one or more application programs to be an installation environment without performing an installation whereby a “
pseudo-installation”
is created in which at least one of the settings are brought into the respective logically protected environment at the time the one or more application programs execute, and wherein the protective program comprises a virtual registry that provides a full function registry to each of the one or more application programs;executing one or more application programs adapted for use on the operating system in a respective one or more customized logically protected environments; controlling interactions between the one or more application programs and the operating system it is adapted to run on, including controlling interactions between the one or more application programs and system resources of the computer system and controlling interactions between the one or more application programs; and servicing at least some requests from the one or more application programs using the protective program without transferring the requests to the underlying operating system. - View Dependent Claims (16)
-
Specification