System and method providing multi-tier applications architecture
First Claim
Patent Images
1. A system that executes a network-based application, comprising:
- a presentation component that processes a local request based at least in part on a relevant portion of application logic associated with the network-based application and utilizes an asynchronous pluggable protocol handler to map the local request;
a mobile component that identifies and retrieves the relevant portion from a local repository and a remote server and provides for execution of the relevant portion of the network-based application that is associated with a local permission, the local repository includes at least one of a CD and floppy disk;
a guarded component that accords access via a remote response, based at least in part on an access policy, to the mobile component to retrieve the relevant portion and provides for execution of the relevant portion of the network-based application that is associated with a remote permission, the access policy includes a local and a remote permission that facilitates secure retrieval of the relevant portion and, wherein a bypass request may be initiated by the presentation component to access remote systems directly, such that the guarded component is bypassed by the remote systems when the request is initiated;
the mobile component and the guarded component interchangeably execute a first constituent element of the relevant portion and a remaining constituent element of the relevant portion without modification to the first constituent element and the remaining constituent element, and wherein upon installing the relevant portion in the mobile component, the system may interact with remote data locally, leverage local computing resources, and mitigate network accesses to the system;
a data component that includes data associated with the relevant portion of application logic, the data component conveys the data to the guarded component and the presentation component interacts with the mobile component to manipulate the data supplied by the data component;
a security component that protects local files within the system from undesired accesses;
wherein downloaded applications run with code access permissions granted by policy on a local machine for a remote domain, such that when local applications are installed, the local applications are granted permissions based on an Universal Resource Identifier (URI) provided at installation which is local and/or remote, policy is then added to the application domain to indicate that code loaded from an application directory hierarchy is associated with domain of origin for the application, therefore permissions for that domain apply, and wherein the system adds policy such that code loaded from the application directory and children directories is associated with the remote URI, to mitigate enabling the application to load assemblies from its own directory and thus bypassing domain security; and
a computer processor for executing the above components.
3 Assignments
0 Petitions
Accused Products
Abstract
A network-based distributed application system is provided in accordance with the present invention for enabling services to be established locally on a client system. The system may include an application and presentation logic, at least a portion of which is interchangeably processed by a server or a client without modification to the portion. The core functionality provided by the application may be preserved between the client and the server wherein improved network performance may provided along with improved offline service capabilities.
57 Citations
10 Claims
-
1. A system that executes a network-based application, comprising:
-
a presentation component that processes a local request based at least in part on a relevant portion of application logic associated with the network-based application and utilizes an asynchronous pluggable protocol handler to map the local request; a mobile component that identifies and retrieves the relevant portion from a local repository and a remote server and provides for execution of the relevant portion of the network-based application that is associated with a local permission, the local repository includes at least one of a CD and floppy disk; a guarded component that accords access via a remote response, based at least in part on an access policy, to the mobile component to retrieve the relevant portion and provides for execution of the relevant portion of the network-based application that is associated with a remote permission, the access policy includes a local and a remote permission that facilitates secure retrieval of the relevant portion and, wherein a bypass request may be initiated by the presentation component to access remote systems directly, such that the guarded component is bypassed by the remote systems when the request is initiated; the mobile component and the guarded component interchangeably execute a first constituent element of the relevant portion and a remaining constituent element of the relevant portion without modification to the first constituent element and the remaining constituent element, and wherein upon installing the relevant portion in the mobile component, the system may interact with remote data locally, leverage local computing resources, and mitigate network accesses to the system; a data component that includes data associated with the relevant portion of application logic, the data component conveys the data to the guarded component and the presentation component interacts with the mobile component to manipulate the data supplied by the data component; a security component that protects local files within the system from undesired accesses; wherein downloaded applications run with code access permissions granted by policy on a local machine for a remote domain, such that when local applications are installed, the local applications are granted permissions based on an Universal Resource Identifier (URI) provided at installation which is local and/or remote, policy is then added to the application domain to indicate that code loaded from an application directory hierarchy is associated with domain of origin for the application, therefore permissions for that domain apply, and wherein the system adds policy such that code loaded from the application directory and children directories is associated with the remote URI, to mitigate enabling the application to load assemblies from its own directory and thus bypassing domain security; and a computer processor for executing the above components. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for executing a network-based application, comprising:
-
receiving a local request to be processed by a relevant portion of application logic associated with the network-based application and utilizes an asynchronous pluggable protocol handler to map the local request; locating the relevant portion on at least one of a local storage medium and a remote server; retrieving the relevant portion from the remote server based at least in part on an access policy located on a client, the access policy comprises a local and a remote permission; installing the relevant portion that is associated with a remote permission; executing the relevant portion that is associated with a local permission; executing the relevant portion that is associated with the remote permission; interchangeably executing a first element of the relevant portion on the client and a second element of the relevant portion on the remote server without modifying the first element and the second element of the relevant portion; interacting with the relevant portion locally to leverage local computing resources and mitigate network access; protecting local files from undesired accesses via a security system; running downloaded applications with code access permissions granted by policy on a local machine for a remote domain, such that when local applications are installed, the local applications are granted permissions based on an URI provided at installation which is local and/or remote; adding policy to the application domain to indicate that code loaded from an application directory hierarchy is associated with domain of origin for the application, therefore permissions for that domain apply; and adding policy such that code loaded from the application directory and children directories is associated with the remote URI, to mitigate enabling the application to load assemblies from its own directory and thus bypassing domain security. - View Dependent Claims (9, 10)
-
Specification