Method and apparatus for virtualizing window information

US 8,117,559 B2
Filed: 09/30/2004
Issued: 02/14/2012
Est. Priority Date: 09/30/2004
Status: Active Grant

First Claim

Patent Images

1. A method for virtualizing access to windows, the method comprising:

receiving a request relating to a window from a process executing within the context of a user isolation scope, the request including a virtual window name, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer;

selecting, by a rules engine, a rule action associated with the request, the selection responsive to the request received from the process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request;

determining a literal name for the window, in response to the selected rule action, using a scope-specific identifier associated with at least one of a particular user isolation scope and an application isolation scope;

issuing to the operating system a request including the determined literal window name; and

associating a window handle with the virtual window name.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus for virtualizing access to windows includes a hooking mechanism, a window name virtualization engine, and an operating system interface. A request relating to a window from a process executing in the context of a user account is received, the request including a virtual window name. A determination is made for a literal name for the window, using a scope-specific identifier. A request is issued to the operating system including the determined literal window name. A window handle is associated with the determined virtual window name.

202 Citations

28 Claims

1. A method for virtualizing access to windows, the method comprising:
- receiving a request relating to a window from a process executing within the context of a user isolation scope, the request including a virtual window name, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer;
  
  selecting, by a rules engine, a rule action associated with the request, the selection responsive to the request received from the process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request;
  
  determining a literal name for the window, in response to the selected rule action, using a scope-specific identifier associated with at least one of a particular user isolation scope and an application isolation scope;
  
  issuing to the operating system a request including the determined literal window name; and
  
  associating a window handle with the virtual window name.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 wherein receiving a request further comprises intercepting a request relating to a window from a process executing in the context of a user isolation scope, the request including a virtual window name.
  - 3. The method of claim 1 wherein receiving a request further comprises receiving a request to find a window from a process executing in the context of a user isolation scope, the request including a virtual window name.
  - 4. The method of claim 1 wherein receiving a request further comprises receiving a request to create a window from a process executing in the context of a user isolation scope, the request including a virtual window name.
  - 5. The method of claim 1 wherein determining a literal name further comprises:
    - determining a rule associated with the virtual window name included in the request; and
      
      determining a literal name for the window responsive to the determined rule.
  - 6. The method of claim 1 wherein determining a literal name further comprises determining a literal window name using a scope-specific identifier associated with an application isolation scope with which the process making the request is associated.
  - 7. The method of claim 1 wherein associating a window handle further comprises storing the virtual window name in a mapping table associated with a window handle.
  - 8. The method of claim 1 further comprising receiving from the operating system a response to the issued request.
  - 9. The method of claim 8 further comprising replacing the literal window name in the response with a virtual window name.
  - 10. The method of claim 1 further comprising:
    - receiving a request to identify one of a virtual window name and a virtual window class identifier, the request received from a process executing within the context of a user isolation scope and including a window handle, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer;
      
      determining that the window handle is associated with the requested one of the virtual window name and the virtual window class identifier; and
      
      returning to the requesting process the determined window information.
  - 11. The method of claim 10 wherein determining that the window handle is associated with the requested window name further comprises determining whether an association between the window handle and the requested one of the virtual window name and the virtual window class identifier exists.
  - 12. The method of claim 11 further comprising determining the window handle associated with the requested one of the virtual window name and the virtual window class identifier from a mapping table, responsive to determining an association exists in the mapping table.
  - 13. The method of claim 11 further comprising returning to the requesting process a response received from an operating system, responsive to determining no association exists in the mapping table.
  - 14. The method of claim 1 further comprising:
    - intercepting a request, from a requestor executing within the context of an isolation scope, to paint a title bar for a window, the title bar including the window name, the request including a window handle, the isolation scope provided by an isolation environment comprising a user isolation layer and an application isolation layer;
      
      determining that the window handle is associated with the virtual window name;
      
      painting the title bar of the window using the virtual window name; and
      
      indicating to the requestor that the title bar has been painted.

15. An apparatus for virtualizing access to windows comprising:
- a hooking mechanism, executing on a computing device, receiving a request relating to a window from a process executing within the context of a user isolation scope, the request including one of a virtual window name and a virtual window class identifier, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer;
  
  a rules engine selecting a rule action associated with a request, the selection responsive to a request received from a process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request;
  
  a window name virtualization engine, executing on the computing device, forming one of a literal name for the window and a literal window class identifier, in response to the selected rule action, using the one of the virtual window name and the virtual window class identifier received in the request, and a scope specific identifier associated with a particular isolation scope; and
  
  an operating system interface, executing on the computing device, issuing a request relating to a window, the request including the one of the formed literal name and the formed literal window class identifier for the window.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The apparatus of claim 15 wherein the hooking mechanism intercepts a request selected from a group consisting of finding a window, creating a window, enumerating a window, destroying a window, setting a window name, retrieving a window name, retrieving a window class identifier associated with the window, registering a window class, retrieving information about a window class and unregistering a window class.
  - 17. The apparatus of claim 15 further comprising a mapping table storing an association between a window handle and one of the virtual window name and the virtual window class identifier.
  - 18. The apparatus of claim 17 wherein the mapping table is associated with the process.
  - 19. The apparatus of claim 18 further comprising a second mapping table associated with a second process.

20. A method for virtualizing access to windows, the method comprising:
- receiving a request, relating to a window class, from a process executing within the context of a user isolation scope, the request including a virtual window class identifier, and the user isolation scope provided by an isolation environment comprising a user isolation layer and an application isolation layer;
  
  selecting, by a rules engine, a rule action associated with the request, the selection responsive to the request received from the process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request;
  
  determining a literal window class identifier, in response to the selected rule action, using a scope-specific identifier associated with a particular isolation scope;
  
  issuing to an operating system a request including the determined literal window class identifier; and
  
  associating a window handle with the determined literal window class identifier.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
- - 21. The method of claim 20 wherein receiving a request further comprises intercepting a request relating to a window class from a process executing in the context of a user isolation scope, the request including a virtual window class identifier.
  - 22. The method of claim 20 wherein receiving a request further comprises receiving a request to find a window from a process executing in the context of a user isolation scope, the request including a virtual window class identifier.
  - 23. The method of claim 20 wherein receiving a request further comprises receiving a request to create a window from a process executing in the context of a user isolation scope, the request including a virtual window class identifier.
  - 24. The method of claim 20 wherein determining further comprises:
    - determining a rule associated with the virtual window class identifier included in the request; and
      
      determining a literal window class identifier responsive to the determined rule.
  - 25. The method of claim 20 wherein determining further comprises determining a literal window class name using a scope-specific identifier associated with an application isolation scope with which the process making the request is associated.
  - 26. The method of claim 20 wherein associating a window handle further comprises storing the virtual window class identifier in a mapping table associated with a window handle.
  - 27. The method of claim 20 further comprising receiving from the operating system a response to the issued request.
  - 28. The method of claim 27 further comprising replacing the determined literal window class identifier in the response with a virtual window class identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Laborczfalvi, Lee George, Roychoudhry, Anil, Borzycki, Andrew Gerard, Chin, Huai Chiun, Mazzaferri, Richard James
Primary Examiner(s)
ABDUL-ALI, OMAR R

Application Number

US10/711,733
Publication Number

US 20060090171A1
Time in Patent Office

2,693 Days
Field of Search

715/783, 715/781, 715/806
US Class Current

715/781
CPC Class Codes

G06F 9/451 Execution arrangements for ...

G06F 9/542 Event management; Broadcast...

Method and apparatus for virtualizing window information

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

202 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for virtualizing window information

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

202 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links