Method and apparatus for virtualizing window information
First Claim
Patent Images
1. A method for virtualizing access to windows, the method comprising:
- receiving a request relating to a window from a process executing within the context of a user isolation scope, the request including a virtual window name, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer;
selecting, by a rules engine, a rule action associated with the request, the selection responsive to the request received from the process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request;
determining a literal name for the window, in response to the selected rule action, using a scope-specific identifier associated with at least one of a particular user isolation scope and an application isolation scope;
issuing to the operating system a request including the determined literal window name; and
associating a window handle with the virtual window name.
7 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus for virtualizing access to windows includes a hooking mechanism, a window name virtualization engine, and an operating system interface. A request relating to a window from a process executing in the context of a user account is received, the request including a virtual window name. A determination is made for a literal name for the window, using a scope-specific identifier. A request is issued to the operating system including the determined literal window name. A window handle is associated with the determined virtual window name.
202 Citations
28 Claims
-
1. A method for virtualizing access to windows, the method comprising:
-
receiving a request relating to a window from a process executing within the context of a user isolation scope, the request including a virtual window name, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer; selecting, by a rules engine, a rule action associated with the request, the selection responsive to the request received from the process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request; determining a literal name for the window, in response to the selected rule action, using a scope-specific identifier associated with at least one of a particular user isolation scope and an application isolation scope; issuing to the operating system a request including the determined literal window name; and associating a window handle with the virtual window name. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An apparatus for virtualizing access to windows comprising:
-
a hooking mechanism, executing on a computing device, receiving a request relating to a window from a process executing within the context of a user isolation scope, the request including one of a virtual window name and a virtual window class identifier, and wherein the user isolation scope is provided by an isolation environment comprising a user isolation layer and an application isolation layer; a rules engine selecting a rule action associated with a request, the selection responsive to a request received from a process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request; a window name virtualization engine, executing on the computing device, forming one of a literal name for the window and a literal window class identifier, in response to the selected rule action, using the one of the virtual window name and the virtual window class identifier received in the request, and a scope specific identifier associated with a particular isolation scope; and an operating system interface, executing on the computing device, issuing a request relating to a window, the request including the one of the formed literal name and the formed literal window class identifier for the window. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A method for virtualizing access to windows, the method comprising:
-
receiving a request, relating to a window class, from a process executing within the context of a user isolation scope, the request including a virtual window class identifier, and the user isolation scope provided by an isolation environment comprising a user isolation layer and an application isolation layer; selecting, by a rules engine, a rule action associated with the request, the selection responsive to the request received from the process executing within the context of a user isolation scope, and determining that a rule action from a group consisting of ignore, redirect and isolate, is associated with the request; determining a literal window class identifier, in response to the selected rule action, using a scope-specific identifier associated with a particular isolation scope; issuing to an operating system a request including the determined literal window class identifier; and associating a window handle with the determined literal window class identifier. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
Specification