Sandboxed execution of plug-ins
First Claim
1. A computer-implemented program management system, comprising:
- an interface component for receiving auxiliary code for execution with a server application, the interface component located with the server application on a server machine in a corporate hosted environment;
an isolation component for receiving and securely isolating the auxiliary code in an isolated environment using levels of isolation including an application domain that isolates running code within worker processes, to provide an application domain isolation level;
a management component for monitoring and managing execution of the auxiliary code in the isolated environment based in part on abnormal execution behavior; and
a microprocessor that executes computer-executable instructions associated with at least one of the interface component, the isolation component, or the management component.
2 Assignments
0 Petitions
Accused Products
Abstract
A sandbox architecture that isolates and identifies misbehaving plug-ins (intentional or unintentional) to prevent system interruptions and failure. Based on plug-in errors, the architecture automatically disables and blocks registration of the bad plug-in via a penalty point system. Publishers of bad plug-ins are controlled by disabling the bad plug-ins and registering the publisher in an unsafe list. Isolation can be provided in multiple levels, such as machine isolation, process isolation, secure accounts with limited access rights, and application domain isolation within processes using local security mechanisms. A combination of the multiple levels of isolation achieves a high level of security. Isolation provides separation from other plug-in executions and restriction to system resources such as file system and network IP. Moreover, the architecture is highly scalable, stateless, and low administration architecture for the execution of the plug-ins, which can be scaled by adding/removing additional sandbox servers on-the-fly without prior configuration.
-
Citations
20 Claims
-
1. A computer-implemented program management system, comprising:
-
an interface component for receiving auxiliary code for execution with a server application, the interface component located with the server application on a server machine in a corporate hosted environment; an isolation component for receiving and securely isolating the auxiliary code in an isolated environment using levels of isolation including an application domain that isolates running code within worker processes, to provide an application domain isolation level; a management component for monitoring and managing execution of the auxiliary code in the isolated environment based in part on abnormal execution behavior; and a microprocessor that executes computer-executable instructions associated with at least one of the interface component, the isolation component, or the management component. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-implemented program management system, comprising:
-
an interface component for receiving auxiliary code for execution with a server application and ensuring that calls from the auxiliary code are directed to the application, the interface component located with the server application on a server machine in a corporate hosted environment; an isolation component for receiving and securely isolating the auxiliary code in an isolated environment using a least one of a machine isolation level, a process isolation level, or an application domain code access isolation level; a penalty component for tracking penalty points accumulated by the auxiliary code in response to abnormal execution behavior; a management component for monitoring and managing execution of the auxiliary code in the isolated environment based on the penalty points; and a microprocessor that executes computer-executable instructions associated with at least one of the interface component, the isolation component, the penalty component, or the management component. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A computer-implemented method of managing a program performed by a computer system executing machine-readable instructions, the method comprising acts of:
-
receiving auxiliary code for execution at a server application on a server machine in a corporate hosted environment; sending the auxiliary code to an isolated environment within the corporate hosted environment for execution, the isolated environment comprising at least one of a machine isolation level, a process isolation level, and an application domain code access isolation; executing the auxiliary code in the isolated environment; monitoring execution of the auxiliary code for abnormal execution behavior; managing the execution of the auxiliary code based on the abnormal execution behavior; and configuring a microprocessor to perform at least one of the acts of receiving, sending, executing, monitoring, or managing. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification