System and method for application isolation
First Claim
Patent Images
1. A computer system for providing application isolation to one or more applications, the computer system comprising:
- computer system memory comprised of one or more memory locations configured to store said one or more applications;
one or more central processing units (CPUs) operatively connected to said computer system memory and configured to execute said one or more applications on a host with a host operating system;
an isolated environment including application files and executables;
an interception layer configured to intercept user-space access to said host operating system resources and user-space access to said host operating system interfaces; and
an interception database configured to maintain mappings between the operating system resources as requested by the one or more applications when running inside the isolated environment and the corresponding host operating system resources outside the isolated environment,wherein the mappings in said interception database are created during installation and running of said one or more applications;
wherein the isolated environments are saved on at least one of a local and remote storage;
wherein the isolated environment is prepared for network deployment by creating a copy of said isolated environment on the remote storage and delivering the copy of said isolated environment over a network, wherein said copy is created after the host operating system has booted;
wherein the one or more applications within the isolated environment are run remotely over the network and changes to the isolated environment are stored on a remote environment.
2 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer readable medium for providing application isolation to one or more applications. The system may include an isolated environment including application files and executables, and an interception layer intercepting access to system resources and interfaces. The system may further include an interception database maintaining mapping between the system resources inside the isolated environment and outside, and a host operating system, wherein the isolated environments are saved on at least one of a local and remote storage.
62 Citations
16 Claims
-
1. A computer system for providing application isolation to one or more applications, the computer system comprising:
-
computer system memory comprised of one or more memory locations configured to store said one or more applications; one or more central processing units (CPUs) operatively connected to said computer system memory and configured to execute said one or more applications on a host with a host operating system; an isolated environment including application files and executables; an interception layer configured to intercept user-space access to said host operating system resources and user-space access to said host operating system interfaces; and an interception database configured to maintain mappings between the operating system resources as requested by the one or more applications when running inside the isolated environment and the corresponding host operating system resources outside the isolated environment, wherein the mappings in said interception database are created during installation and running of said one or more applications; wherein the isolated environments are saved on at least one of a local and remote storage; wherein the isolated environment is prepared for network deployment by creating a copy of said isolated environment on the remote storage and delivering the copy of said isolated environment over a network, wherein said copy is created after the host operating system has booted; wherein the one or more applications within the isolated environment are run remotely over the network and changes to the isolated environment are stored on a remote environment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing application isolation to one or more applications executing on a host with host operating system, the method comprising:
-
executing said one or more applications on a host with a host operating system; providing an isolated environment including application files and executables; intercepting user-space access to said host operating system resources and user-space access to said host operating system interfaces; maintaining database mappings between the operating system resources as requested by the one or more applications when running inside an isolated environment and the corresponding host operating system resources outside the isolated environment, wherein said mappings are created during installation and running of said one or more applications; and saving the isolated environments on at least one of a local and remote storage; preparing the isolated environment for network deployment by creating a copy said isolated environment on the remote storage and delivering the copy of said isolated environment over a network;
wherein said copy is created after the host operating system has booted;remotely running the one or more applications within the isolated environment over the network and storing changes to the isolated environment on a remote environment. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A non-transitory computer readable storage medium for providing application isolation to one or more applications executing on a host with a host operating system, the computer readable medium including instructions executable by a computer, the instructions for:
-
executing said one or more applications on a host with a host operating system; providing an isolated environment including application files and executables; intercepting user-space access to said host operating system resources and user-space access to said host operating system interfaces; maintaining database mappings between the operating system resources as requested by the one or more applications when running inside an isolated environment and the corresponding host operating system resources outside the isolated environment, wherein said mappings are created during installation and running of said one or more applications; and saving the isolated environments on at least one of a local and remote storage; preparing the isolated environment for network deployment by creating a copy said isolated environment on the remote storage and delivering the copy of said isolated environment over a network;
wherein said copy is created after the host operating system has booted;remotely running the one or more applications within the isolated environment over the network and storing changes to the isolated environment on a remote environment. - View Dependent Claims (14, 15, 16)
-
Specification