Secure and stable hosting of third-party extensions to web services

US 8,849,968 B2
Filed: 12/15/2005
Issued: 09/30/2014
Est. Priority Date: 06/20/2005
Status: Active Grant

First Claim

Patent Images

1. One or more computer operating environments, comprising:

a host computing system, having one or more processing cores and one or more memory subsystems, configured to execute computer-executable instructions of an operating system (OS) which support and provide at least a first executing isolation process (isoproc) and a second executing isoproc that execute on the OS;

an isolation boundary provided by the OS for each executing isoproc, wherein the isolation boundary includes a separate and distinct interface between the OS and each executing isoproc; and

one or more defined typed communication channels between the first executing isoproc and the second executing isoproc, wherein each executing isoproc is capable of communication with the other executing isoproc via the one or more defined communication channels therebetween;

a communication-channel regulator of the OS configured to selectively grant the first executing isoproc express permission to communicate over the one or more defined typed communication channels to the second executing isoproc, wherein the express permission defines communication properties of the one or more defined typed communication channels, and wherein the first executing isoproc is capable of accessing resources on the host computing system via the second executing isoproc across the one or more defined typed communication channels; and

a cloaking or filtering mechanism configured to hide data from the executing isoprocs by replacing the data with replacement data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described herein are one or more computer operating environments that include a standard set of web services via a communications network (e.g., the Internet) and a mechanism for extending the standard set of web services to execute one or more extended web services. Since these extended web services may be produced by an unconfirmed or untrusted source (e.g., a third-party software developer), the described computer operating environments isolate the extended web services from the standard set of web services and from the communication network. Furthermore, each extended web service is an isolated process (isoproc) with a limited ability to communicate with other services. In particular, each isoproc'"'"'s ability to communicate is limited to only associated defined communication channels over which it has express permission to communicate.

Citations

20 Claims

1. One or more computer operating environments, comprising:
- a host computing system, having one or more processing cores and one or more memory subsystems, configured to execute computer-executable instructions of an operating system (OS) which support and provide at least a first executing isolation process (isoproc) and a second executing isoproc that execute on the OS;
  
  an isolation boundary provided by the OS for each executing isoproc, wherein the isolation boundary includes a separate and distinct interface between the OS and each executing isoproc; and
  
  one or more defined typed communication channels between the first executing isoproc and the second executing isoproc, wherein each executing isoproc is capable of communication with the other executing isoproc via the one or more defined communication channels therebetween;
  
  a communication-channel regulator of the OS configured to selectively grant the first executing isoproc express permission to communicate over the one or more defined typed communication channels to the second executing isoproc, wherein the express permission defines communication properties of the one or more defined typed communication channels, and wherein the first executing isoproc is capable of accessing resources on the host computing system via the second executing isoproc across the one or more defined typed communication channels; and
  
  a cloaking or filtering mechanism configured to hide data from the executing isoprocs by replacing the data with replacement data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. One or more computer operating environments as recited in claim 1, wherein the first executing isoproc is selected from a group consisting of a hardware isolation process (HIP), firmware isolation process (FIP), and software isolation process (SIP).
  - 3. One or more computer operating environments as recited in claim 1, wherein the express permission granted by the communication-channel regulator defines communications properties of the one or more typed defined communication channels between the first and second executing isoprocs, wherein the communications properties include one or more of the following:
    - with which executing isoprocs the first executing isoproc may communicate;
      
      with which executing processes on the system the first executing isoproc may interact;
      
      ability to access communication mechanisms to communicate with other systems;
      
      ability to communicate with specific systems;
      
      type of communication;
      
      orrate, amount, and time of communication.
  - 4. One or more computer operating environments as recited in claim 1, further comprising a mediator configured to mediate communication via at least the first and the second executing isoprocs over the one or more defined typed communications channels therebetween.
  - 5. One or more computer operating environments as recited in claim 1, wherein the one or more computing operating environments are at least one of:
    - a web service, a large-scale multi-user distributed game, a large-scale multi-user simulator, or a massively multiplayer online game.
  - 6. One or more computer operating environments as recited in claim 1, wherein the communication-channel regulator is further configured to prevent the first executing isoproc from directly affecting the execution of other executing isoprocs, which includes the second executing isoproc.
  - 7. One or more computer operating environments as recited in claim 1, wherein the communication-channel regulator is further configured to prevent the first executing isoproc from communicating with other executing isoprocs except for the second executing isoproc.
  - 8. One or more computer operating environments as recited in claim 1, wherein the communication-channel regulator is further configured to prevent the first executing isoproc from accessing resources of other executing isoprocs except for the second executing isoproc.
  - 9. One or more computer operating environments as recited in claim 1, wherein the communication-channel regulator is further configured to prevent the first executing isoproc from communicating with other computing systems over a communications network that is external to the host computing system, unless the first executing isoproc is expressly permitted to do so.
  - 10. One or more computer operating environments as recited in claim 9, further comprising a mediator configured to mediate communication via at least the first and the second executing isoproc over the one or more defined typed communications channels therebetween and via a communications network external to the host computing system.
  - 11. One or more computer operating environments as recited in claim 1, wherein the OS on which the executing isoprocs execute is not virtualized.

12. One or more computer-readable storage devices storing computer-executable instructions that, when executed by one or more processors, cause one or more processors to perform acts comprising:
- executing instructions of a defined standard isolation process (isoproc);
  
  executing instructions of an extended isoproc;
  
  establishing one or more defined typed communication channels between the extended executing isoproc and the standard executing isoproc, each executing isoproc being capable of communication with the other executing isoproc via the one or more defined communication channels therebetween;
  
  granting express permission for the extended executing isoproc to communicate over the one or more defined typed communication channels to the standard executing isoproc, wherein the express permission defines communication properties of the one or more defined typed communication channels, and wherein the extended executing isoproc is capable of accessing resources on a computing system via the standard executing isoproc across the one or more defined typed communication channels;
  
  limiting the extended executing isoproc from communicating with other executing isoprocs; and
  
  hiding data from the extended executing isoproc by replacing the data with replacement data.
- View Dependent Claims (13, 14, 15)
- - 13. One or more computer-readable storage devices as recited in claim 12, wherein the defined standard isoproc represents a massively multiplayer online game (MMOG) and the extended executing isoproc is a modification to the MMOG.
  - 14. One or more computer-readable storage devices as recited in claim 12, wherein the executing instructions of the extended executing isoproc is further characterized by the ability of the extended executing isoproc to communicate with an external communications network as provided by an express permission to communicate via a mediation isoproc.
  - 15. One or more computer-readable storage devices as recited in claim 12, wherein the standard executing isoproc and the extended executing isoproc execute on a same non-virtualized operating system (OS).

16. One or more computer-readable storage devices storing computer-executable instructions that, when executed by one or more processors, cause one or more processors to perform acts comprising:
- providing a standard set of web services via a communications network wherein the standard set of web services are comprised of executing isolation processes (isoprocs);
  
  extending the standard set of web services to execute at least one extended process as an extension isoproc;
  
  isolating the extension isoproc from the standard set of web services and from the communication network, wherein the isolating includes;
  
  establishing one or more defined typed communication channels between the executing extension isoproc and at least one of the executing isoprocs of the standard set of web services, the at least one executing isoproc being capable of communication with the other executing isoprocs via the one or more defined communication channels therebetween; and
  
  granting express permission for the executing extension isoproc to communicate over the one or more defined typed communication channels to the at least one executing isoproc, wherein the express permission defines communication properties of the one or more defined typed communication channels, and wherein the executing extension isoproc is capable of accessing resources on a computing system via at least one of the executing isoprocs across the one or more defined typed communication channels; and
  
  hiding data associated with the web services from the one or more isoprocs by replacing the data with replacement data unrelated to the web services.
- View Dependent Claims (17, 18, 19, 20)
- - 17. One or more computer-readable storage devices of claim 16, wherein each of the member of the standard set of web services and the extension isoproc is selected from a group consisting of a hardware isolation process (HIP), firmware isolation process (FIP), and software isolation process (SIP).
  - 18. One or more computer-readable storage devices of claim 16, wherein the isolating act prevents the extended processes from impersonating the standard set of web services.
  - 19. One or more computer-readable storage devices of claim 16, wherein the isolating act defines with which other processes the extension isoproc may communicate and regulating such communication therebetween.
  - 20. One or more computer-readable storage devices of claim 16, wherein the executing extension isoproc and the at least one executing isoproc execute on a same non-virtualized operating system (OS).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Hunt, Galen C., Larus, James R., Gounares, Alexander G., Endres, Raymond E.
Primary Examiner(s)
BEHARRY, NOEL R

Application Number

US11/275,160
Publication Number

US 20070011199A1
Time in Patent Office

3,211 Days
Field of Search

709/223
US Class Current

709/223
CPC Class Codes

G06F 21/53 by executing in a restricte...

Secure and stable hosting of third-party extensions to web services

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and stable hosting of third-party extensions to web services

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links