Accessing data in a compressed container through dynamic redirection

US 9,582,513 B2
Filed: 12/08/2013
Issued: 02/28/2017
Est. Priority Date: 12/08/2013
Status: Active Grant

First Claim

Patent Images

1. One or more computer storage media embodying computer-executable components, said components comprising:

an installation component that causes at least one processor to;

access a compressed container having a plurality of files, the compressed container being stored in a first portion of memory,create a plurality of reference files corresponding to the plurality of files in the compressed container, the created plurality of reference files being stored in a second portion of memory; and

a filter component that causes said at least one processor to;

receive a request from an application to access data represented by one of the plurality of reference files,in response to the received request, access the corresponding one of the plurality of files in the compressed container,decompress the accessed corresponding one of the plurality of files, andprovide the decompressed corresponding one of the plurality of files to the application without storing the decompressed corresponding one of the plurality of files in persistent memory, wherein a validation of the provided corresponding one of the plurality of files is performed once per boot session and tracked with an in-memory bitmap.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the disclosure provide access to data in a compressed container through dynamic redirection, without storing decompressed data in persistent memory. The compressed container is stored in a first portion of memory. User data and reference files, with redirect pointers, for accessing corresponding files in the compressed container are stored in a second portion of memory. A command to access data is detected by a computing device. The redirect pointer in the reference file associated with the command redirects access to the corresponding compressed version of data stored in the compressed container. The corresponding accessed compressed version of data is decompressed on the fly and provided in response to the command without storing the decompressed data in persistent memory. Some embodiments provide integrity protection to validate the data coming from the compressed container.

84 Citations

View as Search Results

20 Claims

1. One or more computer storage media embodying computer-executable components, said components comprising:
- an installation component that causes at least one processor to;
  
  access a compressed container having a plurality of files, the compressed container being stored in a first portion of memory,create a plurality of reference files corresponding to the plurality of files in the compressed container, the created plurality of reference files being stored in a second portion of memory; and
  
  a filter component that causes said at least one processor to;
  
  receive a request from an application to access data represented by one of the plurality of reference files,in response to the received request, access the corresponding one of the plurality of files in the compressed container,decompress the accessed corresponding one of the plurality of files, andprovide the decompressed corresponding one of the plurality of files to the application without storing the decompressed corresponding one of the plurality of files in persistent memory, wherein a validation of the provided corresponding one of the plurality of files is performed once per boot session and tracked with an in-memory bitmap.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The computer storage media of claim 1, wherein the installation component further copies the compressed container to a target volume, the compressed container being one of a plurality of compressed containers.
  - 3. The computer storage media of claim 2, wherein the plurality of compressed containers include a first compressed container corresponding to an executing operating system and a second compressed container corresponding to customized applications and/or drivers.
  - 4. The computer storage media of claim 1, wherein the filter component executes in a context of an executing operating system and the filter component is embodied in at least one of the following:
    - software, firmware, or hardware.
  - 5. The computer storage media of claim 1, further comprising wherein the installation component is further configured to populate the created plurality of reference files with a redirect pointers to the corresponding one of the plurality of files in the compressed container.

6. A method for dynamically redirecting data requests, said method comprising:
- detecting, by a computing device, a command to access a file in a second portion of storage;
  
  determining whether the command is associated with the file in the second portion of storage;
  
  on determining that the command is associated with the file in the second portion of storage, accessing a corresponding compressed version of the file, the corresponding compressed version of the file being stored within a compressed container in a first portion of storage;
  
  validating the file being stored within the compressed container once per boot session;
  
  tracking said validation of the file with an in-memory bitmap; and
  
  decompressing, by the computing device, at least a portion of the corresponding accessed compressed version of the fileresponding to the command with the decompressed portion of the corresponding accessed compressed version of the file without storing the decompressed portion in persistent storage.
- View Dependent Claims (7, 8, 9, 10, 11, 12, 13)
- - 7. The method of claim 6, further comprising:
    - generating a trusted hash value for a plurality of sections of the compressed container;
      
      storing the generated, trusted hash values in a protected location;
      
      upon detecting the command, dynamically calculating a hash value for the corresponding compressed version of the file; and
      
      comparing the stored hash value, which is associated with the command, with the dynamically calculated hash value to determine validity.
  - 8. The method of claim 6, wherein the command to access the file in the second portion of storage is associated with booting the computing device using the corresponding compressed version of the file.
  - 9. The method of claim 6, wherein the first portion of storage and the second portion of storage reside in a same disk partition or different disk partitions.
  - 10. The method of claim 6, wherein offline tampering of the compressed container is detected by:
    - storing, in an extended attribute on the file in the second portion of storage, values for a file system journal identifier of a volume where the compressed container resides and a file system update sequence number identifier (USN ID) of the compressed container;
      
      upon detecting the command, reading values for the file system journal identifier and the USN ID for the compressed container and comparing the read values with the stored values in the extended attribute; and
      
      trusting the extended attribute based on the comparison.
  - 11. The method of claim 6, wherein the compressed container includes an error correction code for performing error correction while accessing the corresponding compressed version of the file.
  - 12. The method of claim 6, further comprising selecting one of a plurality of decompression algorithms based on a frequency of access of the corresponding compressed version of the file, and wherein the corresponding compressed version is decompressed using the selected one of the plurality of decompression algorithms.
  - 13. The method of claim 6, wherein decompressing the corresponding version comprises decompressing the corresponding version by a plurality of processing cores in the computing device.

14. A system for accessing data within a compressed container, said system comprising:
- a memory area storing a compressed container of a plurality of files, the memory area further storing a plurality of reference files corresponding one of the plurality of files in the compressed container; and
  
  a processor programmed to;
  
  receive a request from an application to access one of the plurality of reference files;
  
  in response to the received request, access the corresponding one of the plurality of files in the compressed container;
  
  validate the file being stored within the compressed container once per boot session;
  
  track validation of the file with an in-memory bitmap;
  
  decompress the accessed corresponding one of the plurality of files; and
  
  provide the decompressed corresponding one of the plurality of files to the application without storing the decompressed corresponding one of the plurality of compressed files.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The system of claim 14, wherein the compressed container comprises at least one other compressed container.
  - 16. The system of claim 14, wherein the compressed container includes a boot environment.
  - 17. The system of claim 14, wherein the processor is programmed to receive the request by intercepting the request from a file system.
  - 18. The system of claim 14, wherein the processor is further programmed to:
    - receive a second request from the application to write data to said one of the plurality of reference files; and
      
      in response to the received second request, replacing a redirect pointer in said one of the plurality of reference files with the data.
  - 19. The system of claim 14, wherein the processor is further programmed to:
    - receive a second request from the application for accessing another one of the reference files, wherein the requested another one of the reference files stores an updated version of the corresponding one of the plurality of compressed files in the compressed container; and
      
      provide the requested another one of the reference files to the application without accessing the compressed container.
  - 20. The system of claim 14, wherein a reparse point is associated with a redirect pointer of the accessed corresponding one of the plurality of files and the reparse point contains extended attributes of the corresponding one of the plurality of files in the compressed container.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Pletcher, Richard A., Smith, Malcolm J., Gefflaut, Alain F., Bendetov, Alex, Shedel, Andrey, Linsley, David J., Farmer, Aaron M., Holmes, James Aaron, Shaw, Troy E., Wilson, Emily N., Basmov, Innokentiy, Grass, Michael J., Semenko, Alex M., Anderson, Scott D., Kinshumann, Kinshuman
Primary Examiner(s)
HASAN, SYED HAROON

Application Number

US14/099,988
Publication Number

US 20150161155A1
Time in Patent Office

1,178 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 16/13   File access structures, e.g...

G06F 16/1744   using compression, e.g. spa...

G06F 16/188   Virtual file systems

G06F 3/0643   Management of files

Accessing data in a compressed container through dynamic redirection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

84 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Accessing data in a compressed container through dynamic redirection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

84 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others