In a method for accessing resources provided by an operating system, a request for a resource is received by an application program executing inside a first environment. A first identifier associated with the resource is acquired. A second identifier referring to the requested resource and to a laun
In a method for accessing resources provided by an operating system, a request for a resource is received by an application program executing inside a first environment. A first identifier associated with the resource is acquired. A second identifier referring to the requested resource and to a launch environment on which to launch the resource is determined. The request for the resource is redirected to the identified instance of the resource, responsive to the second identifier. The request for the resource is responded to using the instance of the resource located inside an environment on which the resource resides.
대표청구항▼
What is claimed is: 1. A method for accessing resources provided by an operating system, the method comprising the steps of: (a) receiving a request for a resource comprising an out-of-process COM server, by an application program executing inside an isolation environment comprising an application
What is claimed is: 1. A method for accessing resources provided by an operating system, the method comprising the steps of: (a) receiving a request for a resource comprising an out-of-process COM server, by an application program executing inside an isolation environment comprising an application isolation layer and a user isolation layer, and a first isolation scope provided by one of the application isolation layer and user isolation layer; (b) acquiring a first identifier associated with the requested resource; (c) determining an association between the first identifier identifying the out-of-process COM server and a second identifier associated with an instance of the requested resource, the association comprising a mapping from the first identifier and the application isolation layer to a dynamically generated class identifier, wherein the second identifier refers to a second isolation scope associated with the requested resource, the second isolation scope provided by one of the application isolation layer and user isolation layer; (d) redirecting the request for the resource to the identified instance of the resource, responsive to the second identifier; and (e) responding to the request for the resource using the instance of the resource in the second isolation scope. 2. The method of claim 1, wherein step (a) further comprises using, by the application program, a COM library. 3. The method of claim 1, wherein step (a) further comprises making, by an application program executing in the isolation environment, a request for the resource. 4. The method of claim 1, wherein step (e) further comprises instantiating the out-of-process COM server. 5. The method of claim 1, wherein step (b) further comprises intercepting the first identifier associated with the requested resource. 6. The method of claim 1, wherein step (b) further comprises acquiring the first identifier responsive to a hooked COM API. 7. The method of claim 1, wherein step (b) further comprises hooking a CoCreateInstance COM API. 8. The method of claim 1, wherein step (b) further comprises hooking a CoCreateInstanceEx COM API. 9. The method of claim 1, wherein step (b) further comprises hooking a CoGetClassObject COM API. 10. The method of claim 1, wherein step (b) further comprises hooking a CoGetInstanceFromFile COM API. 11. The method of claim 1, wherein step (b) further comprises hooking a CoGetInstanceFromIStorage COM API. 12. The method of claim 1, wherein step (b) further comprises hooking a CoRegisterClassObject COM API. 13. The method of claim 1, wherein step (c) further comprises executing a deterministic mapping algorithm. 14. The method of claim 1, wherein step (c) further comprises consulting a map. 15. The method of claim 1, wherein step (c) further comprises consulting a map associated with the second isolation scope. 16. The method of claim 1, wherein step (c) further comprises consulting a map associated with the application isolation layer. 17. The method of claim 1, wherein step (c) further comprises storing a static copy of the second identifier in a map. 18. The method of claim 1, wherein step (c) further comprises receiving the second identifier, the second identifier associated with the second isolation scope. 19. The method of claim 1, wherein step (c) further comprises receiving from a map a second identifier, the second identifier identifying an instance of the requested resource in a second context of the second isolation scope. 20. The method of claim 1, further comprising the step of identifying a second environment on which the resource resides. 21. The method of claim 1, wherein step (e) further comprises executing the resource. 22. The method of claim 1, wherein step (e) further comprises making, by the instance of the resource, a modification to a display region associated with the application program. 23. A system for accessing isolated resources provided by an operating system, comprising: a computing device comprising a processor executing the operating system; a resource, wherein the resource comprises an out-of-process COM server; an application program executing on the computing device inside an isolation environment, receiving a request for the resource, the isolation environment comprising an application isolation layer and a user isolation layer, and a first isolation scope provided by one of the application isolation layer and user isolation layer; an association between a first identifier identifying the out-of-process COM server and a second identifier associated with the resource, the association comprising a mapping from the first identifier and the application isolation layer to a dynamically generated class identifier; a first process executing on the computing device receiving the second identifier from the association, responsive to the first identifier; a second process executing on the computing device identifying an instance of the resource and a second isolation scope the resource is associated with, the second isolation scope provided by one of the application isolation layer and user isolation layer; and a third process executing on the computing device redirecting to the instance of the resource, responsive to the second identifier, the request for the resource. 24. The system of claim 23, wherein the first process executes inside the isolation environment. 25. The system of claim 23, wherein the first process executes outside the isolation environment. 26. The system of claim 23, wherein the first process intercepts the first identifier. 27. The system of claim 23, wherein the first process further comprises receiving from the association, a statically generated second identifier. 28. The system of claim 23, wherein the first process further comprises receiving from the association, a dynamically generated second identifier. 29. The system of claim 23, wherein the first process further comprises transmitting the second identifier to the second process. 30. The system of claim 23, wherein the first process further comprises transmitting the second identifier to the third process. 31. The system of claim 23, wherein the second process executes inside the isolation environment. 32. The system of claim 23, wherein the second process executes outside the isolation environment. 33. The system of claim 23, wherein the third process executes inside the isolation environment. 34. The system of claim 23, wherein the third process executes outside the isolation environment. 35. The system of claim 23, wherein the resource further comprises a COM server of a different version than a second resource in the first isolation scope. 36. The system of claim 35, wherein the first identifier is associated with a first resource and the second resource. 37. The system of claim 23, wherein the resource resides inside the isolation environment. 38. The system of claim 23, wherein the resource is associated with the second isolation scope. 39. The system of claim 23, wherein the resource is in an application isolation scope. 40. The system of claim 23, wherein the resource further comprises at least one registry entry in an isolation scope the resource is associated with. 41. The system of claim 23, wherein the application program executes inside an application isolation layer. 42. The system of claim 23, wherein the application program executes in an application isolation scope provided by an application isolation layer. 43. The system of claim 23, wherein the application program executing inside the isolation environment requests the resource. 44. The system of claim 23, wherein the application program requests the resource. 45. The system of claim 23, wherein the first identifier further comprises identifying at least one COM server. 46. The system of claim 23, wherein a process further comprises additional code executing within the application program. 47. The system of claim 23, wherein the first process and the second process comprise same process. 48. The system of claim 23, wherein the first process and the third process comprise same process. 49. The system of claim 23, wherein the first process and the second process and the third process comprise same process. 50. The system of claim 23, wherein the second process and the third process comprise same process.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (23)
Patel, Amit; Pujare, Sanjay; Ryan, Nicholas; Lin, David, Client installation and execution system for streamed applications.
Shah, Lacky Vasant; Arai, Daniel Takeo; Benitez, Manuel Enrique; Holler, Anne Marie; Wohlgemuth, Robert Curtis, Client-side performance optimization system for streamed applications.
Greschler, David M.; Mysliwy, Owen; Schaefer, Stuart, METHOD AND SYSTEM FOR REMOTE NETWORKING USING PORT PROXYING BY DETECTING IF THE DESIGNATED PORT ON A CLIENT COMPUTER IS BLOCKED, THEN ENCAPSULATING THE COMMUNICATIONS IN A DIFFERENT FORMAT AND REDIRE.
Schmeidler, Yonah; Atkins, Derek; Eichin, Mark W.; Rostcheck, David J., Method and apparatus for content protection in a secure content delivery system.
Yonah Schmeidler ; Derek Atkins ; Mark W. Eichin ; David J. Rostcheck, Method and apparatus for installation abstraction in a secure content delivery system.
Jeffrey Vinson ; Steig Westerberg ; Jeffrey DeVries, Method and apparatus to allow remotely located computer programs and/or data to be accessed on a local computer in a secure, time-limited manner, with persistent caching.
Domenikos Steven D. ; Domenikos George C., Systems and methods for executing application programs from a memory device linked to a server at an internet site.
Domenikos Steven D. ; Domenikos George C., Systems and methods for executing application programs from a memory device linked to server at an internet site.
Bravery, Andrew James Frederick; Iyengar, Arun Kwangil; Kasman, Aaron Edward; Mikalsen, Thomas Arthur; Rouvellou, Isabelle M., Automated deployment of applications with tenant-isolation requirements.
Bissett, Nicholas Alexander; Roychoudhry, Anil; Mazzaferri, Richard James, Method for accessing, by application programs, resources residing inside an application isolation scope.
Bissett, Nicholas Alexander; Roychoudhry, Anil; Mazzaferri, Richard James, Methods and systems for accessing, by application programs, resources provided by an operating system.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.