| 发明名称 | Method and system for restricting execution of virtual applications to a managed process environment | ||
| 摘要 | Methods and systems for restricting the launch of virtual application files. In one embodiment, a launching application is signed with a digital signature. When the launching application launches a runtime engine and instructs it to execute an application file, the runtime engine determines whether an entity identifier associated with the launching application identifies an authorized entity. If the entity identifier identifies an authorized entity and the digital signature is valid, the runtime engine executes the application file. In another embodiment, a ticket is transmitted to the launching application along with an instruction to launch the application file. The ticket includes a digital signature and an expiration date. The launching application communicates the ticket to the runtime engine, which will execute the application file only if the digital signature is valid and a current date is not later than the expiration date. | ||
| 申请公布号 | US9106425(B2) | 申请公布日期 | 2015.08.11 |
| 申请号 | US201213683969 | 申请日期 | 2012.11.21 |
| 申请人 | CODE SYSTEMS CORPORATION | 发明人 | Murphey C. Michael;Obata Kenji C.;Zeller Mark Jeremy;Larimore Stefan I. |
| 分类号 | G06F21/00;G06F7/04;H04L9/32;G06F21/10 | 主分类号 | G06F21/00 |
| 代理机构 | Davis Wright Tremaine LLP | 代理人 | Davis Wright Tremaine LLP ;Colburn Heather M. |
| 主权项 | 1. A computer-implemented method for use with a launching application and a separate runtime engine, the launching application and the runtime engine being configured to access a shared memory location, the method comprising: at the launching application, receiving a first instruction to execute a virtualized application file and a ticket, the ticket comprising a digital signature and an expiration date; at the launching application, storing the ticket in the shared memory location and sending a second instruction to the runtime engine instructing the runtime engine to execute the virtualized application file; and in response to the second instruction received from the launching application, at the runtime engine, reading the ticket from the shared memory location, determining whether the digital signature is valid, determining whether the ticket has expired, and executing the virtualized application file only when the runtime engine determines the ticket is valid and has not yet expired, whether the ticket is valid being determined based on the digital signature, and whether the ticket has expired being determined based on the expiration date. | ||
| 地址 | Seattle WA US | ||