公开(公告)号：US09218359B2

公开(公告)日：2015-12-22

申请号：US12876082

申请日：2010-09-03

申请人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

发明人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

IPC分类号： G06F9/455 ,  G06F9/44 ,  G06F17/30 ,  H04L29/08 ,  H04L29/06 ,  G06F9/445 ,  G06F21/53

CPC分类号： H04L67/1085 ,  G06F3/0619 ,  G06F3/064 ,  G06F9/445 ,  G06F9/45537 ,  G06F9/466 ,  G06F17/30017 ,  G06F17/30091 ,  G06F17/30233 ,  G06F17/30958 ,  G06F21/53 ,  G06F2212/152 ,  H04L65/60 ,  H04L67/10

摘要： A method and system for profiling execution of an application implemented by an application file comprising a plurality of data blocks. The application is executed in response to an execute command from a management process. Read messages are sent to the management process each time the application reads one or more of the plurality of data blocks of the application file. The management process records information about the read operations in one or more transcripts which may be used to create a streaming model for the application allowing the application to be downloaded using a conventional download protocol without using a specialized streaming protocol.

摘要翻译： 一种用于分析由包括多个数据块的应用文件实现的应用的执行的方法和系统。 响应于来自管理进程的执行命令执行应用程序。 每当应用程序读取应用程序文件的多个数据块中的一个或多个时，读取消息被发送到管理进程。 管理过程在一个或多个抄本中记录关于读取操作的信息，其可以用于为应用创建流模型，允许使用常规的下载协议来下载应用，而不使用专门的流式传输协议。

公开(公告)号：US09209976B2

公开(公告)日：2015-12-08

申请号：US12916348

申请日：2010-10-29

申请人： C. Michael Murphey ,  Kenji C. Obata ,  Mark Jeremy Zeller ,  Stefan I. Larimore

发明人： C. Michael Murphey ,  Kenji C. Obata ,  Mark Jeremy Zeller ,  Stefan I. Larimore

IPC分类号： G06F21/00 ,  H04L29/06 ,  H04L9/32 ,  G06F21/10

CPC分类号： G06F21/121 ,  G06F21/10 ,  G06F2221/07 ,  H04L9/32 ,  H04L9/3247

摘要： Methods and systems for restricting the launch of virtual application files. A launching application is signed with a digital signature. When the launching application launches a runtime engine and instructs it to execute an application file, the runtime engine determines whether an entity identifier associated with the launching application identifies an authorized entity. If the entity identifier identifies an authorized entity and the digital signature is valid, the runtime engine executes the application file. A ticket may be transmitted to the launching application along with an instruction to launch the application file. The ticket includes a digital signature and an expiration date. The launching application communicates the ticket to the runtime engine, which will execute the application file only if the digital signature is valid and a current date is not later than the expiration date.

摘要翻译： 限制虚拟应用程序文件启动的方法和系统。 启动应用程序使用数字签名进行签名。 当启动应用程序启动运行时引擎并指示执行应用程序文件时，运行时引擎确定与启动应用程序相关联的实体标识符是否识别授权实体。 如果实体标识符识别授权实体并且数字签名有效，则运行时引擎执行应用程序文件。 票据可以与启动应用程序文件的指令一起发送到启动应用程序。 机票包括数字签名和有效期限。 启动应用程序将票证传送到运行时引擎，运行时引擎只有在数字签名有效且当前日期不晚于到期日期时才会执行应用程序文件。

公开(公告)号：US09176981B2

公开(公告)日：2015-11-03

申请号：US12876082

申请日：2010-09-03

申请人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

发明人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

IPC分类号： G06F9/455 ,  G06F9/44 ,  G06F17/30 ,  H04L29/08 ,  H04L29/06 ,  G06F9/445 ,  G06F21/53

摘要： A method and system for profiling execution of an application implemented by an application file comprising a plurality of data blocks. The application is executed in response to an execute command from a management process. Read messages are sent to the management process each time the application reads one or more of the plurality of data blocks of the application file. The management process records information about the read operations in one or more transcripts which may be used to create a streaming model for the application allowing the application to be downloaded using a conventional download protocol without using a specialized streaming protocol.

公开(公告)号：US08626806B2

公开(公告)日：2014-01-07

申请号：US13449049

申请日：2012-04-17

申请人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

发明人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

IPC分类号： G06F12/00 ,  G06F17/30 ,  G06F21/53

CPC分类号： H04L67/1085 ,  G06F3/0619 ,  G06F3/064 ,  G06F9/445 ,  G06F9/45537 ,  G06F9/466 ,  G06F17/30017 ,  G06F17/30091 ,  G06F17/30233 ,  G06F17/30958 ,  G06F21/53 ,  G06F2212/152 ,  H04L65/60 ,  H04L67/10

摘要： A system and method for directing download and execution of an application. A runtime engine receives an identifier of a block of shared memory from a directing process. The shared memory stores a map indicating which portions of an application file have been stored in a local copy of the application file. The runtime engine also receives an instruction from the directing process to execute the local copy when the local copy stores less than the entire application file. As the application executes, the runtime engine identifies requests from the application to access portions of the local copy and uses the map to determine whether the requested portions have been stored in the local copy. If the requested portions are not stored in the local copy, the runtime engine prevents the executing application from accessing the local copy until the map indicates the requested portions have been stored therein.

公开(公告)号：US20120203808A1

公开(公告)日：2012-08-09

申请号：US13449140

申请日：2012-04-17

申请人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

发明人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

IPC分类号： G06F17/30

CPC分类号： H04L67/1085 ,  G06F3/0619 ,  G06F3/064 ,  G06F9/445 ,  G06F9/45537 ,  G06F9/466 ,  G06F17/30017 ,  G06F17/30091 ,  G06F17/30233 ,  G06F17/30958 ,  G06F21/53 ,  G06F2212/152 ,  H04L65/60 ,  H04L67/10

摘要： A system and method for directing download and execution of an application. A runtime engine receives an identifier of a block of shared memory from a directing process. The shared memory stores a map indicating which portions of an application file have been stored in a local copy of the application file. The runtime engine also receives an instruction from the directing process to execute the local copy when the local copy stores less than the entire application file. As the application executes, the runtime engine identifies requests from the application to access portions of the local copy and uses the map to determine whether the requested portions have been stored in the local copy. If the requested portions are not stored in the local copy, the runtime engine prevents the executing application from accessing the local copy until the map indicates the requested portions have been stored therein.

公开(公告)号：US20120203807A1

公开(公告)日：2012-08-09

申请号：US13449049

申请日：2012-04-17

申请人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

发明人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

IPC分类号： G06F17/30

CPC分类号： H04L67/1085 ,  G06F3/0619 ,  G06F3/064 ,  G06F9/445 ,  G06F9/45537 ,  G06F9/466 ,  G06F17/30017 ,  G06F17/30091 ,  G06F17/30233 ,  G06F17/30958 ,  G06F21/53 ,  G06F2212/152 ,  H04L65/60 ,  H04L67/10

摘要： A system and method for directing download and execution of an application. A runtime engine receives an identifier of a block of shared memory from a directing process. The shared memory stores a map indicating which portions of an application file have been stored in a local copy of the application file. The runtime engine also receives an instruction from the directing process to execute the local copy when the local copy stores less than the entire application file. As the application executes, the runtime engine identifies requests from the application to access portions of the local copy and uses the map to determine whether the requested portions have been stored in the local copy. If the requested portions are not stored in the local copy, the runtime engine prevents the executing application from accessing the local copy until the map indicates the requested portions have been stored therein.

摘要翻译： 一种用于指导应用程序的下载和执行的系统和方法。 运行时引擎从指导过程接收共享存储器块的标识符。 共享存储器存储指示应用文件的哪些部分已被存储在应用文件的本地副本中的映射。 当本地副本存储少于整个应用程序文件时，运行时引擎还从指导进程接收执行本地副本的指令。 当应用程序执行时，运行时引擎识别来自应用程序的请求以访问本地副本的部分，并使用映射来确定所请求的部分是否已经存储在本地副本中。 如果所请求的部分未被存储在本地副本中，则运行时引擎防止执行的应用程序访问本地副本，直到映射表示所请求的部分已被存储在其中。

公开(公告)号：US20120005674A1

公开(公告)日：2012-01-05

申请号：US12876082

申请日：2010-09-03

申请人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

发明人： Stefan I. Larimore ,  Kenji C. Obata ,  Mark Jeremy Zeller

IPC分类号： G06F9/455 ,  G06F9/44

CPC分类号： H04L67/1085 ,  G06F3/0619 ,  G06F3/064 ,  G06F9/445 ,  G06F9/45537 ,  G06F9/466 ,  G06F17/30017 ,  G06F17/30091 ,  G06F17/30233 ,  G06F17/30958 ,  G06F21/53 ,  G06F2212/152 ,  H04L65/60 ,  H04L67/10

摘要： A method and system for profiling execution of an application implemented by an application file comprising a plurality of data blocks. The application is executed in response to an execute command from a management process. Read messages are sent to the management process each time the application reads one or more of the plurality of data blocks of the application file. The management process records information about the read operations in one or more transcripts which may be used to create a streaming model for the application allowing the application to be downloaded using a conventional download protocol without using a specialized streaming protocol.

摘要翻译： 一种用于分析由包括多个数据块的应用文件实现的应用的执行的方法和系统。 响应于来自管理进程的执行命令执行应用程序。 每当应用程序读取应用程序文件的多个数据块中的一个或多个时，读取消息被发送到管理进程。 管理过程在一个或多个抄本中记录关于读取操作的信息，其可以用于为应用创建流模型，允许使用常规的下载协议来下载应用，而不使用专门的流式传输协议。

公开(公告)号：US20110238696A1

公开(公告)日：2011-09-29

申请号：US13154833

申请日：2011-06-07

申请人： Mark Jeremy Zeller ,  Arshish Cyrus Kapadia ,  Shajan Dasan

发明人： Mark Jeremy Zeller ,  Arshish Cyrus Kapadia ,  Shajan Dasan

IPC分类号： G06F17/30

CPC分类号： G06F17/30011 ,  G06F17/30864 ,  G06F21/6227 ,  G06F2221/2119 ,  G06F2221/2141

摘要： Methods and computer-readable media are provided for associating security trimmers with documents in an enterprise search system. According to one method, a search index is maintained that includes one or more document identifiers corresponding to documents stored at back-end computing systems. Each document identifier in the search index is associated with one or more security trimmer implementations. When a query request is received from a user, the search index is queried to identify documents referenced by the search index that match search terms provided with the query request. For each document that matches the search terms, the associated security trimmer implementations are identified and executed to retrieve the access rights to view the document for the current user from the back-end computing system where the document is stored.

摘要翻译： 提供了方法和计算机可读介质，用于将安全修剪器与企业搜索系统中的文档相关联。 根据一种方法，维护包括与存储在后端计算系统中的文档相对应的一个或多个文档标识符的搜索索引。 搜索索引中的每个文档标识符与一个或多个安全修剪器实现相关联。 当从用户接收到查询请求时，将查询搜索索引，以识别与查询请求提供的搜索条件匹配的搜索索引引用的文档。 对于与搜索词匹配的每个文档，相关联的安全修剪器实现被识别和执行以检索从存储文档的后端计算系统查看当前用户的文档的访问权限。

公开(公告)号：US07979458B2

公开(公告)日：2011-07-12

申请号：US11653518

申请日：2007-01-16

申请人： Mark Jeremy Zeller ,  Arshish Cyrus Kapadia ,  Shajan Dasan

发明人： Mark Jeremy Zeller ,  Arshish Cyrus Kapadia ,  Shajan Dasan

IPC分类号： G06F17/30 ,  G06F7/00

CPC分类号： G06F17/30011 ,  G06F17/30864 ,  G06F21/6227 ,  G06F2221/2119 ,  G06F2221/2141

摘要： Methods and computer-readable media are provided for associating security trimmers with documents in an enterprise search system. According to one method, a search index is maintained that includes one or more document identifiers corresponding to documents stored at back-end computing systems. Each document identifier in the search index is associated with one or more security trimmer implementations. When a query request is received from a user, the search index is queried to identify documents referenced by the search index that match search terms provided with the query request. For each document that matches the search terms, the associated security trimmer implementations are identified and executed to retrieve the access rights to view the document for the current user from the back-end computing system where the document is stored.

摘要翻译： 提供了方法和计算机可读介质，用于将安全修剪器与企业搜索系统中的文档相关联。 根据一种方法，维护包括与存储在后端计算系统中的文档相对应的一个或多个文档标识符的搜索索引。 搜索索引中的每个文档标识符与一个或多个安全修剪器实现相关联。 当从用户接收到查询请求时，将查询搜索索引，以识别与查询请求提供的搜索条件匹配的搜索索引引用的文档。 对于与搜索词匹配的每个文档，相关联的安全修剪器实现被识别和执行以检索从存储文档的后端计算系统查看当前用户的文档的访问权限。

公开(公告)号：US08959183B2

公开(公告)日：2015-02-17

申请号：US12705492

申请日：2010-02-12

申请人： Mark Jeremy Zeller ,  Kenji C. Obata

发明人： Mark Jeremy Zeller ,  Kenji C. Obata

IPC分类号： G06F15/16 ,  G06F9/455 ,  G06F9/445

CPC分类号： H04L67/06 ,  G06F8/61 ,  G06F8/656 ,  G06F9/44521 ,  G06F9/44568 ,  G06F9/44578 ,  G06F9/45533 ,  G06F9/45558 ,  G06F2009/45595 ,  H04L67/10

摘要： A virtual process manager for use with a client application. Both the process manager and the client application are installed on a client computing device. In response to a user command to execute a virtual application at least partially implemented by a virtualized application file stored on a remote computing device, the client application sends a high priority command to the process manager to execute the virtual application. Before receiving the user command, the client application sends a low priority command to the process manager to download at least a portion of the virtualized application file. In response to the high priority command, and without additional user input, the process manager downloads any portion of the file not downloaded in response to the low priority command, and executes the virtual application on the client computing device. The client application may comprise a conventional web browser or operating system shell process.

摘要翻译： 用于客户端应用程序的虚拟进程管理器。 流程管理器和客户端应用程序均安装在客户端计算设备上。 响应于用户命令来执行至少部分由存储在远程计算设备上的虚拟化应用文件实现的虚拟应用，客户端应用向处理管理器发送高优先级命令以执行虚拟应用。 在接收到用户命令之前，客户端应用程序向进程管理器发送低优先级命令，以下载虚拟化应用程序文件的至少一部分。 响应于高优先级命令，并且没有额外的用户输入，进程管理器根据低优先级命令下载未下载的任何文件部分，并在客户端计算设备上执行虚拟应用程序。 客户端应用可以包括传统的web浏览器或操作系统shell进程。