NZ705843B2 - Software application delivery and launching system - Google Patents
Software application delivery and launching system Download PDFInfo
- Publication number
- NZ705843B2 NZ705843B2 NZ705843A NZ70584312A NZ705843B2 NZ 705843 B2 NZ705843 B2 NZ 705843B2 NZ 705843 A NZ705843 A NZ 705843A NZ 70584312 A NZ70584312 A NZ 70584312A NZ 705843 B2 NZ705843 B2 NZ 705843B2
- Authority
- NZ
- New Zealand
- Prior art keywords
- software
- executable code
- memory
- stub
- client
- Prior art date
Links
- 230000015654 memory Effects 0.000 claims abstract description 124
- 238000004891 communication Methods 0.000 claims abstract description 17
- 238000000034 method Methods 0.000 claims description 19
- 230000002093 peripheral Effects 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims 3
- 238000009434 installation Methods 0.000 description 4
- 230000014759 maintenance of location Effects 0.000 description 4
- 238000007906 compression Methods 0.000 description 3
- 230000000875 corresponding Effects 0.000 description 3
- 230000001808 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000006011 modification reaction Methods 0.000 description 3
- 230000003287 optical Effects 0.000 description 3
- 230000002104 routine Effects 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- VYZAMTAEIAYCRO-UHFFFAOYSA-N chromium Chemical compound [Cr] VYZAMTAEIAYCRO-UHFFFAOYSA-N 0.000 description 2
- 150000002500 ions Chemical class 0.000 description 2
- 230000002085 persistent Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 240000007419 Hura crepitans Species 0.000 description 1
- 241001237731 Microtia elva Species 0.000 description 1
- 235000015076 Shorea robusta Nutrition 0.000 description 1
- 229940035295 Ting Drugs 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- UIIMBOGNXHQVGW-UHFFFAOYSA-M buffer Substances [Na+].OC([O-])=O UIIMBOGNXHQVGW-UHFFFAOYSA-M 0.000 description 1
- OKTJSMMVPCPJKN-UHFFFAOYSA-N carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- 230000001413 cellular Effects 0.000 description 1
- 238000005352 clarification Methods 0.000 description 1
- 230000001419 dependent Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002452 interceptive Effects 0.000 description 1
- 238000009740 moulding (composite fabrication) Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000001902 propagating Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000003068 static Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44521—Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
- G06F9/44526—Plug-ins; Add-ons
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44568—Immediately runnable code
- G06F9/44573—Execute-in-place [XIP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44568—Immediately runnable code
- G06F9/44584—Portable applications, i.e. making applications self-contained, e.g. U3 standard
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44594—Unloading
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4482—Procedural
- G06F9/4484—Executing subprograms
Abstract
Disclosed is a method for receiving and executing software programs. The method comprises allocating a first virtual memory by a first computing device (330). The first computing device (330) receives executable code of a stub (322) from a disparate computing system (320) via a communication network (310). The first computing device (330) executes the executable code of the stub (322) directly from the first virtual memory. The first computing device (330) downloads executable code of a first software as facilitated by the executable code of the stub (322). The first computing device (330) executes the executable code of the first software and downloads executable code of a second software as facilitated by the executable code of the first software. The first computing device (330) executes the executable code of the second software. (310). The first computing device (330) executes the executable code of the stub (322) directly from the first virtual memory. The first computing device (330) downloads executable code of a first software as facilitated by the executable code of the stub (322). The first computing device (330) executes the executable code of the first software and downloads executable code of a second software as facilitated by the executable code of the first software. The first computing device (330) executes the executable code of the second software.
Description
SOFTWARE APPLICATION DELIVERY AND ING SYSTEM
TECHNICAL FIELD
The present disclosure generally relates to the distribution of er software
over a er network and more cally relates to deploying computer software
over a computer network from a server to a client for execution on the client without
installing any n of the re on the client.
BACKGROUND
Computer software may be distributed to individual er systems in various
ways. For example, a piece of software may be stored on a Compact Disc (CD) or a
Digital Versatile Disc (DVD). A person may put such a disc in a disc drive of a computer
system to install the piece of software stored on the disc onto the computer . More
recently, computer networks e another channel for software distribution. A person
may download a piece of software from a remote computer system (e. g., a server) over a
computer network (e.g., the Internet) onto his own computer system (e. g., a client).
Often, the file downloaded over the network may be an installation suite, script, or
executable in which the piece of software is embedded. The person may save the
downloaded file on the hard drive of his computer system, either at a permanent on
or in a temporary directory, and run the saved file to install the piece of software on his
computer system.
The present disclosure lly relates to the distribution of computer software
over a computer network and more cally relates to deploying computer software
over a computer network from a server to a client for execution on the client without
installing any portion of the software on the client.
Particular embodiments allocate a first virtual memory; receive executable code of
a first piece of software; write the executable code of the first piece of software directly
into the first virtual memory; mark the first virtual memory as executable; execute the
executable code of the first piece of software directly from the first virtual memory; and
download and execute executable code of a second piece of software as facilitated by the
executable code of the first piece of software.
These and other features, aspects, and advantages of the disclosure are described
in more detail below in the detailed description and in conjunction with the ing
BRIEF DESCRIPTION OF THE DRAWINGS
FIGURE 1 illustrates an example method of deploying a piece of computer
software from a server to a client for execution on the client without installing any portion
of the re on the client.
FIGURE 2 illustrates an example method of streaming a piece of computer
software from a server to a client for execution on the client.
FIGURE 3 rates an example k environment.
FIGURE 4 illustrates an example computer system.
DETAILED DESCRIPTION OF EXAMPLE EMBODIMENTS
The t disclosure is now described in detail with reference to a few
embodiments thereof as rated in the accompanying drawings. In the following
description, numerous specific details are set forth in order to provide a thorough
understanding of the present sure. It is apparent, however, to one d in the art,
that the present disclosure may be practiced without some or all of these specific details.
In other instances, well known process steps and/or structures have not been described in
detail in order not to unnecessarily obscure the present disclosure. In addition, while the
disclosure is described in conjunction with the particular embodiments, it should be
understood that this description is not intended to limit the disclosure to the described
embodiments. To the contrary, the description is intended to cover alternatives,
modifications, and equivalents as may be included within the spirit and scope of the
disclosure as defined by the appended claims.
er software may be distributed from one computer system (e.g., a server)
to another computer system (e.g., a client) over a computer network (e.g., the Internet).
In fact, an sing number of software developers, manufactures, and distributors
consider computer networks as a convenient, fast, and cost-effective channel for re
distribution. For e, a person often is able to download the latest version of a piece
of computer software developed by a company from that company’s website. In a typical
scenario, the person may load a web page that contains the download link to the piece of
software in a web browser executed on his computer system, and then click the download
link provided in the web page. This usually causes a file to be downloaded to the
person’s computer system. The file may be an installation script or executable or the
executable code of the software itself The person may save the file on the hard drive of
his computer system. If the file is an installation script or executable, the person may run
the downloaded file to install the software onto his computer system. On the other hand,
if the file is the able code of the software, the person may run the software directly
(e.g., by double clicking on the executable file).
Having to save or install the software programs downloaded over the computer
networks onto the hard drive of a computer system in order to e the programs may
be inconvenient or cumbersome at times. For example, first, saving downloaded files to a
hard drive and installing software onto a computer system often take time. Furthermore,
if a piece of software is large in size (e.g., Adobe® PDF Reader®), the lation
process may take a significant amount of time. The user of the computer system may
have to go through several steps (e. g., installation, setup, etc.) before he can execute the
downloaded re. Second, saving files to a hard drive and installing software onto a
computer system use up e capacity (e.g., hard drive space) of the computer system.
Sometimes, a computer system (e.g., a netbook or notebook computer) may not have
sufficient storage space for all of the software its user wishes to install onto the computer
system. Third, software developers may update their software and e newer versions
of the software from time to time. The newer versions of a piece of software y are
of a better quality than the older versions. Thus, people may wish to keep their re
relatively date. However, to update a piece of re, a person often needs to
uninstall the older version of the re currently led on his computer system and
then download and install the newer version. In addition, some software developers may
want to deliver software-based application services to users that do not require such
lations as they would like to avoid having any downloaded code remain on
permanent data storage devices after the initial, or any subsequent, use.
To address some of these issues, particular embodiments enable a user of one
computer system (e.g., a ) to download computer software programs from another
computer system (e.g., a server) over a computer network (e.g., the Internet) for execution
on the user’s computer system without having to store or install the software ms or
any other types of software onto any permanent e (e. g., the hard drive) of the user’s
computer system. In other words, the user may download a piece of software onto his
computer system and execute that piece of software on his computer system. After the
execution of the software is completed (e. g., after the user exits the software), there is no
trace of the software or any other related re left on the user’s computer system.
For purpose of clarification, hereafter, the computer system to which the software
is downloaded and on which the software is executed is referred to as the “client”, and the
computer system from which the software is downloaded is referred to as the “server”.
r, one skilled in the art may appreciate that the embodiments described in more
detail below may be suitably applied to any two computer systems (e. g., two servers, two
clients, or a server and a client). In on, the piece of software aded from the
server to the client and executed on the client (i.e., the software that a person wants to
use) is referred as the target software.
In particular ments, another piece of software, hereafter referred to as the
“stub software” or simply a “stu ”, may facilitate the downloading and the execution of
the target software. In particular ments, the stub may be implemented using any
suitable programming language and compiled as computer able code. In particular
embodiments, the executable code of the stub may be stored on the server and
downloaded to the client for execution using a client-side script written in any suitable
programming language, such as, for e and without limitation, Java, JavaScript,
Python, etc., which may be executed in a web browser. For example, the client-side
script may be included in a web page as a clickable link. To access the -side script,
a user may load the web page containing the client-side script in a web r (e.g.,
Microsoft Internet Explorer, Mozilla Firefox, or Google Chrome) residing on the client
and then click the link to the client-side script provided in the web page. This causes the
client-side script code to be transmitted to the web browser for execution by the web
browser.
FIGURE 1 illustrates an example method of deploying a target re from a
server to a client for execution on the client h the use of a stub. In particular
embodiments, once the client-side script is executed in a web browser, the script accesses
a foreign filnction library residing on the client, as illustrated in STEP 100. Many
programming languages provide foreign function interfaces. A n function interface
is a mechanism by which a software program n in one programming language can
invoke es or make use of services written in another programming language (e.g.,
functions provided by an operating system or software library). Typically, the functions
implementing the foreign filnction interface of a programming language are included in a
foreign filnction y provided by that programming language. For example, Python
provides a foreign function library called the “ctypes package”; Java provides Java Native
Interface and Java Native Access that enable Java programs to access native shared
libraries; and JavaScript provides JavaScript Native Interface (JSNI), also called
JavaScript Foreign on ace (JSFFI). Some web browsers (e. g., Mozilla
Firefox) also support native or foreign function access for code ing in these web
browsers.
ing on the specific programming language in which the script code is
written, the script may invoke the corresponding foreign function library of that
programming language. For example, with Python, there is a function called
“load_library” that may be used to load a specific y. Microsoft Windows
provides a function called “LoadLibrary” for loading a specified module into the
address space of the calling process.
In particular embodiments, through the appropriate n function interface, the
script may obtain a pointer to a memory allocation function residing on the client, as
illustrated in STEP 102. The specific memory allocation function available on the client
may depend on the operating system of the client or the software libraries available on the
client. For example, oft Windows provides a function called “VirtualAlloc”
for reserving or committing a region of pages in the virtual address space of the calling
process. C and C++ programming languages both provide a y filnction called
“mal 1 oc” for ming dynamic memory allocation of a specified size.
In particular embodiments, using the memory allocation function (e. g.,
“VirtualAlloc”), the script may allocate a specific amount of memory, as illustrated
in STEP 104. The allocated memory should be sufficient for the executable code of the
stub. In particular embodiments, the able code of the stub may be downloaded
from the server and n into the allocated memory, as illustrated in STEP 106. In
particular embodiments, the stub may require some library functions contained in s
shared libraries. For example, with Microsoft Windows, the share libraries are called
dynamic-link libraries (DLLs). The shared libraries containing the functions needed by
the stub may be loaded using an appropriate library loading function (e.g.,
“LoadLibrary” or “load_library”).
In particular embodiments, the memory in which the executable code of the stub is
written is marked as executable memory. For example, Microsoft Windows provides a
mechanism called data execution prevention (DEP), which is a set of hardware and
software technologies that perform additional checks on memory to help protect against
malicious code exploits. Briefly, all memory locations in a s are marked as non-
executable unless the location itly contains able code. Thus, the memory
locations where the executable code of the stub are written need to be marked as
executable in order for the stub code to be executed. With Microsoft Windows, specif1c
memory ons may be marked as executable by setting an appropriate flag or attribute
(e.g., marking the allocated memory as “PAGa'. filXfiiCUTfii”, “'9AG4. atXaiCUTa: ,
“PAGa: filXfiiCUTfi'. RazAiDWR Tat”, or “PAGa: filXfiiCUTfi'. WR Ta1CO'9Y”).
In ular embodiments, the script may obtain a pointer to the executable code
of the stub in the allocated memory, as illustrated in STEP 110. In particular
embodiments, the executable code of the stub may be ed directly from memory, as
illustrated in STEP 112. In ular embodiments, the stub may facilitate the download
and execution of the target software on the client, as illustrated in STEP 114. This
process is described in more detail below in connection with FIGURE 2.
In particular embodiments, after the stub completes its tasks (i.e., tating the
download and execution of the target software on the client), the script may obtain a
pointer to a memory de-allocation function residing on the client, again through the
appropriate foreign fianction interface, as rated in STEP 116. The specific memory
de-allocation fianction ble on the client may depend on the operating system of the
client or the software libraries ble on the . For example, Microsoft Windows
provides a function called “VirtualFree” for releasing, de-committing, or releasing
and de-committing a region of pages within the virtual address space of the calling
process. C and C++ programming languages both provide y fianctions such as
“deal loc” and “free” for freeing up (i.e., de-allocating) allocated dynamic memory.
WO 16068
In particular embodiments, using the memory de-allocation fianction (e.g.,
“VirtualFree”), the script may de-allocate the memory in which the executable code
of the stub is written, as illustrated in STEP 118. Subsequently, this memory space may
be used for other purposes and other data may be loaded into the same memory space,
overriding the executable code of the stub. Thus, after the memory locations where the
executable code of the stub is written are freed (i.e., de-allocated), the able code of
the stub is gone (e.g., ed or removed) from the client. There is no trace of the
executable code of the stub left on the client, as the stub is not saved in or installed on any
permanent storage (e.g., the hard drive) of the client.
In particular embodiments, instead of explicitly de-allocating the memory
ons where the executable code of the stub is written, the memory locations may be
freed up implicitly. For example, if the user exists the web browser or leaves the web
page containing the client-side script, all memory ons involved with the script are
freed up, which means the memory ons where the able code of the stub is
written are also freed up.
In particular embodiments, once executed directly from the allocated memory on
the client, the stub facilitates the downloading and execution of the target software. In
particular ments, the stub may establish a network connection between the client
and a server where the target software is stored and download the executable code of the
target re from the server over the network connection to the client. In particular
embodiments, the executable code of the target software may be embedded in a data
stream sent from the server to the client over the network connection. Upon receiving the
data stream, the stub may extract the executable code of the target software and load it
directly into the Random-Access Memory (RAM) of the client for ion on the client.
The target software is not saved in or installed onto any permanent storage (e. g., the hard
drive) of the client, same as the stub. Once the target software tes its execution on
the client, the RAM space in which the executable code of the target re is loaded
may be released and the target software no longer exists anywhere on the client.
The target software may be downloaded and launched on the client without having
to be saved or installed on the client, which may decrease the usage of the storage
capacity of the client. Furthermore, since the target software is downloaded just prior to
its execution on the client, the latest or any desired version of the target software may be
obtained each time the target software is downloaded and launched.
FIGURE 2 illustrates an example method for the stub to facilitate the downloading
and execution of the target software on the client. In particular embodiments, the target
software being downloaded is an application program. The executable code of the target
software may be stored on a server, which may be the same server where the executable
code of the stub is stored or a different server.
In ular embodiments, the stub may establish a network connection between
the client and the server where the executable code of the target software is stored, as
illustrated in step 200. The stub may take over an existing connection already established
between the server and the client (e. g., the connection established by the web browser) or
ish a new connection. If the stub establishes a new network connection, the new
tion may be established using any suitable aking methods between two
computer s coupled to a computer network. For e, the stub executing on
the client may send a connection request to the server, and the server, upon receiving the
connection request, may send a response back, indicating whether the connection request
is accepted or rejected. If the server has accepted the connection request, the network
connection may be established between the client and the server accordingly. In
ular embodiments, communications between the server and the client may use any
suitable communication protocol, such as, for example and without tion, Hypertext
Transfer Protocol , User Datagram Protocol (UDP), or Transport Control Protocol
(TCP).
In particular ments, there may be multiple software programs stored on the
server or there may be multiple versions of a particular software program stored on the
server, which may be downloaded to individual clients. In particular embodiments, each
version of each piece of software that may be downloaded from a server to a client by a
stub executing on the client may be identified by a unique fier. This unique
identifier may be used to notify the server which ic piece of software a client’s stub
wishes to ad. In particular embodiments, each piece of downloadable software
may be considered a k resource. Thus, a particular piece of downloadable
re may be identified by its unique network path or Uniform Resource Identifier
(URI). The stub may reference to the target software using its URI.
Sometimes, a piece of software may have multiple versions. In particular
embodiments, the stub may determine the most suitable version of the target software for
the client. For example, there are multiple versions of the Microsoft Windows operating
s (e.g., Windows XP, Windows ME, or Windows 7) as well as 32-bit operating
systems and 64-bit operating systems. The stub may examine the operating system of the
client to determine the c version of the target software most compatible with the
ing system of the client. If the operating system of the client is a 32-bit ing
system, then the stub may fy a 32-bit version of the target software. On the other
hand, if the ing system of the client is a 64-bit operating , then the stub may
identify a 64-bit version of the target software.
In particular embodiments, when requesting a network connection with the
particular server where the target software is stored, the stub may send the unique
identifier of the target software to the server together with the connection request or as a
part of the connection request. Alternatively, in particular embodiments, the stub may
send the identifier of the target software to the server as a separate request after the
connection between the server and the client has been established. The server may then
determine which particular piece of software it should transmit to the requesting client.
The process may be similar to invoking a data stream via a web browser (e. g., by clicking
on a URL or URI link to a adable file contained in a web page).
In particular embodiments, the server may transmit a data stream to the requesting
client, and more specifically, to the stub executing on the requesting client, over the
network connection, as illustrated in step 202. The network connection may be a TCP
connection, a UDP connection, a HTTP connection, or any other suitable connection. In
particular embodiments, the data stream may be a video stream or an audio stream. In
particular embodiments, the executable code of the target software requested by the stub
may be embedded in the data stream as one or more data packets. For example, the target
software may be a video decoder that receives a video stream encoded by a video codec,
decodes the data and renders the video data on a display of the . As another
example, the target software may be a computer game.
In particular embodiments, the executable code of the target software may be
embedded in the data stream. In particular ments, the executable code of the
target software may be e code or native code and may be platform-dependent. In
particular embodiments, the executable code of the target software has been complied to
2012/026125
run on the platform of the particular client requesting the target software (e.g., based on
the client’s hardware architecture and operating system).
In particular embodiments, the data stream may include two portions. In
particular embodiments, the first portion of the data stream (i.e. the beginning of the data
stream) may contain the executable code of the target software. In particular
embodiments, the executable code of the target software may be optionally compressed
using any suitable ssion methods. For example, a lossless compression method,
such as zip or gzip, may be used to compress the executable code of the target software.
In particular embodiments, the executable code of the target software may be embedded
within a Video stream. As most types of Video s are generic container formats,
data, and more cally, the executable code of the target software, may be embedded
in such a Video stream. In particular embodiments, the first portion of the data stream
may also e operational variables and parameters, such as a parameter that indicates
the size of the memory space (e.g., RAM memory space) needed to load and e the
executable code of the re.
In particular embodiments, the second portion of the data stream may optionally
contain additional data that may be consumed by the target software during its execution.
In particular embodiments, the additional data may be optionally encoded or compressed
using any suitable encoding or compressing methods and itted as one or more data
packets. Again, if the data stream is a Video stream, then the additional data may be
encoded using a Video ng method, such as MPEG encoding.
In particular embodiments, upon receiving the data stream, the stub may access
the first portion of the data stream to extract the executable code of the target software
embedded therein. If needed, the stub may decode or ress the extracted
executable code of the target software. The decoding or decompressing methods used by
the stub may pond to the encoding or compressing s used to encode or
compress the executable code of the target software. For example, if the executable code
of the target software has been compressed using a suitable compression algorithm (e.g., a
ss compression algorithm), the stub may decompress it using a corresponding
decompression algorithm. Similarly, if the executable code of the target software has
been encoded using a suitable encoding algorithm, the stub may decode it using a
corresponding decoding algorithm. In addition, in particular embodiments, the stub may
WO 16068
also access the first portion of the data stream to extract the ters that indicate the
size of the memory space needed to load and execute the executable code of the target
In ular embodiments, to prevent unauthorized or malicious software from
being downloaded and executed on the client, the stub may validate the executable code
of the target software extracted from the first portion of the data stream using any suitable
validation methods, as illustrated in step 204. In particular ments, a white list of
trusted sources (e.g., domain names or IP addresses of trusted s) may be provided
with the stub. Upon ing a piece of software, the stub may compare the source (e. g.,
the server or website) transmitting the software against its white list. Only software
transmitted by the trusted sources on the white list may be executed on the client.
Software received from sources not on the white list may be discarded or quarantined. In
particular embodiments, the executable code of the target software embedded in the first
portion of the data stream may be signed and associated with a digital certificate. The
stub may validate the executable code of the target software using its ated l
certificate.
If the executable code of the target software is not valid (step 206, “NO”), then the
executable code of the target software is not launched on the client and may be discarded.
On the other hand, if the executable code of the target software is valid (step 206,
“YES”), then, in particular embodiments, the stub may allocate a sufficient amount of
memory on the client for loading and executing the executable code of the target
software, as illustrated in step 208. In particular embodiments, the amount of memory
allocated may not be less than the size of the memory space needed to load and execute
the executable code of the target software, as indicated by the le included in the
first portion of the data stream. In particular embodiments, the allocated memory may be
dynamic memory, Virtual memory, or RAM of the client.
Most operating systems provide library filnctions that enable an application
program to allocate and de-allocate Virtual or dynamic memory and m other types
of memory-related filnctions during runtime. In particular embodiments, the stub may,
through an appropriate foreign function library, invoke appropriate library ons
provided by the operating system of the client to allocate the required memory space for
the executable code of the target software. For example, as described above, “malloc”
is a standard library function of both C and C++ programming ges for ting
dynamic memory space. For Microsoft Windows platforms, “VirtualAlloc” is a
Win32 library function for reserving a region of pages in the virtual s space. Once
the memory has been allocated, the stub may invoke appropriate library functions to set
the flag for the allocated memory space as “executable”, which indicates to the ing
system that the data stored in the allocated memory are executable code. For example,
with Microsoft s, the attribute “PAGa'. alXaiCJTfii”, . atXaiCUTa'. RaiAiD”,
“PAG*'._«'.X*'.CUT *1_R*'.ADWR T 4.”, or “PAG*1_4.X*'.CJT *1_WR T *iCOPY” may be
specified in connection with the memory allocation (e.g., using “VirtualAlloc”) to
ask the operating system for a ient amount of virtual memory that has the right for
ing code, and operationally with the rights for reading or writing code.
In ular embodiments, the stub may load the executable code of the target
software directly into the allocated memory (e.g., the allocated dynamic memory) without
having to save or install the executable code of the target software on the hard drive of the
client, as illustrated in step 210. In particular embodiments, the stub may invoke
appropriate library ons provided by the operating system of the client or the
software libraries on the client to copy the binary data representing the executable code of
the target software directly into the allocated virtual or dynamic memory space. For
example, with Microsoft Windows, “CopyMemory” is a function for copying a block of
memory from one location .
to another location; and “memcpy’ , 1s a standard library
function of both C and C++ programming ges for copying data from one memory
location to another memory location.
In particular embodiments, the target software may require certain library
functions. If a required library function y exists on the client, the stub may load the
shared library containing the required library function for the target software. For
example, with Microsoft s, a shared library (e.g., a DLL) may be loaded using
the “LoadLibrary” function. On the other hand, if a required library fianction does not
exist on the client, the stub may download the shared library containing the required
library fianction or the required library fianction by itself from an appropriate server,
allocate virtual memory for the shared library or the required library on, and write
the shared library or the required library fianction in the allocated virtual memory so that
the target software may use the library function when needed. In other words, for those
resources (e.g., y functions) needed by the target software during its execution, if the
resources already exist on the , the resources on the client are used; and if the
resources do not exist on the client, the stub download the resources for the target
In particular embodiments, the stub may also adjust a branch table, also referred to
as a jump table, to include the information concerning the executable code of the target
software loaded in the allocated memory. This process may be referred to as a “fix-up”
process. A branch table is an efficient method of transferring program l from one
part to another part of a program or from one program to another program. By adjusting
the appropriate branch table entries, the operating system may be made aware of the
executable code of the software now loaded in the allocated memory.
The actual steps that are performed during a fix-up process may vary depending
on the rm or the operating system of the client. For example, with Microsoft
Windows platform, an executable format typically has a relocation table and an import
table. In general, the able code is linked assuming it will be loaded to a fixed
address. In order to load the executable code into a different address, any absolute
addresses used by the executable code are found and -up” to cater for the change in
the base address. This may be ed using the relocation table. In particular
embodiments, the tion table compiles a list of all of the absolute addresses within
the executable code such that they may be fixed up when the executable code is loaded.
The import table lists the absolute addresses of all of the routines that the executable code
may call. This may include both API routines and es in other c-link libraries
(DLLs). These import addresses are replaced with the actual addresses of the routines
within the address space of the current process. The import table is a list of the location
of these addresses within the executable code (the addresses may be within a jump table
or trampoline area, but also may be a list of data for indirect calls).
Particular embodiments may take advantage of the Portable Executable (PE)
format, which is a file format for executables, object code, and DLLs used in Microsoft
Windows operating systems. The PE format is versatile in numerous environments of
operating system software architecture. Generally, the PE format is a data structure that
encapsulates the information necessary for the Microsoft Windows operating system
loader to manage the wrapped executable code. Particular embodiments may compile
and save the executable code of the software using the PE format. For other platforms,
implementations of the invention may operate with raw able code that requires a
single entry point without any fixups. In some implementations, the raw executable code
can be configured to perform the fixups itself and can cover such code as ELF and
MACH-O.
In particular embodiments, the target software may be ed on the client, as
illustrated in step 212. In particular embodiments, the executable code of the target
re may be launched ly from the allocated dynamic memory in which it is
stored. In particular embodiments, the stub may cause the executable code of the target
software loaded in the allocated memory to begin execution. Consequently, the stub may
transfer the execution to the target re.
In ular embodiments, the stub may pass the socket, or more precisely, the
Internet socket or the network socket, associated with the network connection between
the client and the server and the data stream to the target software that is now being
executed on the client, as illustrated in 214. Network sockets constitute a mechanism for
ring incoming data packets to the appropriate application process or thread. By
g the network socket associated with the data stream to the target software, the
target software may now e the additional data packets that contain the additional
data in the second portion of the data stream. The target software may then consume
(e.g., process) the additional data contained in the second portion of the data stream. In
particular embodiments, the stub may invoke appropriate library functions provided by
the operating system of the client to pass the network socket to the now executing target
software. For example, the Windows Sockets Application Programming Interface (API),
also referred to as Winsock, enables a network socket to be passed from one process to
another using the “WSAiDupl icateSocke t” on.
The target software may continue its execution until it is completed. In particular
ments, once the target software has completed its execution (i.e., has ), the
dynamic memory space used to load the executable code of the target software program
may be de-allocated (e.g., by the operating system of the client). For example, with
Microsoft Windows, the alFree” function may be invoked to free up the
allocated memory where the excitable code of the target software is stored.
Subsequently, this memory space may be used for other purposes and other data may be
loaded into the same memory space, overriding the executable code of the target
software. At this point, the target software no longer exits on the client without any state
changes to client (e.g., no files on a drive, no system registry s, etc.) because it was
installed by the stub directly into memory and not stored in any persistent media on the
client including, in some embodiments, the browser cache or other temporary data storage
mechanisms.
In some ments, a first executable code object embedded in the stream and
ed by the stub may itself cause another process to be generated by requesting
another data stream that also includes a second executable code object. The second
executable code object may be launched as a child process of the first executable code
object and share the same sand-boxed file system generated by the first able code
object. For example, the first executable code object may be a virtual machine that
allows one or more second executable code objects to run entirely in memory and sand-
boxed by the first virtual machine code object. In particular implementation, for example,
writes to a data storage subsystem by the second code object are n by the virtual
machine into memory, not a peripheral device which could be analyzed when a user logs
off the client. For example, this embodiment can be used to allow for demonstration
versions of software in that the first executable code object may be a virtual machine that
sandboxes a second program to be demonstrated or . As discussed above, when the
first and second executable code objects end, all traces ofthem in memory are gone. The
foregoing embodiment can also be used to prevent unauthorized access to data that is
typically cached during application execution.
Particular ments may be implemented in a network environment. FIGURE
3 illustrates an example network environment 300. Network environment 300 includes a
network 310 coupling one or more servers 320 and one or more clients 330 to each other.
In particular embodiments, network 310 is an intranet, an extranet, a virtual private
network (VPN), a local area network (LAN), a wireless LAN (WLAN), a wide area
k (WAN), a metropolitan area network (MAN), a portion of the et, or
r network 310 or a combination oftwo or more such ks 310. This disclosure
contemplates any suitable k 310.
One or more links 350 couple a server 320 or a client 330 to network 310. In
particular embodiments, one or more links 350 each includes one or more wireline,
wireless, or optical links 350. In ular embodiments, one or more links 350 each
includes an intranet, an extranet, a VPN, a LAN, a WLAN, a WAN, a MAN, a portion of
the Internet, or another link 350 or a combination of two or more such links 350. This
disclosure contemplates any suitable links 350 coupling servers 320 and clients 330 to
network 310.
In particular embodiments, each server 320 may be a unitary server or may be a
distributed server spanning le ers or multiple datacenters. Servers 320 may
be ofvarious types, such as, for example and without limitation, web server, news server,
mail server, message server, advertising server, file server, application server, ge
server, database server, or proxy server. In ular embodiments, each server 320 may
include re, software, or ed logic components or a combination of two or
more such components for carrying out the appropriate functionalities implemented or
supported by server 320. For example, a web server is generally capable of hosting
websites ning web pages or particular elements ofweb pages. More specifically, a
web server may host HTML files or other file types, or may dynamically create or
constitute files upon a request, and communicate them to clients 330 in response to HTTP
or other requests from s 330. A mail server is generally capable of providing
electronic mail services to s clients 330. A database server is generally capable of
ing an interface for managing data stored in one or more data stores.
In particular embodiments, the executable code of a stub 322 and the executable
code of a piece of software 324 may reside on a server 320. They may be downloaded to
a client 330 for execution without being saved or installed on client 330. While they are
being executed on client 330, they exit in the virtual memory on client 330. After their
executions are completed, they are removed from client 330 when the virtual memory is
freed up, thus leaving no trace on client 330.
In ular embodiments, one or more data storages 340 may be
communicatively linked to one or more severs 320 via one or more links 350. In
particular embodiments, data storages 340 may be used to store various types of
information. In ular embodiments, the information stored in data storages 340 may
be zed according to specific data structures. In particular embodiment, each data
storage 340 may be a relational database. Particular embodiments may provide interfaces
2012/026125
that enable servers 320 or clients 330 to manage, e.g., retrieve, modify, add, or delete, the
information stored in data e 340.
In particular embodiments, each client 330 may be an electronic device including
hardware, software, or embedded logic components or a combination of two or more such
components and capable of carrying out the appropriate fianctionalities implemented or
supported by client 330. For example and t limitation, a client 330 may be a
desktop computer system, a notebook computer system, a netbook computer system, a
handheld electronic device, or a mobile telephone. This disclosure contemplates any
suitable clients 330. A client 330 may enable a network user at client 330 to access
network 330. A client 330 may enable its user to communicate with other users at other
s 330.
A client 330 may have a web browser 332, such as MICROSOFT INTERNET
EXPLORER, GOOGLE CHROME or MOZILLA FIREFOX, and may have one or more
add-ons, plug-ins, or other extensions, such as TOOLBAR or YAHOO TOOLBAR. A
user at client 330 may enter a Uniform Resource Locator (URL) or other address
directing the web browser 332 to a server 320, and the web r 332 may generate a
Hyper Text er Protocol (HTTP) request and communicate the HTTP t to
server 320. Server 320 may accept the HTTP request and communicate to client 330 one
or more Hyper Text Markup Language (HTML) files responsive to the HTTP request.
Client 330 may render a web page based on the HTML files from server 320 for
presentation to the user. This disclosure contemplates any suitable web page files. As an
example and not by way of limitation, web pages may render from HTML files,
Extensible Hyper Text Markup Language (XHTML) files, or ible Markup
Language (XML) files, according to ular needs. Such pages may also execute
scripts such as, for example and without limitation, those written in JAVASCRIPT,
JAVA, MICROSOFT SILVERLIGHT, combinations of markup language and scripts
such as AJAX (Asynchronous JAVASCRIPT and XML), and the like. , reference
to a web page encompasses one or more ponding web page files (which a browser
may use to render the web page) and vice versa, where appropriate.
ular embodiments may be implemented on one or more computer systems.
FIGURE 4 illustrates an example computer system 400. In particular embodiments, one
or more computer systems 400 perform one or more steps of one or more methods
described or illustrated herein. In particular embodiments, one or more computer systems
400 provide functionality described or illustrated herein. In particular ments,
software g on one or more computer systems 400 ms one or more steps of
one or more methods described or illustrated herein or provides functionality described or
illustrated herein. Particular embodiments include one or more portions of one or more
computer s 400.
This disclosure contemplates any suitable number of computer systems 400. This
disclosure contemplates computer system 400 taking any suitable physical form. As
example and not by way of limitation, computer system 400 may be an embedded
computer system, a system-on-chip (SOC), a single-board computer system (SBC) (such
as, for e, a computer-on-module (COM) or -on-module (SOM)), a desktop
computer system, a laptop or notebook computer system, an interactive kiosk, a
mainframe, a mesh of computer s, a mobile telephone, a personal digital assistant
(PDA), a server, or a combination of two or more of these. Where appropriate, computer
system 400 may include one or more computer s 400; be y or distributed;
span multiple locations; span multiple machines; or reside in a cloud, which may include
one or more cloud components in one or more ks. Where appropriate, one or more
computer systems 400 may perform without substantial spatial or temporal limitation one
or more steps of one or more methods described or illustrated herein. As an example and
not by way of limitation, one or more computer systems 400 may perform in real time or
in batch mode one or more steps of one or more methods described or illustrated herein.
One or more computer systems 400 may perform at different times or at different
locations one or more steps of one or more s described or illustrated herein, where
riate.
In particular ments, computer system 400 includes a processor 402,
memory 404, e 406, an input/output (I/O) interface 408, a communication interface
410, and a bus 412. Although this disclosure describes and illustrates a particular
computer system having a particular number of particular components in a particular
arrangement, this disclosure contemplates any suitable computer system having any
suitable number of any suitable components in any le arrangement.
In particular embodiments, processor 402 includes hardware for executing
instructions, such as those making up a computer m. As an example and not by
way of tion, to execute instructions, processor 402 may retrieve (or fetch) the
instructions from an internal register, an al cache, memory 404, or storage 406;
decode and execute them; and then write one or more results to an internal register, an
internal cache, memory 404, or storage 406. In particular embodiments, processor 402
may include one or more internal caches for data, instructions, or addresses. This
disclosure contemplates processor 402 including any suitable number of any suitable
internal caches, where appropriate. As an example and not by way of limitation,
sor 402 may include one or more instruction caches, one or more data caches, and
one or more translation lookaside buffers (TLBs). Instructions in the instruction caches
may be copies of instructions in memory 404 or storage 406, and the instruction caches
may speed up retrieval of those instructions by processor 402. Data in the data caches
may be copies of data in memory 404 or storage 406 for instructions executing at
processor 402 to operate on; the results of previous instructions ed at processor 402
for access by subsequent instructions executing at processor 402 or for writing to memory
404 or storage 406; or other suitable data. The data caches may speed up read or write
operations by processor 402. The TLBs may speed up virtual-address translation for
processor 402. In particular embodiments, processor 402 may include one or more
internal registers for data, instructions, or addresses. This disclosure plates
processor 402 including any suitable number of any suitable internal registers, where
appropriate. Where appropriate, processor 402 may include one or more etic logic
units (ALUs); be a multi-core processor; or include one or more processors 402.
Although this sure describes and rates a particular processor, this disclosure
contemplates any suitable processor.
In particular embodiments, memory 404 includes main memory for storing
instructions for sor 402 to execute or data for processor 402 to e on. As an
example and not by way of limitation, computer system 400 may load instructions from
storage 406 or another source (such as, for example, another computer system 400) to
memory 404. Processor 402 may then load the instructions from memory 404 to an
internal register or al cache. To execute the instructions, processor 402 may
retrieve the ctions from the internal er or internal cache and decode them.
During or after execution of the instructions, processor 402 may write one or more results
(which may be intermediate or final results) to the internal er or internal cache.
2012/026125
Processor 402 may then write one or more of those s to memory 404. In ular
ments, processor 402 executes only instructions in one or more internal ers
or internal caches or in memory 404 (as opposed to storage 406 or elsewhere) and
operates only on data in one or more internal registers or internal caches or in memory
404 (as opposed to storage 406 or elsewhere). One or more memory buses (which may
each include an address bus and a data bus) may couple processor 402 to memory 404.
Bus 412 may include one or more memory buses, as described below. In particular
embodiments, one or more memory management units (MMUs) reside between processor
402 and memory 404 and facilitate accesses to memory 404 requested by processor 402.
In particular embodiments, memory 404 includes random access memory (RAM). This
RAM may be volatile memory, where appropriate Where appropriate, this RAM may be
dynamic RAM (DRAM) or static RAM (SRAM). Moreover, where appropriate, this
RAM may be single-ported or multi-ported RAM. This disclosure contemplates any
suitable RAM. Memory 404 may include one or more memories 404, where appropriate.
Although this disclosure describes and illustrates particular memory, this disclosure
contemplates any suitable memory.
In particular embodiments, storage 406 es mass storage for data or
instructions. As an example and not by way of limitation, storage 406 may include an
HDD, a floppy disk drive, flash memory, an optical disc, a magneto-optical disc,
magnetic tape, or a sal Serial Bus (USB) drive or a combination of two or more of
these. Storage 406 may include removable or non-removable (or fixed) media, where
appropriate. Storage 406 may be internal or external to computer system 400, where
appropriate. In particular embodiments, storage 406 is non-volatile, solid-state memory.
In ular embodiments, storage 406 includes read-only memory (ROM). Where
appropriate, this ROM may be mask-programmed ROM, programmable ROM (PROM),
erasable PROM ), electrically erasable PROM (EEPROM), electrically alterable
ROM (EAROM), or flash memory or a combination of two or more of these. This
disclosure contemplates mass storage 406 taking any suitable physical form. Storage 406
may include one or more storage control units tating communication n
processor 402 and storage 406, where riate. Where appropriate, storage 406 may
include one or more storages 406. Although this disclosure describes and rates
particular e, this disclosure contemplates any suitable storage.
In particular embodiments, I/O interface 408 es re, software, or both
providing one or more interfaces for communication between computer system 400 and
one or more I/O s. Computer system 400 may include one or more of these I/O
devices, where appropriate. One or more of these I/O devices may enable communication
between a person and computer system 400. As an example and not by way of limitation,
an I/O device may include a keyboard, keypad, microphone, r, mouse, printer,
r, speaker, still camera, stylus, tablet, touch screen, trackball, video camera,
another suitable I/O device or a combination of two or more of these. An I/O device may
include one or more sensors. This disclosure contemplates any suitable I/O devices and
any le I/O interfaces 408 for them. Where appropriate, I/O interface 408 may
include one or more device or software drivers enabling processor 402 to drive one or
more of these I/O devices. I/O interface 408 may include one or more 1/0 interfaces 408,
where appropriate. Although this disclosure describes and illustrates a particular I/O
interface, this disclosure plates any suitable I/O interface.
In particular ments, communication interface 410 includes hardware,
re, or both providing one or more interfaces for ication (such as, for
example, packet-based communication) between computer system 400 and one or more
other er systems 400 or one or more networks. As an example and not by way of
limitation, communication interface 410 may include a network interface controller (NIC)
or network adapter for communicating with an Ethernet or other wire-based network or a
wireless NIC (WNIC) or wireless adapter for communicating with a wireless network,
such as a WI-FI network. This disclosure contemplates any suitable network and any
suitable communication interface 410 for it. As an example and not by way of limitation,
computer system 400 may communicate with an ad hoc network, a personal area network
(PAN), a local area network (LAN), a wide area k (WAN), a metropolitan area
network (MAN), or one or more portions of the Internet or a combination of two or more
of these. One or more portions of one or more of these networks may be wired or
wireless. As an example, computer system 400 may icate with a wireless PAN
(WPAN) (such as, for example, a BLUETOOTH WPAN), a WI-FI network, a WI-MAX
network, a cellular telephone network (such as, for example, a Global System for Mobile
Communications (GSM) network), or other suitable wireless k or a combination of
two or more of these. Computer system 400 may include any suitable communication
interface 410 for any of these networks, where appropriate. Communication interface 410
may include one or more communication interfaces 410, where appropriate. Although
this disclosure describes and rates a particular communication interface, this
disclosure contemplates any suitable communication interface.
In particular embodiments, bus 412 includes hardware, software, or both coupling
components of computer system 400 to each other. As an example and not by way of
limitation, bus 412 may include an Accelerated Graphics Port (AGP) or other graphics
bus, an Enhanced Industry Standard ecture (EISA) bus, a front-side bus (FSB), a
HYPERTRANSPORT (HT) onnect, an Industry Standard ecture (ISA) bus,
an INFINIBAND interconnect, a low-pin-count (LPC) bus, a memory bus, a Micro
Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-
s (PCI-X) bus, a serial advanced technology ment (SATA) bus, a Video
Electronics Standards Association local (VLB) bus, or another suitable bus or a
combination of two or more of these. Bus 412 may include one or more buses 412, where
appropriate. Although this disclosure describes and illustrates a particular bus, this
disclosure contemplates any suitable bus or interconnect.
Herein, reference to a computer-readable storage medium encompasses one or
more non-transitory, tangible computer-readable storage media possessing structure. As
an example and not by way of limitation, a computer-readable storage medium may
include a semiconductor-based or other ated circuit (IC) (such, as for example, a
field-programmable gate array (FPGA) or an application-specific IC (ASIC)), a hard disk,
an HDD, a hybrid hard drive (HHD), an l disc, an optical disc drive (ODD), a
magneto-optical disc, a magneto-optical drive, a floppy disk, a floppy disk drive (FDD),
magnetic tape, a holographic storage medium, a solid-state drive (SSD), a RAM-drive, a
SECURE L card, a SECURE DIGITAL drive, or r suitable computer-
le storage medium or a combination of two or more of these, where appropriate.
Herein, reference to a computer-readable storage medium excludes any medium that is
not eligible for patent protection under 35 U.S.C. § 101. Herein, reference to a computer-
readable storage medium excludes transitory forms of signal transmission (such as a
propagating electrical or electromagnetic signal per se) to the extent that they are not
eligible for patent protection under 35 U.S.C. § 101. A computer-readable non-transitory
e medium may be volatile, latile, or a combination of volatile and non-
2012/026125
volatile, where appropriate.
This disclosure contemplates one or more computer-readable storage media
implementing any suitable storage. In particular embodiments, a computer-readable
storage medium implements one or more portions of processor 402 (such as, for example,
one or more internal ers or caches), one or more portions of memory 404, one or
more portions of storage 406, or a combination of these, where appropriate. In particular
embodiments, a computer-readable storage medium ents RAM or ROM. In
particular embodiments, a computer-readable storage medium implements volatile or
persistent memory. In particular embodiments, one or more computer-readable storage
media embody re. Herein, reference to re may encompass one or more
applications, bytecode, one or more computer programs, one or more executables, one or
more instructions, logic, e code, one or more scripts, or source code, and vice
versa, where appropriate. In particular embodiments, software includes one or more
application programming interfaces (APIs). This disclosure contemplates any suitable
software written or otherwise expressed in any suitable mming language or
combination of programming languages. In particular embodiments, software is
expressed as source code or object code. In particular embodiments, software is
expressed in a higher-level programming language, such as, for example, C, Perl, or a
suitable ion thereof. In particular embodiments, software is expressed in a lower-
level mming language, such as assembly language (or machine code). In particular
embodiments, software is expressed in JAVA. In particular embodiments, software is
sed in Hyper Text Markup Language (HTML), Extensible Markup ge
(XML), or other suitable markup language.
Herein, “or” is inclusive and not exclusive, unless expressly indicated otherwise
or indicated otherwise by context. Therefore, herein, “A or B” means “A, B, or both,”
unless expressly indicated otherwise or indicated otherwise by context. Moreover, “and”
is both joint and several, unless expressly indicated otherwise or indicated otherwise by
context. Therefore, herein, “A and B” means “A and B, y or severally,” unless
expressly indicated otherwise or ted otherwise by t.
This disclosure encompasses all changes, tutions, variations, alterations, and
modifications to the example embodiments herein that a person haVing ordinary skill in
the art would hend. Similarly, where appropriate, the appended claims encompass
WO 16068
all changes, substitutions, variations, alterations, and modifications to the e
embodiments herein that a person having ry skill in the art would comprehend.
Moreover, reference in the appended claims to an apparatus or system or a component of
an apparatus or system being adapted to, arranged to, capable of, configured to, enabled
to, operable to, or operative to perform a particular filnction encompasses that apparatus,
system, component, whether or not it or that particular filnction is activated, turned on, or
unlocked, as long as that tus, system, or component is so adapted, arranged,
capable, configured, enabled, operable, or operative.
Claims (15)
1. A method, sing: allocating, by a first computing , a first virtual memory; receiving, by the first computing device, executable code of a stub from a disparate computing system via a communication network; executing, by the first computing device, the executable code of the stub directly from the first virtual ; downloading, by the first computing device, executable code of a first software as facilitated by the executable code of the stub; executing, by the first computing device, the executable code of the first software; downloading, by the first computing device, executable code of a second software as facilitated by the executable code of the first software; and executing, by the first ing device, the executable code of the second software.
2. The method of claim 1, further comprising: launching, by the first computing , the executable code of the second re as a child process of the executable code of the first software.
3. The method of claim 2, wherein the executable code of the second software shares a sand-boxed file system ted by the executable code of the first software.
4. The method of claim 2, the first software is a virtual machine.
5. The method of claim 4, further sing: allowing, by the first computing device, the executable code of the second software to run in memory sandboxed by a code object of the virtual machine.
6. The method of claim 4, wherein: data n to a data storage system by the second software is written by the first computing device to the memory instead of to a peripheral device.
7. The method of claim 4, wherein the second software is a demonstration version.
8. The method of claim 1, further comprising: deleting, by the first computing device, the first software and the second software from memory after the execution of the executable code of the first software is completed.
9. A first computer , comprising: a memory storing thereon instructions executable by one or more processors; one or more processors coupled to the memory; and the instructions stored on the memory comprising instructions for: allocating, a first virtual memory; receiving executable code of a stub from a disparate computing system via a communication k; executing the executable code of the stub directly from the first virtual memory; ading executable code of a first software as tated by the executable code of the stub; executing the executable code of the first software; downloading executable code of a second software as tated by the executable code of the first software; and executing the able code of the second software.
10. The system of claim 9, the memory further comprising instructions for: launching, the executable code of the second software as a child process of the executable code of the first software.
11. The system of claim 10, the memory further comprising instructions for: allowing the executable code of the second software to run in memory sandboxed by a first virtual machine code object wherein the first software is a l machine.
12. The system of claim 11, the memory further comprising instructions for: writing, to the memory instead of a peripheral device, data written to a data e system made by the second software.
13. A computer program executing ly from a virtual memory comprising instructions for: downloading executable code of a first software as facilitated by executable code of the computer program; ing the executable code of the first software; downloading able code of a second software as facilitated by the executable code of the first software; and executing, by the first computing device, the executable code of the second software.
14. The computer program of claim 13, further comprising instructions for: launching the executable code of the second software as a child process of the executable code of the first software.
15. The er program of claim 14, wherein the executable code of the second software shares a sand-boxed file system generated by the first software.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/031,747 US10114660B2 (en) | 2011-02-22 | 2011-02-22 | Software application delivery and launching system |
US13/031,747 | 2011-02-22 | ||
NZ614445A NZ614445B2 (en) | 2011-02-22 | 2012-02-22 | Software application delivery and launching system |
Publications (2)
Publication Number | Publication Date |
---|---|
NZ705843A NZ705843A (en) | 2016-09-30 |
NZ705843B2 true NZ705843B2 (en) | 2017-01-05 |
Family
ID=
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2015243038B2 (en) | Software application delivery and launching system | |
US9195449B1 (en) | Stream-based software application delivery and launching system | |
US20120159308A1 (en) | Customization of Mobile Applications Using Web-Based Technology | |
US9756149B2 (en) | Machine-specific instruction set translation | |
CN107667343B (en) | System and method for loading on-demand resources | |
NZ705843B2 (en) | Software application delivery and launching system | |
NZ614445B2 (en) | Software application delivery and launching system | |
AU2014203156B2 (en) | Stream-based software application delivery and launching system | |
CN114064050A (en) | Data processing method and device, electronic equipment and storage medium |