Parallel Processing Of Data
US-2024338235-A1 · Oct 10, 2024 · US
Capturing components of an application using a sandboxed environment
US10810027B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10810027-B2 |
| Application number | US-201816231902-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 24, 2018 |
| Priority date | Mar 31, 2016 |
| Publication date | Oct 20, 2020 |
| Grant date | Oct 20, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A management agent operates transparently in the background on each endpoint computing device that needs to be managed. The agent sets up a sandboxed environment on the endpoint computing device on which it is operating in order to capture applications that have been installed on the endpoint device. The application capture is performed after the applications have been installed on the endpoint device and therefore does not require installing the application on any dedicated staging machine, nor any recording of the pre-installation state. The application capture process involves running the application from an isolated sandboxed environment on the computing device in order to identify all necessary components of the application by monitoring accesses by the application to components located outside of the sandbox. The identified components can then be packaged together and managed as individual application packages.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for capturing an application package containing components of an application from an endpoint device on which the application is installed by a remote server in communication with an application management agent executing on the endpoint device, comprising: conveying an instruction to the application management agent from the remote server to capture the application package; in response to the instruction, by the application management agent, setting up a sandboxed environment on the endpoint device, the sandboxed environment being an isolated environment within the endpoint device that monitors all accesses by code running within the sandboxed environment; locating a main executable file of the application on the endpoint device; moving the main executable file to the sandboxed environment; launching the application in the sandboxed environment by executing the main executable file in the sandboxed environment; and identifying the components of the application, comprising: detecting, by the sandboxed environment, accesses to components of the application located outside of the sandboxed environment by the main executable file executing in the sandboxed environment. 2. The method of claim 1 , wherein identifying the components of the application further comprises: moving the components of the application located outside of the sandboxed environment that are accessed by the main executable file executing in the sandboxed environment into the sandboxed environment; detecting, by the sandboxed environment, accesses to further components of the application located outside of the sandboxed environment by the application components moved into the sandboxed environment; and moving the further components of the application into the sandboxed environment. 3. The method of claim 1 , further comprising: creating the application package comprised of the main executable file and the identified components of the application, the application package being deployable on a second endpoint device to install the application on the second computing device. 4. The method of claim 1 , further comprising: conveying, by the application management agent, the main executable file and the identified application components to the remote server; on the remote server, creating the application package comprised of the main executable file and the identified components of the application, the application package being deployable on a second endpoint device to install the application on the second computing device. 5. The method of claim 1 , further comprising: identifying, by the application management agent, what applications are installed on the endpoint device; conveying, by the application management agent, information identifying the installed applications to the remote server; indicating, to an administrator, the installed applications and prompting the administrator to select installed applications for which to capture application packages; receiving an indication from the administrator to capture an application package for the application; and in response to the indication from the administrator, sending the instruction to the application management agent from the remote server to capture the application package. 6. The method of claim 1 , wherein the sandboxed environment is implemented on the endpoint device via one of: a virtual machine running on a hypervisor; or an application virtualizing tool running on the endpoint device. 7. The method of claim 1 , wherein the application is launched inside the sandboxed environment when a user of the endpoint device opens the application to use the application. 8. A computing device for capturing an application package containing components of an application from an endpoint device on which the application is installed by a remote server in communication with an application management agent executing on the endpoint device, comprising: at least one processor; and memory including instructions that, when executed by the at least one processor, cause the computing device to perform the steps of: conveying an instruction to the application management agent from the remote server to capture the application package; in response to the instruction, by the application management agent, setting up a sandboxed environment on the endpoint device, the sandboxed environment being an isolated environment within the endpoint device that monitors all accesses by code running within the sandboxed environment; locating a main executable file of the application on the endpoint device; moving the main executable file to the sandboxed environment; launching the application in the sandboxed environment by executing the main executable file in the sandboxed environment; and identifying the components of the application, comprising: detecting, by the sandboxed environment, accesses to components of the application located outside of the sandboxed environment by the main executable file executing in the sandboxed environment. 9. The computing device of claim 8 , wherein identifying the components of the application further comprises: moving the components of the application located outside of the sandboxed environment that are accessed by the main executable file executing in the sandboxed environment into the sandboxed environment; detecting, by the sandboxed environment, accesses to further components of the application located outside of the sandboxed environment by the application components moved into the sandboxed environment; and moving the further components of the application into the sandboxed environment. 10. The computing device of claim 8 , wherein the memory further includes instructions that when executed by the at least one processor, cause the computing device to perform the steps of: creating the application package comprised of the main executable file and the identified components of the application, the application package being deployable on a second endpoint device to install the application on the second computing device. 11. The computing device of claim 8 , wherein the memory further includes instructions that when executed by the at least one processor, cause the computing device to perform the steps of: conveying, by the application management agent, the main executable file and the identified application components to the remote server; on the remote server, creating the application package comprised of the main executable file and the identified components of the application, the application package being deployable on a second endpoint device to install the application on the second computing device. 12. The computing device of claim 8 , wherein the memory further includes instructions that when executed by the at least one processor, cause the computing device to perform the steps of: identifying, by the application management agent, what applications are installed on the endpoint device; conveying, by the application management agent, information identifying the installed applications to the remote server; indicating, to an administrator, the installed applications and prompting the administrator to select installed applications for which to capture application packages; receiving an indication from the administrator to capture an application package for the application; and in response to the indication from the administrator, sending the instruction to the application management agent from the remote server to capture the application package. 13. The computing device of claim 8 , wherein the sandboxed environment is implemented
Assignees
Inventors
Classifications
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
Auditing as a secondary aspect · CPC title
to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself · CPC title
Creating, deleting, cloning virtual machine instances · CPC title
- G06F9/45504Primary
Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10810027B2 cover?
- A management agent operates transparently in the background on each endpoint computing device that needs to be managed. The agent sets up a sandboxed environment on the endpoint computing device on which it is operating in order to capture applications that have been installed on the endpoint device. The application capture is performed after the applications have been installed on the endpoint…
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F9/45504. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Oct 20 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).