摘要:
One or more techniques are provided for causing a location of a screen image associated with a resource to be adjusted on a display device. The adjustment may be based at least in part on determining that a control element receives focus. The resource may be associated with an application, such as an email application that may be hosted remotely from a client device. Access to one or more resources may be controlled or mediated. Access rights may be based at least in part on a determination of a geographic location of a client device. When the client device is located in a safe area, the client device may be provided access to the resource. When the client device is not located in a safe area, the client device might not be provided access to the resource or might not be provided full access to the resource.
摘要:
One or more techniques are provided for causing a location of a screen image associated with a resource to be adjusted on a display device. The adjustment may be based at least in part on determining that a control element receives focus. The resource may be associated with an application, such as an email application that may be hosted remotely from a client device. Access to one or more resources may be controlled or mediated. Access rights may be based at least in part on a determination of a geographic location of a client device. When the client device is located in a safe area, the client device may be provided access to the resource. When the client device is not located in a safe area, the client device might not be provided access to the resource or might not be provided full access to the resource.
摘要:
In a method for accessing resources provided by an operating system, a request for a resource is received by an application program executing inside an environment. A first identifier associated with the resource is acquired. A registry is consulted, responsive to an association between a first identifier associated with the resource and a second identifier associated with the resource, the association associated with the environment. The resource and an environment on which to launch the resource are identified, responsive to consulting the registry. The second identifier is associated with the resource, with the environment, and with the environment on which to launch the resource. A registry key for the resource is stored in the registry, the registry key comprising the second identifier. The request for the resource is redirected to the identified instance of the resource, responsive to the second identifier. The request for the resource is responded to using the instance of the resource located in the environment on which the resource resides. The requested resource is launched in the identified environment, responsive to the second identifier.
摘要:
A method and apparatus for virtualizing access to windows includes a hooking mechanism, a window name virtualization engine, and an operating system interface. A request relating to a window from a process executing in the context of a user account is received, the request including a virtual window name. A determination is made for a literal name for the window, using a scope-specific identifier. A request is issued to the operating system including the determined literal window name. A window handle is associated with the determined virtual window name.
摘要:
A system for granting access to resources includes a client machine, a collection agent, a policy engine, and a broker server. The client machine requests access to a resource. The collection agent gathers information about the client machine. The policy engine receives the gathered information and assigns one of a plurality of levels of access responsive to application of a policy to the received information. The broker server establishes, responsive to the assigned level of access, a connection between the client machine and a computing environment providing the requested resource, the computing environment provided by a virtual machine.
摘要:
In a method for accessing, by application programs, resources provided by an operating system, a process receives a request for a resource and an identifier associated with the resource. It is determined that the requested resource resides in a location outside the application isolation environment. The request for the resource and the identifier associated with the resource is redirected to the determined location. The request for the resource is responded to using an instance of the resource residing in the determined location.
摘要:
A method for moving an executing process from a source isolation scope to a target isolation scope includes the step of determining that the process is in a state suitable for moving. The association of the process changes from a source isolation scope to a target isolation scope. A rule loads in association with the target isolation scope.
摘要:
A method for isolating access by application programs to native resources provided by an operating system redirects a request for a native resource made by an application program executing on behalf of a user to an isolation environment. The isolation environment includes a user isolation scope and an application isolation scope. An instance of the requested native resource is located in the user isolation scope corresponding to the user. The request for the native resource is fulfilled using the version of the resource located in the user isolation scope. If an instance of the requested native resource is not located in the user isolation scope, the request is redirected to an application isolation scope. The request for the native resource is fulfilled using the version of the resource located in the application isolation scope. If an instance of the requested native resource is not located in the application isolation scope, the request is redirected to a system scope.
摘要:
A method for virtualizing access to named system objects includes the step of receiving a request to access a system object from a process executing in the context of a user isolation scope, the request including a virtual name for the system object. A rule associated with the request is determined and a literal name for the system object is formed in response to the determined rule. A request to access the system object is issued to the operating system. The issued request including the literal name for the system object
摘要:
A method for presenting an aggregate view of native resources includes the step of enumerating a plurality of system-scoped native resources provided by a system scope. A plurality of application-scoped native resources provided by an application isolation scope are enumerated, some of which correspond to some of the plurality of system-scoped resources. For one of the plurality of system-scoped resources, the existence of a corresponding one of the plurality of application-scoped resources is determined and the corresponding one of the plurality of application-scoped resources is included in an aggregate view of native resources.