公开(公告)号：US20210248039A1

公开(公告)日：2021-08-12

申请号：US17244904

申请日：2021-04-29

Applicant: Google LLC

Inventor： Tomas Isdal ,  Ming Zhao

IPC: G06F11/14 ,  G06F11/07 ,  G06F8/61 ,  G06F9/455 ,  G06F9/54

Abstract: A computer-implemented method for executing a software application in a virtual machine executing on a data processing device includes receiving software code for a software application, determining application programming interfaces referenced by the software code, determining portions of an operating system accessed by the software code and creating an application container in the virtual machine. The method also includes application programming interfaces referenced by the software code inside the application container, portions of the operating system accessed by the software code inside the application container and executing the software application inside the application container on the virtual machine.

公开(公告)号：US10997032B2

公开(公告)日：2021-05-04

申请号：US16703452

申请日：2019-12-04

Applicant: Google LLC

Inventor： Tomas Isdal ,  Ming Zhao

IPC: G06F11/07 ,  G06F11/14 ,  G06F8/61 ,  G06F9/455 ,  G06F9/54

Abstract: A method includes executing a virtual machine, which executes on a data processing device and includes an application container and an agent. The application container includes a file system mount interfaced with a file system residing outside the application container, an application programming interface (API), and a software application including a reference to the API. The agent is configured to monitor whether the software application attempts to access any resources outside of the application container. When the software application attempts to access any resources outside of the application container, the agent is configured to execute a remediation routine.

公开(公告)号：US11604700B2

公开(公告)日：2023-03-14

申请号：US17244904

申请日：2021-04-29

Applicant: Google LLC

Inventor： Tomas Isdal ,  Ming Zhao

IPC: G06F11/30 ,  G06F11/14 ,  G06F11/07 ,  G06F8/61 ,  G06F9/455 ,  G06F9/54

Abstract: A computer-implemented method for executing a software application in a virtual machine executing on a data processing device includes receiving software code for a software application, determining application programming interfaces referenced by the software code, determining portions of an operating system accessed by the software code and creating an application container in the virtual machine. The method also includes application programming interfaces referenced by the software code inside the application container, portions of the operating system accessed by the software code inside the application container and executing the software application inside the application container on the virtual machine.