This technology is a system that provides application fault containment while retaining the integrated appearance and ease of use of a traditional computer desktop environment.
Application fault containment techniques seek to run software in an isolated execution environment to prevent the processing of malicious data from damaging other parts of a user’s computer system. However, existing fault containment techniques either compromise application isolation for the sake of desktop integration, or provide isolation at the expense of ease of use. Thus, there is currently no system that provides comprehensive application fault containment without compromising user experience and imposing high overhead.
This technology is a system called Apiary that delivers application fault containment on top of commodity operating systems while preserving the integrated appearance and user friendliness of a traditional computer desktop. Apiary does this by creating containers in which individual applications are safely executed without access to user data. When one application must launch another application, the latter is executed in its own container. These containers are integrated to interact with the display and file system in a controlled manner that presents the user with an integrated desktop.
This technology has been implemented on Linux without requiring any modifications to existing applications or the operating system.
Patent Issued (US 8,589,947)
IR M10-103
Licensing Contact: Greg Maskel