Isolation of untrusted code in operating system without isolation capability

Assignee

• Cisco Technology, Inc. · US

Inventors

• Adam Cath · San Francisco, US
• Manoj Acharya · San Ramon, US
• Olivier Crameri · Crissier, CH
• Renault John Lecoultre · Larkspur, US
• Karthik Krishnamurthy · Chennai, IN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2009/45587
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

Code intended to operate in an operating system without an isolation mechanism is executed in isolation. The present system enables synthetic transactions to be executed in isolation without affecting other client data and files. Isolation may be outsourced to a separate set of servers that have an operating system which does support isolation. A handshake or other protocol is utilized to maintain secure data and communication. Untrusted script code provided by a customer is isolated in one or more remote servers. To execute the script on a client machine, a key is provided to access this script. A machine at which the script is to be run is provided with the key and the address of the script code on the remote server. A secure connection is established between the client machine and the script code server and script is executed on the client machine.