Unlock instant, AI-driven research and patent intelligence for your innovation.

Isolation sandbox loading method

A technology for isolating sandboxes and sandboxes, applied in program loading/starting, program control design, instruments, etc., can solve problems such as sandbox correctness, damage to isolation sandbox isolation guarantees, and system state inconsistencies, etc., to achieve improved Effects of startup performance, elimination of initialization overhead, and avoidance of read and write overhead

Active Publication Date: 2020-04-07
SHANGHAI JIAO TONG UNIV
View PDF13 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, the memory multiplexing mechanism causes the sharing of in-memory system state such as file descriptors between processes, which may destroy the isolation guarantee between isolation sandboxes
Some system state changes (such as program id) caused by the memory multiplexing mechanism may cause inconsistencies in the system state and affect the correctness of the sandbox operation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Isolation sandbox loading method
  • Isolation sandbox loading method
  • Isolation sandbox loading method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0096] Using multi-threaded sandbox safe memory reuse technology to provide a general isolation sandbox quick start method includes template sandbox initialization; template sandbox performs multi-thread memory reuse and processes system state consistency information; memory reuse loads instance sandbox Normal operation until the end of the three parts, the following will describe in detail the method of the present invention to realize the fast loading of the multi-threaded isolation sandbox through specific implementation examples.

[0097] Such as figure 1 As shown, the system adopts the memory multiplexing technology to realize the specific steps of fast loading of the isolated sandbox as follows:

[0098] In step (1), the developer develops the program running in the isolation sandbox. By default, the position before the execution of the first instruction of the program is used as the entry point. The developer can also use the entry point to mark a custom entry point to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an isolation sandbox loading method, which is based on a multi-thread sandbox security memory reuse technology, and comprises the following steps that: step 1, developers complete program code development running in an isolation sandbox; step 2, running a template sandbox, running a program developed and configured by a developer, and waiting for a user to send a program running request; step 3, enabling the user to send a function calling request, and generating an instance sandbox for executing a user request through memory reuse after the template sandbox receives therequest; 4, enabling the instance sandbox to reprocess system state changes caused by execution of system calling in the template sandbox operation process so that the correctness and safety of sandbox execution are guaranteed; and step 5, enabling the instance sandbox to continue to execute the program until execution is completed, returning a request result to the user or sending the result toa third party specified by the user so that the instance sandbox is destroyed.

Description

technical field [0001] The present invention relates to the field of cloud computing and software security, in particular to a method for loading an isolated sandbox, and in particular to providing fast loading of isolated sandboxes in a high-concurrency and multi-tenant cloud computing environment using multi-threaded sandbox secure copy-on-write technology. Methods and systems for boxes. Background technique [0002] Isolation sandbox technology: In cloud computing scenarios, isolation sandbox technology is usually used to ensure the security of different tenants on the cloud computing platform. The container isolation sandbox uses cgroup and namespace (namespace) to limit the resources that can be used by the program running in the container and the scope of the system state that can be accessed to achieve certain isolation. However, since all containers on the same system share the kernel, container isolation Sandboxes provide only weak isolation. The virtual machine i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/445G06F21/53
CPCG06F9/44521G06F21/53
Inventor 余天依杜东夏虞斌
Owner SHANGHAI JIAO TONG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com