Unlock instant, AI-driven research and patent intelligence for your innovation.

Isolated sandbox loading method

A technology for isolating sandboxes and sandboxes. It is applied in the directions of program loading/starting, instruments, and computing. It can solve the problems of sandbox correctness, inconsistent system status, and damage to isolation sandbox isolation guarantees, so as to improve startup performance. , to ensure the correctness of operation, the effect of strong isolation

Active Publication Date: 2021-11-23
SHANGHAI JIAOTONG UNIV
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In addition, the memory multiplexing mechanism causes the sharing of in-memory system state such as file descriptors between processes, which may destroy the isolation guarantee between isolation sandboxes
Some system state changes (such as program id) caused by the memory multiplexing mechanism may cause inconsistencies in the system state and affect the correctness of the sandbox operation

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Isolated sandbox loading method
  • Isolated sandbox loading method
  • Isolated sandbox loading method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0096] Using multi-threaded sandbox safe memory reuse technology to provide a general isolation sandbox quick start method includes template sandbox initialization; template sandbox performs multi-thread memory reuse and processes system state consistency information; memory reuse loads instance sandbox Normal operation until the end of the three parts, the following will describe in detail the method of the present invention to realize the fast loading of the multi-threaded isolation sandbox through specific implementation examples.

[0097] Such as figure 1 As shown, the system adopts the memory multiplexing technology to realize the specific steps of fast loading of the isolated sandbox as follows:

[0098] In step (1), the developer develops the program running in the isolation sandbox. By default, the position before the execution of the first instruction of the program is used as the entry point. The developer can also use the entry point to mark a custom entry point to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a method for loading an isolated sandbox, which is based on the multi-threaded sandbox safe memory multiplexing technology, comprising the following steps: Step 1, the developer completes the development of the program code running in the isolated sandbox; Step 2, runs a template The sandbox runs the program developed and configured by the developer, and waits for the user to send a program running request; step 3, the user sends a function call request, and the template sandbox generates an instance for executing the user request through memory multiplexing after receiving the request Sandbox; step 4, the instance sandbox reprocesses the system state changes caused by the execution of system calls during the running of the template sandbox to ensure the correctness and security of the sandbox execution; step 5, the instance sandbox continues to execute the program until After execution, the request result is returned to the user or sent to a third party designated by the user, and the instance sandbox is destroyed.

Description

technical field [0001] The present invention relates to the field of cloud computing and software security, in particular to a method for loading an isolated sandbox, and in particular to providing fast loading of isolated sandboxes in a high-concurrency and multi-tenant cloud computing environment using multi-threaded sandbox secure copy-on-write technology. Methods and systems for boxes. Background technique [0002] Isolation sandbox technology: In cloud computing scenarios, isolation sandbox technology is usually used to ensure the security of different tenants on the cloud computing platform. The container isolation sandbox uses cgroup and namespace (namespace) to limit the resources that can be used by the program running in the container and the scope of the system state that can be accessed to achieve certain isolation. However, since all containers on the same system share the kernel, container isolation Sandboxes provide only weak isolation. The virtual machine i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F9/445G06F21/53
CPCG06F9/44521G06F21/53
Inventor 余天依杜东夏虞斌
Owner SHANGHAI JIAOTONG UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com