`
`(12) United States Patent
`Huang et al.
`
`(10) Patent N0.:
`(45) Date of Patent:
`
`US 6,968,539 B1
`Nov. 22, 2005
`
`(54) METHODS AND APPARATUS FOR A WEB
`APPLICATION PROCESSING SYSTEM
`
`(75) Inventors: Yun-Wu Huang, Chappaqua, NY (US);
`Robert David Johnson, Ridge?eld, CT
`(US); Sean James Martin, Boston, MA
`(US); Simon L. Martin, Oxford (GB);
`Moshe Morris Emanuel Matsa,
`Cambridge, MA (US); Roger A. Pollak,
`Pleasantville, NY (US); John J. Ponzo,
`Cortlandt Manor, NY (US); Ronald
`So-tse Woan, Somerville, MA (US)
`
`(73) Assignee: International Business Machines
`Corporation, Armonk, NY (US)
`
`( * ) Notice:
`
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 999 days.
`
`(21) Appl. No.: 09/633,037
`
`(22) Filed:
`
`Aug. 4, 2000
`
`Related US. Application Data
`
`(60) Provisional application No. 60/156,872, ?led on Sep.
`30, 1999.
`
`(51) Int. Cl.7 ............................................... .. G06F 9/44
`(52) US. Cl. .................................................... .. 717/115
`(58) Field of Search ...................... .. 717/139, 115, 114,
`717/136, 106, 143
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`8/2000 Kennelly 61 a1. ......... .. 709/223
`6,101,539 A *
`6,144,991 A * 11/2000
`6,275,938 B1 *
`8/2001
`2003/0154279 A1* 8/2003
`2004/0187080 A1* 9/2004
`
`OTHER PUBLICATIONS
`
`Goschnick, Steve B; Design and Development of Melbourne
`IT Creator—a System for Authoring and
`Management of
`Online Education, p. 187-201, 1998 IEEE, retrieved Feb. 17,
`2005.*
`Hildyard, Alexander, “An XML Document to JavaScript
`Object Converter”, p. 63-69, ProQuest Computing Jan.
`1999, retrieved Feb. 17, 2005.*
`Lie, Hakon Wium; Saarela, Janne; “Multipurpose Web
`Publishing”, p. 95-101, Oct.
`1999, Communications of the
`ACM, retrieved Feb. 17, 2005.*
`Price, Roger, “Beyond SGML”, p. 172-181, 1998 ACM,
`retrieved Feb. 17, 2005.*
`
`* cited by examiner
`
`Primary Examiner—Tuan Dam
`Assistant Examiner—Mary Steelman
`(74) Attorney, Agent, or F irm—Douglas W. Cameron; Ryan,
`Mason & LeWis, LLP
`
`(57)
`
`ABSTRACT
`
`AsoftWare system is provided to alloW a computer to install
`and process Web applications according to the invention.
`Such Web applications are Written as Web pages that have
`access to the full range of operating system resources,
`including those not accessible through a Web broWser.
`Preferably, a Web application is built using three
`types of
`languages used for constructing Web pages, namely: (a) a
`visual presentation language; (2) a data modeling language;
`and (3) a scripting language for embedding logic. The
`softWare system preferably comprises a Web application
`manager, an operating system interface module, a scripting
`language interpreter, and optionally a Web broWser and/or a
`data modeling language processor. Various other features
`such as data caching and security ?ltering are provided in
`accordance With such a system.
`
`10 Claims, 12 Drawing Sheets
`
`Blue Coat Systems - Exhibit 1010 Page 1
`
`
`
`U.S. Patent
`
`Nov. 22, 2005
`
`Sheet 1 0f 12
`
`US 6,968,539 B1
`
`101
`
`CPU
`
`FIG. 1
`
`INPUT/OUTPUT
`DEVICES
`KEYBOARD,
`103v‘ MOUSE.
`SCREEN
`
`3
`105
`
`SYSTEMS,
`APPLICATIONS. ’ 102
`OATA
`STORAGE
`MEMORY
`
`124
`CODE BEING
`ExEGUTEU
`MAIN NENORY
`
`FIG. 2
`
`[ WEB APPLIGATION if
`
`201
`
`WEB PAGE
`
`[203
`mm
`PRESENTATION
`LANGUAGE
`
`204
`
`[205
`
`DATA
`NOUELING
`LANGUAGE
`
`Blue Coat Systems - Exhibit 1010 Page 2
`
`
`
`U.S. Patent
`
`Nov. 22, 2005
`
`Sheet 2 0f 12
`
`US 6,968,539 B1
`
`FIG. 3
`
`/
`
`WEB
`
`APPLICATION % 301
`
`II
`
`‘
`
`f 302
`
`WEB APPLICATION MANAGER
`
`M
`
`M
`
`M
`
`M
`
`‘V
`WEB
`BROWSER
`{I
`
`[304
`‘I
`303
`OPERATING SYSTEM
`INTERFACE MODULE
`M
`
`v [305
`SCRIPT
`INTERPRETER
`M
`
`‘V [306
`DATA MODELING
`LANGUAGE PARSER
`M
`
`OPERATING SYSTEM
`
`I 307
`
`Blue Coat Systems - Exhibit 1010 Page 3
`
`
`
`U.S. Patent
`
`Nov. 22, 2005
`
`Sheet 3 0f 12
`
`US 6,968,539 B1
`
`FIG. 4
`
`f 401
`
`READ CODE FROM
`WEB APPLICATION
`
`END
`OF CODE ?
`
`SCRIPT PROCESS
`
`408
`
`EXTENDED
`CALL ?
`
`PRESENTATION
`
`405
`
`V
`VISUAL
`PRESENTATION
`PROCESS
`
`OS INTERFACE PROCESS
`
`‘
`EXCEPTION ?
`
`410
`
`"0
`
`f 411
`EXCEPTION HANDLING
`PROCESS
`
`L
`
`( TERMINATE Y 403
`
`Blue Coat Systems - Exhibit 1010 Page 4
`
`
`
`U.S. Patent
`
`Nov. 22, 2005
`
`Sheet 4 0f 12
`
`US 6,968,539 B1
`
`FIG. 5
`
`CHECK INPUT VISUAL PRESENTATION
`CODE FOR ANY VIOLATIONS
`
`502
`.4 VIOLATION OCCURS ?
`504
`PROCESS WEB
`BROWSER MODULE /
`ON THE INPUT VISUAL
`PRESENTATION CODE
`
`503
`I
`GENERATE AN
`EXCEPTION FOR
`THIS VIOLATION
`
`V
`
`RETURN TO WEB APPLICATION
`MANAGEMENT PROCESS
`
`f 505
`
`FIG. 6
`
`GET INPUT DATA
`MODELING CODE
`
`V
`
`PROCESS DATA
`MODELING MODULE
`ON THE INPUT DATA
`MODELING CODE
`
`RETURN TO WEB
`APPLICATION
`MANAGEMENT
`PROCESS
`
`Blue Coat Systems - Exhibit 1010 Page 5
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 5 0f 12
`
`US 6,968,539 B1
`
`T I 703
`EXECUTE
`THE CODE
`
`FIG. '7
`
`PROCESS SCRIPT INTERPRETER
`TO PARSE AND INTERPRET THE ~I‘7O1
`INPUT SCRIPT CODE
`702
`
`NO
`
`I 704
`
`YES
`CHECK VIOLATIONS ?
`705
`
`NO
`
`I 706
`YES
`GENERATE AN EXCEPTION
`FOR VIOLATION
`
`V
`RETURN TO WEB
`APPLICATION MANAGEMENT
`PROCESS
`
`/ 707
`
`FIG. 8
`
`INPUT: AN EXTENDED ~/\801
`SCRIPT FUNCTION CALL
`I
`PROCESS THIS SCRIPT
`CALL BY EXECUTING M802
`OPERATING SYSTEM APIs
`
`RETURN TO WEB
`APPLICATION MANAGEMENT w 803
`PROCESS
`
`Blue Coat Systems - Exhibit 1010 Page 6
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 6 6f 12
`
`US 6,968,539 B1
`
`FIG. 9
`
`GENERAL INFORMATION, REQUIRED COMPONENTS,
`DEPENDENCY INFORMATION, REGISTRY INFORMATION,
`SHORT CUT INFORMATION, STORAGE QUOTA,
`SECURITY SETTINGS, PRE-INSTALL SCRIPT,
`POST-INSTALL SCRIPT ...... ..,etc.
`
`901
`
`FIG. 10
`7 APPLICATION / / DOCUMENT /’
`
`1001
`
`INSTALLATION
`
`1002
`
`V
`INSTALL MANAGER w 1003
`
`7 GENERAL INFORMATION
`
`ENVIRONMENT
`
`‘
`
`COMPONENTS
`
`‘
`
`DEPENDENCY
`
`‘
`
`V
`
`V
`
`REGISTRIES
`
`SHORT CUTS
`
`STORAGE QUOTA
`
`SECURITY SETTINGS
`
`r.__.___._.___._____._____________.._________.__.__
`
`Blue Coat Systems - Exhibit 1010 Page 7
`
`
`
`U.S. Patent
`
`Nov. 22, 2005
`
`Sheet 7 0f 12
`
`US 6,968,539 B1
`
`FIG. 11
`
`sToRAGE MEDIA
`(e.g., DISKETTES, CDs)
`
`GREATE
`UPDATE
`
`1104
`
`INSTALLATION
`DOCUMENT OF
`AN APPLICATION
`
`DOWNLOAD
`
`INSTALL
`,
`
`I
`1103 w INSTALL MANAGER
`
`CONFIGURE
`H05’ GRAPHIC INTERTAGE PRoGRAM
`
`1106*”
`
`SYSTEM ADMINISTRATOR
`
`FIG. 12
`
`I1201
`‘
`CHECK DEPENDENCY sETIING IN INSTALL
`DOCUMENT OF THE TARGET APPLlcAIIoN
`
`1202
`
`AN
`APPLICATION
`THIS IAhllIgEI AP|I°SLI%A0TTI0N
`DEPE 5 0"
`INSTALLED
`9
`[1204
`YES
`SEEK USER CONFIRMATION oN INsTALLING
`THE “DEPENDED” APPLIcATIoN
`
`‘ IIZOS
`INSTALL THE
`TARGET
`APPLICATION
`
`I 1207
`INSTALL THE
`“DEPENDED”
`APPLICATION
`I
`
`CONFIRMED
`
`USER CONFIRMED ’?
`
`DECLINED _
`
`'
`( TERMINATE. I’
`
`1205
`
`Blue Coat Systems - Exhibit 1010 Page 8
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 8 0f 12
`
`US 6,968,539 B1
`
`FIG. 13
`
`[
`
`.
`
`I
`
`1 301
`
`TRADITIONAL
`APPLICATIONS
`
`FILE I/o
`APIs
`
`PROCESS
`APIs
`
`OTHER 0s API/ / \ \THER 0s APIs
`/
`\
`
`/
`
`NETWORK
`
`APIs
`
`02¢ FILE
`13
`SYSTEM
`
`1303~/‘ NETWORK 1304 v‘ PROCESS
`
`1305~/~ OPERATING SYSTEM
`
`FIG. 14
`
`1401
`
`VM BASED
`APPLICATIONS
`
`VIRTUAL
`MACHINE
`CALLS
`
`VIRTUAL / 1402 OTHER API
`w MACHINE
`5
`PROCESS
`FILE 1/0
`APIs
`NETWORK
`APIS
`VAPIS
`
`140% FM I404~I~NETWORK14O5~I~PR0CESS
`SYSTEM
`
`1406\/* OPERATING SYSTEM
`
`Blue Coat Systems - Exhibit 1010 Page 9
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 9 0f 12
`
`US 6,968,539 B1
`
`FIG. 15
`
`1502
`
`I APPLICATION 2
`
`1503
`
`1501~Z
`
`APPLICATION 1
`
`I
`
`/
`
`APPLICATION 3
`
`7
`
`APPLICATION CALLS ~/‘<\____/>
`
`1504, SECURITY ‘
`SETTINGS 1 ‘
`
`_
`'
`
`‘'
`
`v
`
`V I I507
`
`‘505
`
`, SECURITY ,
`
`SETTINGS 2 ~
`
`_
`
`APPLICATION MANAGER
`
`, SECURITY ,
`_
`‘506
`SETTINGS 3 * '
`
`SECURITY
`E1LTERE0¢~<;*
`CALLS
`
`>
`OTHER
`,APIS
`
`PROCESS
`APIs"
`
`NETWORK
`/
`1509
`
`PROCESS
`I
`1510
`
`NETWORK
`APISV
`
`FILE 1K0
`A 15E»
`FILE
`SYSTEM
`[
`‘508
`
`OPERATING SYSTEM
`
`I
`
`1511
`
`Blue Coat Systems - Exhibit 1010 Page 10
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 10 0f 12
`
`US 6,968,539 B1
`
`FIG. 16
`
`RECEIVE A CALL FROM
`AN APPLICATION
`I
`CHECK THE SECURITY
`SETTINGS OF THIS
`APPLICATION FOR THIS CALL
`
`160.79’~
`
`1605‘, CALL OPERATING SYSTEM
`APIs T0 PROCESS THIS CALL
`
`EXCEPTION
`HANliLlN?
`
`1sos¢< TERMINATE )
`
`FIG. 1 7
`
`1701
`
`WEB
`OBJECTS
`
`1702
`
`WEB
`OBJECTS
`
`APPLICATION 1
`
`APPLICATION 2
`
`INTERNET 1703
`
`1705
`
`OPERATING SYSTEM r1706
`
`[1704
`WEB
`BROWSER
`II
`
`USER f 1707
`
`Blue Coat Systems - Exhibit 1010 Page 11
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 11 0f 12
`
`US 6,968,539 B1
`
`FIG. 1 8
`
`1801
`
`WEB
`OBJECTS
`
`INTERNET
`
`1803
`
`WEB
`APPLICATION 2
`
`f 1804
`
`M
`
`‘V
`
`I
`
`‘ f 1806
`WEB
`BROWSER 2
`
`I
`
`1802
`
`WEB
`APPLICATION 1
`
`M
`
`‘V
`
`II
`
`1805\ ‘V
`WEB
`BROWSER 1
`
`M
`
`V
`
`WEB APPLICATION MANAGER
`
`I
`
`M
`
`//__V_\
`/"_—\
`V \J
`WEB CACHE 1
`WEB CACHE 2
`FOR HTTP OBJECTS
`FOR HTTP OBJECTS
`V V
`WEB CACHE 1 FOR
`A, WEB CACHE 2 FOR
`NON-HTTP OBJECTS
`NON-HTTP OBJECTS
`
`:1808
`
`1807:
`
`OPERATING SYSTEM
`
`1809/
`
`Blue Coat Systems - Exhibit 1010 Page 12
`
`
`
`U.S. Patent
`
`Nov. 22,2005
`
`Sheet 12 0f 12
`
`US 6,968,539 B1
`
`FIG. 19
`
`1901~/"
`
`RECEIVE A REQUEST FOR HTTP
`OBJECTS FROM AN APPLICATION
`I
`1902‘, INVOKE THE WEB BROWSER
`TO RETRIEVE. THIS OBJECT
`
`1903
`
`EXCEPTION
`OCCURS '?
`NO
`SEND THE OBJECT RETURNED
`1905*’ BY THE WEB BROWSER T0
`THE REQUESTING APPLICATION
`
`V
`
`1906A TERMINATE )
`
`1907
`
`HTTP WEB OBJECT
`CACHE FOR THIS
`APPLICATION
`
`I 1904
`‘
`EXCEPTION
`HANDLING PROCESS
`
`2008
`
`OB'EET'HCTXCPHEIEEOR L
`THIS APPUCAHON
`
`FIG. 20
`
`RECEIVE A CACHE MANAGEMENT API
`CALL FROM AN APPLICATION
`I
`CHECK ANY CACHE VIOLATIONS v‘ 2002
`2003
`VIOLATION EXISTS '2
`
`[2005
`PROCESS THIS API BY EXECUTING
`NATIVE OPERATING SYSTEMZOQZIs
`
`VIOLATION EXISTS ?
`
`YES
`
`‘
`
`"0
`
`EXCEPTION
`2004f HANDLING
`PROCESS
`
`V
`
`( TERMINATE V2007
`
`Blue Coat Systems - Exhibit 1010 Page 13
`
`
`
`US 6,968,539 B1
`
`1
`METHODS AND APPARATUS FOR A WEB
`APPLICATION PROCESSING SYSTEM
`
`The present application claims priority to the US. pro
`visional patent application identi?ed by Ser. No. 60/156,872
`?led on Sep. 30, 1999, the disclosure of Which is incorpo
`rated by reference herein.
`
`FIELD OF THE INVENTION
`
`The present invention relates generally to the ?eld of
`softWare systems that manage the life-cycle of softWare
`applications, e.g., installation, con?guration, resource man
`agement, security management, execution, and de-installa
`tion, and, more particularly, to methods and apparatus for
`processing of Web applications that are Written in the form
`of Web pages Which can be doWnloaded through the Internet
`using Web communication protocols, installed in local com
`puters, and executed utiliZing Web components, such as a
`Web broWser and J avaScriptTM interpreter, in the local com
`puters.
`
`10
`
`15
`
`BACKGROUND OF THE INVENTION
`
`The recent explosion of the popularity of the World Wide
`Web (“Web” for short, and hereinafter referred to in the
`loWer case as “Web” in the context of an adjective or adverb,
`e.g., Web pages) has made the Internet one of the most
`important media for mass communication. The Web is used
`for many applications such as information retrieval, personal
`communication, and electronic commerce and has been
`rapidly adopted by a fast growing number of Internet users
`in a large part of the World.
`Using the Web, users can access remote information by
`receiving Web pages through the Hypertext Transfer Proto
`col (HTTP). The information in a Web page is described
`using the Hypertext Markup Language (HTML) and eXten
`sive Markup Language (XML), and is displayed by softWare
`called Web broWser. Web pages of earlier design are con
`sidered static because they do not include any logic that can
`dynamically change their appearances or provide computa
`tions based on user input. Subsequently, the JavaTM (Sun
`Microsystems) programming language Was incorporated in
`Web pages in the form of applets. An applet is a small J avaTM
`program that can be sent along With a Web page to a user.
`J avaTM applets can perform interactive animation, immedi
`ate calculations, or other simple tasks Without having to send
`a user request back to the server, thereby providing the
`dynamic logic in Web pages.
`JavaTM is an object-oriented programming language
`Which can be used for creating stand-alone applications.
`Writing JavaTM programs typically requires different and
`more extensive skills and training than composing Web
`pages. The learning curve for Writing JavaTM programs is
`typically longer than that for Writing Web pages. Not all Web
`page authors therefore are expert JavaTM programmers.
`Recently, to make it easier to embed logic in Web pages,
`an easy-to-Write script language called JavaScriptTM (Sun
`Microsystems) has been supported by popular Web broWsers
`to be incorporated into Web pages. J avaScriptTM, capable of
`embedding logic for computation based on user input, brings
`dynamic and poWerful capabilities to Web pages. JavaS
`criptTM, unlike JavaTM Which is a full-?edged programming
`language, has a simpler syntax and is much easier to learn.
`Because of this easy-to-Write feature, JavaScriptTM has cur
`rently become a popular Way to embed logic in Web pages
`by many Web page authors.
`
`25
`
`35
`
`40
`
`45
`
`55
`
`65
`
`2
`Although J avaScriptTM brings easy-to-Write logic to Web
`pages, it is limited to broWser functions and Works With
`HTML elements only. It can only be used to create simple
`applications under the contexts of the broWser, such as
`changing the Web page’s visual presentation dynamically
`and computing user input quickly Without sending a user
`request back to the server (for such computation). Thus, Web
`pages With JavaScriptTM logic cannot be used to create
`stand-alone applications that require access to a full range of
`resources on the user’s computer such as the ?le system
`management and the display area beyond the broWser’s
`WindoW. In general, Web pages cannot be processed in
`non-broWser contexts.
`At the present, stand-alone applications are typically
`Written in traditional programming languages (also called
`3GL for 3rd Generation Languages) such as C, C++, and
`JavaTM, or Fourth Generation Languages (4GL) such as
`Visual BasicTM. Through these languages, stand-alone appli
`cations interact directly With operating systems through
`operating system APIs (application programming interfaces)
`or indirectly With library functions Which may in turn call
`these operating system APIs. The capability of accessing the
`operating system APIs gives an application the control of
`computing resources in a computer.
`If Web pages had embedded logic that could access a
`Whole range of computing resources enabled by these oper
`ating system APIs, they could then be used to develop
`stand-alone applications just like any of the aforementioned
`3GL and 4GL languages. Using Web pages to develop
`stand-alone applications Would have many advantages.
`First, Web page authors Who do not possess the skill and
`experience in Writing 3GL/4GL applications could develop
`stand-alone applications using the Web page technology they
`profess.
`Secondly, the Web technology components that can pro
`cess the visual presentation language (e.g., HTML), the data
`modeling language (e.g., XML), and the communication
`protocol (e.g., HTTP) are available in most computers,
`Which can connect to the Internet through the Web. This
`Would provide an advantage in that using Web pages to
`develop applications, a developer could very ef?ciently
`integrate these components. This is because, Whereas 3GL/
`4GL applications can integrate these components program
`matically, Web pages could integrate them declaratively
`through languages such as HTML and XML. In general, the
`shorter learning curve and development time of Web pages,
`as compared With 3GL/4GL programs, Would result in a
`shorter time and loWer cost in the development of softWare
`applications. The present invention addresses this issue by
`providing methods and apparatus in a softWare system that
`manage the life-cycle of softWare applications, Which are
`composed of Web pages that are not limited to the broWser
`contexts and that have access to the full range of operating
`system resources.
`Another issue of the processing of computer softWare
`addressed by the present invention is the softWare installa
`tion process. Typically, the installation of a softWare appli
`cation is achieved by a special-purpose program Which
`comes With this softWare and is Written only for the purpose
`of installing this softWare. This is evident in the existence of
`a “setup.exe” or “install.exe” program in almost all softWare
`packages for PCs (personal computers). This method of
`softWare installation means that developers for each soft
`Ware application have to Write a speci?c install program just
`to install their softWare.
`In general, an install program for an application needs to
`con?gure a list of settings that are used to establish a proper
`
`Blue Coat Systems - Exhibit 1010 Page 14
`
`
`
`US 6,968,539 B1
`
`3
`environment or context for this application before it can be
`properly installed. These settings may include, for example,
`the basic operating system setup such as the registry entries,
`location setup such as the directory or folder in Which the
`application is to be stored, link setup such as the short-cut
`link to this application, the graphic setup such as the icon of
`this application, and the dependency setup such as other
`applications that this application depends on for execution.
`To properly setup each setting, e.g., one of the aforemen
`tioned settings, the install program typically takes the deter
`mined value of this setting and processes an action speci?c
`to this setting. For example, the registry entry setup
`action
`may be to add the determined registry entry values to the
`proper registry ?les, Whereas the dependency setup action
`may be to investigate if all applications that the application
`to be installed depends on are already installed and, if not,
`to display an error message. Typically, the value of a setting
`is either determined by user input during the installation
`process, such as the directory Where the application is to be
`stored, or predetermined by the install program, such as the
`list of applications that its application depends on.
`In general, an install program ?rst con?gures each setting
`by determining its value (by user input or pre-con?guration)
`and then invokes the setup action for this setting. Because
`applications may have a different set of pre-con?gured
`setting values, each application requires a unique install
`program. Furthermore, if a neW version of an application
`changes the value of one of its install settings, such as a neW
`icon, the install program for this application has to be
`reWritten to incorporate this neW value.
`It Would be advantageous to the application developers if
`they did not need to Write a new install program for each new
`version of an application they develop. Instead, it Would be
`desirable, for each version of an application, to construct a
`list of install settings With pre-con?gured values for this
`application using a data modeling language such as XML,
`Which could be provided together With this application for
`installation. This Way, a standardiZed install program Would
`then be deployed by the user’s computer to decode the install
`settings and values and conduct proper installation for this
`application based on these values. This standardiZed install
`program could then be used to install all applications Whose
`install settings and values are modeled by a language
`understood by this install program. With many applications
`installed using a standardiZed install program, the users
`Would also have a consistent
`experience in the installation
`process for all these applications.
`The present invention addresses this issue by providing
`methods and apparatus of softWare installation in Which a
`standardiZed install manager exists in a computer system to
`perform the installation process for all softWare applications
`Whose install settings and values are modeled by a language
`understood by this install program.
`Yet another issue of today’s computer softWare addressed
`by the present invention is the security management of
`softWare applications. Traditional stand-alone applications
`based on programming languages such as C and C++
`typically have access to all the operating system resources
`through the calling of operating system APIs. In this case,
`the security context, i.e., the limit of system resource access,
`for these applications is the entire system. Based on this
`security context, it is possible that an application can,
`inadvertently or maliciously, damage not only its oWn data
`but those of other applications that share the same computer
`system.
`In a virtual machine environment, such as the JavaTM
`Virtual Machine, the security context of an application (such
`
`10
`
`15
`
`25
`
`35
`
`40
`
`45
`
`55
`
`65
`
`4
`a JavaTM program) is de?ned by the virtual machine. A
`misbehaving application thus can only create external dam
`age alloWable by the virtual machine. HoWever, there can be
`many different types of applications running on the same
`virtual machine and While each one of them may have a
`different security need, they are forced to run under the same
`security context (that de?ned by the virtual machine).
`It Would be advantageous if each application had its oWn
`security context that is predetermined by the system man
`agement policy. Thus,
`based on its level of security risk, an
`application could be associated With a security context
`Which regulates the system resources to Which this applica
`tion can or cannot access. This Way, a misbehaving program
`in an application With a restrictive security context Would
`cause minimum damage to the system as a Whole. The
`present invention addresses this issue by providing methods
`and apparatus of a computer system in Which each applica
`tion has its oWn security context.
`Yet another issue of today’s computer softWare addressed
`by the present invention is the Web cache system for
`softWare applications. Web caching is traditionally per
`formed by the Web broWsers and Web proxies Whose primary
`tasks include transmitting Web objects over the netWork.
`Web pages in the context of a Web broWser contain hyper
`links to Web objects through textual or graphic anchors. The
`user requests a Web object from a Web page When this page
`is displayed by the Web broWser and the user selects, through
`the mouse or other pointing mechanism, the anchor of this
`object.
`When a Web object is requested through a Web broWser
`With the Web caching feature, the Web broWser ?rst checks
`to see if the object exists in its cache. If so, this object in the
`broWser’s cache is returned to the request Web page. If the
`object does not exist in the broWser’s cache, the broWser
`uses the Uniform Resource Locator (URL) of this object to
`locate its location in the Internet and retrieves it through a
`data transfer protocol such as HTTP. When the broWser
`receives this object, it typically displays this object While
`storing a copy in its cache.
`Applications accessing Web objects could be composed
`using Web pages. HoWever, if Web pages are processed in the
`context of the broWser, the Web objects requested by them in
`a client computer can only be cached by the broWser in the
`computer. In other Word, in a client computer, Web page
`based applications under the broWser contexts use only the
`broWser’s cache for Web caching.
`Different Web applications hoWever may access Web
`objects With different characteristics. For example, one Web
`application may access Web objects that rarely change over
`time Whereas another may access Web objects that
`change
`highly frequently. It Would be advantageous to deploy a
`siZable space to cache static Web objects for the ?rst appli
`cation While little or no space for the second because any
`cached objects Will be outdated immediately. In general, it
`Would be advantageous that each application has its oWn
`Web cache.
`Furthermore, traditional Web caching by broWsers only
`cache Web objects of certain types that are de?ned in HTTP.
`Some applications may need to retrieve objects from the
`Web With types not de?ned in HTTP. Examples of object
`types not de?ned by HTTP may include executable ?les,
`spreadsheet ?les, and documents With proprietary structures.
`Caching these non-HTTP-de?ned objects could provide a
`performance advantage to applications that retrieve objects
`of these types through the Web.
`The present invention addresses the issue of Web caching
`for applications by providing methods and apparatus to
`
`Blue Coat Systems - Exhibit 1010 Page 15
`
`
`
`US 6,968,539 B1
`
`5
`for both the
`provide each Web application a separate cache
`HTTP-de?ned and non-HTTP-de?ned objects from the
`Web.
`
`SUMMARY OF THE INVENTION
`
`In accordance With the aforementioned needs, the present
`invention is directed to a system in Which applications are
`Written as Web pages that have access to the full range of
`operating system resources, including those not accessible
`through the Web broWser. The applications described in the
`present invention are called Web applications. In a preferred
`embodiment of the present invention, three types of lan
`guages used for constructing Web pages are used for build
`ing Web applications. They are: (1) a visual presentation
`language; (2) a data modeling language; and (3) a scripting
`language for embedding logic. Those skilled in the art Will
`appreciate that currently the three most commonly used
`languages in Web pages are HTML for visual presentation,
`XML for data modeling, and JavaScriptTM for scripting.
`According to the present invention, a softWare system is
`provided to alloW a computer to install and process Web
`applications. This system preferably comprises a Web appli
`cation manager, an operating system interface module, a
`scripting language interpreter, and optionally a Web broWser
`and/or a data modeling language processor. The Web appli
`cation manager manages the life-cycle for applications,
`Which may include the installation, execution, de-installa
`tion of these applications, as Well as the security control and
`Web caching for these applications. The script language
`interpreter (such as the J avaScriptTM interpreter) parses and
`interprets the scripting language embedded in the Web
`pages. The operating system interface module is used to
`convert the scripting language calls that request access to
`system resources
`into appropriate native operating system
`APIs. The Web broWser can be used to display the content of
`Web applications and transfer data based on the data transfer
`protocol deployed by the broWser (such as HTTP). The data
`modeling language processor (such as the XML parser)
`decodes the contents in the Web applications that are Written
`in the data modeling language (such as XML).
`According to the present invention, a softWare system is
`provided to alloW a computer to install and process Web
`applications. This system preferably comprises a Web appli
`cation manager, an operating system interface module, a
`scripting language interpreter, and optionally a Web broWser
`and/or a data modeling language processor. The Web appli
`cation manager manages the life-cycle for applications,
`Which may include the installation, execution, de-installa
`tion of these applications, as Well as the security control and
`Web caching for these applications. The script language
`interpreter (such as the JavaScript interpreter) parses and
`interprets the scripting language embedded in the Web
`pages. The operating system interface module is used to
`convert the scripting language calls that request access to
`system resources
`into appropriate native operating system
`APIs. The Web broWser can be used to display the content of
`Web applications and transfer data based on the data transfer
`protocol deployed by the broWser (such as HTTP). The data
`modeling language processor (such as the XML parser)
`decodes the contents in the Web applications that are Written
`in the data modeling language (such as XML).
`According to one feature of the present invention, the
`scripting language used in Web pages that are typically
`restricted to the Web broWser functions can be extended to
`include function calls that access system resources normally
`beyond the limit of broWser functions. Those skilled in
`the
`
`10
`
`15
`
`25
`
`35
`
`40
`
`45
`
`55
`
`65
`
`6
`art Will appreciate that screen display outside of the broWser
`WindoW and general ?le system management are tWo
`examples of the types of system resources beyond broWser’s
`control.
`According to yet another feature of the present invention,
`the operating system interface module can accept an
`extended scripting language function call that access oper
`ating system resources beyond the broWser contexts and,
`based on the type of this function call, execute code that
`includes calls to the native operating system APIs.
`According to yet another feature of the present invention,
`the Web application manager can manage installation for all
`Web applications by invoking its install manager module. To
`install a Web application, the install manager ?rst obtains a
`copy of this application and the install document associated
`With this application. In a preferred embodiment of the
`present invention, the install manager can obtain the appli
`cation and its install document by a netWork doWnload
`process through the Web or other data transfer protocols.
`The install document for a Web application contains a set of
`install settings and their values, Which are modeled in
`language understood by the install manager. The install
`document for a Web application can be Written by the creator
`of this application. When installing this application, the
`install manager decodes the settings and their values in the
`install document of this application, and con?gures each
`setting based on its value accordingly.
`According to yet another feature the present invention, the
`Web application manager can conduct security control for a
`Web application based on the security context of this appli
`cation. According to the present invention, the security
`context of a Web application is the limits of access to the
`operating system resources this application is restricted to.
`The security context of an application can be modeled With
`a list of security settings for this application. Each security
`setting regulates the behavior of its host application in terms
`of a speci?c security feature. In a preferred embodiment of
`the present invention, the security context of a Web appli
`cation can be pre-con?gured by the creator or supplier of this
`application, and obtained by the user together With its
`application When this application is doWnloaded for instal
`lation. In
`this preferred embodiment, the security context of
`a Web application can also be modi?ed by the administrator
`of a softWare system in Which this application is deployed.
`According to the present invention, When a Web application
`is being executed, the Web application manager can check
`each setting in the security context of this application to
`ensure that no security rules, based on the settings con?g
`ured in the security context of this application, are violated
`at any time While this application is running.
`According to yet another feature of the present invention,
`the Web application manager can create a Web cache for each
`application it installs. The cacheable Web objects include
`both the HTTP-de?ned objects and non-HTTP-de?ned ones.
`In a preferred embodiment of the present invention, the tWo
`types of Web objects can be stored in tWo different pools of
`the same cache for an application. The settings of the cache
`for an application can be pre-con?gured and obtained
`together With this application by a client computer. They can
`also be modi?ed by the administrator of the system in Which
`their application is installed.
`According to yet another feature of the present invention,
`the scripting language used in Web pages that are typically
`restricted to the Web broWser functions can be extended to
`include function calls that manage the Web cache for each
`application. Those skilled in the art Will appreciate that
`
`Blue Coat Systems - Exhibit 1010 Page 16
`
`
`
`US 6,968,539 B1
`
`7
`typical cache APIs may include the search, insertion, and
`deletion of an object, as Well as the reset of the Whole cache.
`According to yet another feature of the present invention,
`When the Web applica