Electrical computers and digital processing systems: multicomput – Distributed data processing – Client/server
Reexamination Certificate
2000-03-02
2003-07-15
Dinh, Dung C. (Department: 2756)
Electrical computers and digital processing systems: multicomput
Distributed data processing
Client/server
C709S219000, C709S223000, C709S225000, C709S227000, C713S152000, C714S038110, C714S039000, C714S048000, C714S049000
Reexamination Certificate
active
06594686
ABSTRACT:
FIELD OF THE INVENTION
The invention generally relates to monitoring for problems arising from a user's execution of a shared application, where the shared application executes on a server and consequently presents error messages on the server and not to the user, where the invention identifies client-server session data to allow the invention to directly interact with the user as needed.
BACKGROUND
Traditional virus scanners provide off-access virus scanning, e.g., a file is scanned when it is not in use. Typically scanning is performed at an off-peak time, such as during the night, when it is most likely that all files will be available for review by the scanning software. Unfortunately, the advent of fast Internet connection, and the proliferation of computers in the workplace and home, allows users to obtain and share files much faster than the traditional virus scanners can scan and correct viruses. Consequently, off-peak scanning services are no longer sufficient.
To compensate, on-access scanning has been developed. In on-access scanning, as the name suggests, a file is scanned when access is attempted to the file. This scanning may be performed along with traditional scanning services. On-access scanning operates by configuring an operating system (or equivalent control program) to notify the on-access software when a file access attempt is made. For example, file access subroutines of the operating system may be replaced with specialized versions tailored to interact with the on-access scanning software. Or, in an event driven environment, the operating system (or equivalent event-control structure) can be instructed to route file access events to the scanning software. In either configuration (or equivalents), file access attempts are effectively intercepted by the scanning software to provide an opportunity to scan the file for viruses before a file requestor obtains access to the file.
Unfortunately, there are several problems with on-access scanning. One such problem is the balancing of security needs against causing file-access errors or otherwise overly-delaying access to a file. For security, a file should be scanned before being released to a requester. Since file access attempts are intercepted, a user requesting the file must therefore wait for scanning to complete before access is granted. If the wait is too long, the user may believe that there has been a software and/or hardware malfunction. Similarly, if the requestor is another program, the program may believe there has been some sort of input/output (I/O) or other error.
Generally, long delays are atypical. Current techniques for scanning files, e.g., checking file components for “signatures” of viruses, usually takes only a fraction of a second—a time span not noticeable by most users or other devices/programs seeking to access the file. But, if the file is an archive, then scanning may be significantly longer, since the contents may have to be scanned, as well as the archive itself (it might be a self-executing self-extracting archive).
For some file constructions, inspecting the archive may take a very long time. Since file access is contingent on completing the scan, access to the file is completely blocked. And, depending on the construction of the virus scanning system, all of the scanner's resources may be tied up in processing one or more archives, thus rendering the entire system unavailable for processing file access requests. In fact, rather than trying to sneak a virus past a virus scanner, some scurrilous folks have been known to mount denial of service (DoS) attacks against computing systems by intentionally presenting archives crafted to take an inordinate amount of time to scan, and also consume most or all scanning resources, thus leaving the system inoperable.
File access scanning issues are further exacerbated when the virus scanner is running on a terminal server type of environment, e.g., the Microsoft Terminal Server, where the environment tricks a program into being shared among multiple client connections with the terminal server by executing each instance of the shared application program in a virtual execution environment. Because the shared application program is unaware of the sharing, when an error arises, the application issues an error to the executing host. Normally this would be the user's computing system. However, in a terminal server environment, it is instead the server, thus errors are displayed to the wrong computing device.
SUMMARY
The invention provides for an unshared application program, operating in a terminal server type of environment, to determine client session characteristics for a client connection with a server so as to allow the unshared application to notify the client as needed. In one configuration, the unshared application is a virus scanner performing on-access scanning of files, and determining client session characteristics allows the virus scanner to notify the client of a problem with a file and possibly seek a disposition for the file from the client.
REFERENCES:
patent: 5623600 (1997-04-01), Ji et al.
patent: 5960170 (1999-09-01), Chen et al.
patent: 6006034 (1999-12-01), Heath et al.
patent: 6026437 (2000-02-01), Muschett et al.
patent: 6029256 (2000-02-01), Kouznetsov
patent: 6085249 (2000-07-01), Wang et al.
patent: 6094731 (2000-07-01), Waldin et al.
patent: 6119165 (2000-09-01), Li et al.
patent: 6266774 (2001-07-01), Sampath et al.
patent: 6269456 (2001-07-01), Hodges et al.
patent: 6347375 (2002-02-01), Reinert et al.
patent: 6421733 (2002-07-01), Tso et al.
patent: 6427149 (2002-07-01), Rodriguez et al.
Edwards Jonathan
White Edmund
Dinh Dung C.
Hamaty, Esq. Christopher J.
Johnson Marlon
Network Associates Technology, Inc.
LandOfFree
Obtaining user responses in a virtual execution environment does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Obtaining user responses in a virtual execution environment, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Obtaining user responses in a virtual execution environment will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3070240