Abstract: Techniques for securing a computing environment are disclosed. Specifically, the invention allows the execution of any software application with administrator permissions on any computing device. This is done while preventing any of the software applications executed by the users, to perform harmful operations on the device. To this end, a user having only guest access permissions is allowed to perform operations as if the user has administrator permissions.

Abstract: Techniques for enabling writing and reading to and from a user file by at least a virtual software application. The user file includes a session file, an index file, and a data file. The techniques enable roaming between computers without the need to reconfigure, for example, the personalized information when switching between computers.

Abstract: A system and method for centrally deploying and managing virtual applications in an organization. The method comprises retrieving an existing schema of objects from a management directory of the organization; generating a virtual directory including at least the retrieved schema of objects and a virtual application; and enabling performance of a plurality of management and deployment operations on the virtual directory.

Abstract: A method for bi-directional synchronization of user data files between a client and at least one server. The method comprises determining if a match exists between a local session file and a reflection session file, wherein the local session file is maintained by the client and the reflection session is maintained by the at least one server; when the local session file and the reflection session file match, performing: synchronizing contents of a user data file maintained by the client with contents of a user data file maintained by the at least one server, when the user data file in the client includes more records than the user data file in the at least one server; and synchronizing contents of a user data file maintained by the at least one server with contents of a user data file maintained by the client, when the user data file in the client includes less records than the user data file in the at least one server.

Abstract: A portable platform for executing software applications on a computing device without installing or configuring the applications on the computing device. Furthermore, the execution of the applications is performed without making any changes or modifications to the computing device's memory or file system. The portable platform can reside on, for example, a portable memory device, a portable storage device, or downloaded from a web site.

Abstract: A method for enhancing functionality of locked-down computers by allowing installation of software applications on the locked-down computers operated by users having limited administrator permissions. The method comprises detecting an attempt for installation of a software application on a locked-down computer; generating a virtual software application corresponding to the software application, wherein the virtual software application is generated in a virtual environment; and enabling the execution of the virtual software application in the virtual environment.

Abstract: A system and method for centrally deploying and managing virtual applications in an organization. The method comprises retrieving an existing schema of objects from a management directory of the organization; generating a virtual directory including at least the retrieved schema of objects and a virtual application; and enabling performance of a plurality of management and deployment operations on the virtual directory.

Abstract: A method for bi-directional synchronization of user data files between a client and at least one server. The method comprises determining if a match exists between a local session file and a reflection session file, wherein the local session file is maintained by the client and the reflection session is maintained by the at least one server; when the local session file and the reflection session file match, performing: synchronizing contents of a user data file maintained by the client with contents of a user data file maintained by the at least one server, when the user data file in the client includes more records than the user data file in the at least one server; and synchronizing contents of a user data file maintained by the at least one server with contents of a user data file maintained by the client, when the user data file in the client includes less records than the user data file in the at least one server.

Abstract: A method for bridging between virtual applications and an operating system of a host computer. The method comprises retrieving virtual applications and settings of the virtual applications assigned to a user logged onto the host computer; downloading shadow files of the virtual applications assigned to the user; integrating each of the virtual applications with an operating system shell of the host computer; and causing a virtual application to be executed over the host computer when the virtual application is launched by the user.

Abstract: A method for virtualizing of software applications. The method comprises initializing a virtual environment created by a virtual engine executed over a computer; creating a new data file; launching an installation process of a software application to be virtualized, wherein the installation process runs in the virtual environment; during the installation process, capturing data writes to a file system of the computer's operating system; and saving the data writes to the new data file.

Abstract: A portable platform for executing software applications on a computing device without installing or configuring the applications on the computing device. Furthermore, the execution of the applications is performed without making any changes or modifications to the computing device's memory or file system. The portable platform can reside on, for example, a portable memory device, a portable storage device, or downloaded from a web site.

Abstract: Techniques for securing a computing environment are disclosed. Specifically, the invention allows the execution of any software application with administrator permissions on any computing device. This is done while preventing any of the software applications executed by the users, to perform harmful operations on the device. To this end, a user having only guest access permissions is allowed to perform operations as if the user has administrator permissions.