Abstract: Application programming interface (API) calls made by an application are intercepted at runtime. A determination is made as to whether each intercepted API call is allowed or blocked by a restricted application execution environment. Each API call that is blocked by the restricted application execution environment is modified so that the API call is allowable such as, for instance, modifying the API call to execute against a shadow resource. Remediation code might also be executed at runtime to reformat the API call so that it is allowed to execute in the restricted application execution environment.

Abstract: Application programming interface (API) calls made by an application are intercepted at runtime. A determination is made as to whether each intercepted API call is allowed or blocked by a restricted application execution environment. Each API call that is blocked by the restricted application execution environment is modified so that the API call is allowable such as, for instance, modifying the API call to execute against a shadow resource. Remediation code might also be executed at runtime to reformat the API call so that it is allowed to execute in the restricted application execution environment.

Abstract: When a request is received to execute a virtualized application, an application virtualization client component evaluates an execution policy to determine if the application may be executed. If the application virtualization client component determines based on the execution policy that the virtualized application may be executed, the application virtualization client component publishes the virtualized application. The application virtualization client component publishes the application by making the virtualized application available for execution if the application is installed, and installing the virtualized application if it is not installed. The application virtualization client component also evaluates the execution policy during execution of the virtualized application.

Abstract: Technologies are described herein for converting a desktop application to a web application. An interface file is generated based on a user interface of the desktop application. A logic file is generated based on application executables of the desktop application. A data model is generated based on application data and states of the desktop application. The web application is generated based on the interface file, the logic file, and the data model.

Abstract: The dependencies of an application are identified by intercepting application programming interface calls made by an application. A determination is then made at the runtime of the application as to whether the dependencies of the application are present. If the dependencies are not present, a client device upon which the application is executing is configured such that the dependencies are present and are made available only to the authorized application. If the dependencies are present and the application is authorized to interact with the dependencies, the application is permitted to execute.

Abstract: Execution of an application is suspended and the runtime state of the application is collected and persisted. Maintenance operations may then be performed on the computer that the application was executing upon. The runtime state might also be moved to another computer. In order to resume execution of the application, the runtime state of the application is restored. Once the runtime state of the application has been restored, execution of the application may be restarted from the point at which execution was suspended. A proxy layer might also be utilized to translate requests received from the application for resources that are modified after the runtime state of the application is persisted.

Abstract: Application programming interface (API) calls made by an application are intercepted at runtime. A determination is made as to whether each intercepted API call is allowed or blocked by a restricted application execution environment. Each API call that is blocked by the restricted application execution environment is modified so that the API call is allowable such as, for instance, modifying the API call to execute against a shadow resource. Remediation code might also be executed at runtime to reformat the API call so that it is allowed to execute in the restricted application execution environment.

Abstract: In order to enable potentially conflicting applications to execute on the same computer, application programming interface (API) calls are intercepted when an application attempts to access a computer system's resources. During a learning mode of operation, a security monitor stores data in a security monitor database identifying which applications are allowed to access the computer system resources. At runtime of an application, the security monitor operates in an enforcement mode and utilizes the contents of the security monitor database to determine if an application is permitted to access system resources. If data associated with the application is located in the security monitor database, the application is allowed to access computer system resources, if data associated with the application is not located in the security monitor database, the application is not allowed to access computer system resources.

Abstract: Technologies are described herein for providing; a persona-based application experience. A query for a location of a persona package is received from a virtualization client. When the query is received, a current persona of a user requesting execution of a virtualized application is determined. The location of the persona package corresponding to the current persona of the user is determined The location of the persona package is sent to the virtualization client in response to the query. The virtualization client is configured to execute the virtualized application adapted to the persona package.

Abstract: Technologies are described herein for automatically selecting a best application delivery method based on a centrally maintained policy. An agent executing on a user computing device receives a request to initiate an application. The agent requests a centrally maintained application placement policy document regarding the application program from a policy server. The application placement policy document may describe a policy for determining a method for delivery of the application to the user computing device based on a number of conditions. The agent selects the method for delivery of the application based on the application placement policy document and the current conditions, and then initiates the application program utilizing the selected application delivery method.