SYSTEM AND METHOD FOR ELECTRONIC DISTRIBUTION OF SOFTWARE AND DATA
According to computerized methods of distributing software and data, software components may be distributed electronically for execution in controlled environments. Such a controlled environment may, for example, restrict the components' ability to communicate through a network to one or more specified hosts. When a component requests data, such as a stream of financial data, the request may specify a source of the data, and the request may be granted or denied by the distributor based on whether the specified source is an authorized source of the data and/or whether the requested data is available from an authorized source.
This application claims the benefit of provisional U.S. Patent Application No. 61/521,192, titled “System and Method for Electronic Distribution of Software and Data” and filed on 8 Aug. 2011, which is incorporated herein by reference including all appendices thereto.
COPYRIGHT NOTICEA portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure as it appears in the Patent and Trademark Office patent files or records but otherwise reserves all copyrights whatsoever.
BACKGROUND OF THE INVENTIONData providers often provide software, e.g., tools, applications, applets, plug-ins, etc., for analyzing, manipulating, and otherwise using the data (e.g., content, media, etc.) that they provide.
For example, an application portal may provide for electronic distribution of such software and data.
SUMMARY OF THE INVENTIONEmbodiments of the invention support distribution of software and data by data and service providers, and other services and organization (e.g., ISPs, software developers, etc., insofar as they provide data in a role other than as a mere conduit for network traffic), which are referred to generally herein as “providers.”
Embodiments of the invention are described herein in connection with software and data. “Software” is meant in a broad sense and may include software applications, applets, plug-ins, and other software components. “Software component” is also meant in a broad sense, and may include any unit of software intended to be distributed, installed, and/or used as a unit, and may include, e.g., a standalone application, a plug-in, a library, or other component. “Data” is also meant in a broad sense, and may include digital content and media.
According to some embodiments, software components may be configured to receive data that a provider provides and in some way process, present, and/or store that data. Some embodiments include an application portal, application marketplace, or application store (any of which may hereinafter be referred to as an “application portal”) comprising data available for downloading and/or streaming (either of which may hereinafter be referred to as “downloading”).
The term “sandbox” is well known in the art and may refer to a protected computing environment in which software components may be executed with limited privileges. Although operating systems are also known to control processes' access to various facilities, a sandbox is not an operating system as such, but typically refers instead to a relatively tightly controlled environment, which may exist within an operating system, and which may impose restrictions on access to resources in addition to the restrictions that are imposed by the operating system that hosts the sandbox. (The more formal term “controlled execution environment” may also be used to refer to a sandbox.)
According to some embodiments, data downloaded from an application portal is used in a sandbox or other controlled and/or protected environment, and in some embodiments, may be used only on authorized devices. In some embodiments, such data may only be accessed through predetermined data sources and/or providers, including those operated by the provider of the application portal and external providers.
According to embodiments, the application portal may be accessible via private or semi-private networks such as LANs, WANs, VPNs, intranets, or extranets; by private electronic communication networks (ECNs); by public networks such as the Internet; or by other communication networks or methods, including via wired and wireless technologies. In various embodiments, the application portal may run on or be accessible from a computer, server, media player, mobile and/or cellular device, tablet, storage device, entertainment device, or other electronic device.
According to some embodiments, data providers provide created or acquired data, and software developers provide created or acquired software components that are uploaded to the application portal for electronic distribution. Such data may include, for example, financial data, news, movies, music, books, and games that are distributed in a variety of formats. Such software components may include tools, applications and plug-ins for analyzing or manipulating data, or presenting or playing data. In one embodiment, the data available for download from the application portal includes data drawn from or otherwise relevant to the fields of financial services, investments, and trading, and the software components display, chart, and/or analyze financial data, instruments and/or products, or execute or make easier the trading of financial instruments.
According to some embodiments, a data provider operates the application portal. In other embodiments, another service or organization, unrelated to a data provider, operates the application portal.
According to some embodiments, the application portal is operated by one party and at least one other party provides software components and/or data. According to some embodiments, the portal operator contractually binds third-party software component developers and/or third party data providers to comply with certain policies, e.g., terms of service, set forth by the operator of the application portal. According to some embodiments, third-party software component developers and data providers may be individuals or organizations.
According to some embodiments, software component developers and data providers may use a software development kit (“SDK”) developed and maintained by the operator of the application portal. Such an SDK may be based on, or leverage the power of, an existing development environment, framework, and/or runtime environment, e.g., Microsoft Visual Studio and .NET technologies.
In an embodiment, the application portal SDK may include or otherwise be associated with tools that allow the application portal operator to handle version control and deployment of software components and data on the application portal. The application portal SDK may also allow the software components to access other data or software stored on or offered by the application portal operator, either with or without a subscription requirement.
For example, in one embodiment, a financial services software component developed using the application portal SDK may be configured to access data about financial instruments, where the data is offered by the operator of the application portal. This provides for controlled integration of a third-party software component into the data provider/portal operator's sandbox to access and use data supplied by the data provider. For example, a stock charting software component developed by a third party may access historical stock information and charting functions provided by a data provider and portal operator such as Bloomberg Finance L.P. (“Bloomberg”). Such integration between a third-party software component and underlying data from the application portal operator creates a synergistic effect.
According to some embodiments, software components distributed from the application portal that are configured to access other data may be required, by technical restrictions, contractual obligation, or both, to access such data through the services of the application portal operator and to use data delivered by the operator of the application portal if such data is available through the application portal or from the application portal operator.
For example, in one embodiment, a stock charting software component developed by a third party may access historical stock information and charting functions provided by a data provider such as Bloomberg, where Bloomberg is also the operator of the application portal, but would be prohibited from accessing historical stock information and charting functions from a different data provider. Such a model would integrate the software component on the application portal with other services offered by the operator of the application portal and, in an embodiment, may support various subscription and revenue models, as discussed in more detail below.
According to some embodiments, software components distributed from the application portal that are configured to access data from the application portal operator or a third-party data provider may receive triggers or alerts from the data providers, and may update the data used by software component accordingly. For example, a stock charting software component developed for an application portal by a third party may access historical stock information and charting functions provided by the application portal operator such as Bloomberg, with the application portal operator alerting the third-party stock charting software component of changes in data, e.g., upon receipt of a press release, execution of a stock trade, or some other notable event.
According to some embodiments, software components available on the application portal may be configured to be downloadable, accessible, or executable only on certain devices. For example, in an embodiment, a stock charting software component developed by a third-party may be configured to run on an authorized desktop or mobile device accessing the Bloomberg Professional® Service (“BPS”), only within the BPS sandbox and only on one or more authorized devices.
According to some embodiments, software components available on the application portal may be configured to be downloadable, accessible, or executable only by certain individuals, groups, or users meeting certain criteria, in either moderated or non-moderated application portals. For example, in an embodiment, a stock charting software component developed by a third-party investment bank may be configured to run only on devices registered to employees of that investment bank. In addition to or instead of the foregoing, permissioning to access data available to the bank may be configured at various access levels. For example, whether or not a particular user is allowed to download and/or execute a software component that uses certain data can depend upon whether that user has been separately permissioned to use that data with that software component. Administratively, however, some or all such separate permissions may in an embodiment of the invention be commonly administered, e.g., with reference to a single user account or group of accounts.
According to some embodiments, software components available on the application portal may be configured to receive “roaming” information from the application portal or other source to allow a user to utilize different devices/terminals and retain a common user profile, settings, etc. with respect to the devices, terminals, and software components.
According to some embodiments, software components may execute in a sandboxed run-time environment on user devices to allow unknown third-party software to safely run on user devices. Such an environment may prevent the software components from accessing functions or information otherwise accessible on the device but outside the intended reach of the sandbox. For example, the sandbox environment may prevent access to certain operating system, local file system, registry, and memory resources. In such an embodiment, the application portal operator may promote this safeguard to potential users, who can be assured that software components provided by the application portal can safely run on the users' devices, including devices which are used to support mission-critical operations and decisions.
As another safeguard, in an embodiment, software developers and data providers may undergo a vetting process by the operator of the application portal. For example, in an embodiment, the operator of the application portal may conduct a background review of the developer/data provider; require that the business interests or goals of the developer/data provider comport with the interests and goals of the application portal operator; require that the developer/data provider comply with technical and data usage rules and terms of service; require that the software component be capable of running in a sandbox environment; and/or require that any external data served by the software component be served by the application portal operator, and not from a third-party server or other data source.
Alternatively, the operator may require that external data be served by the application portal operator only if that data is available from that operator, allowing access to data from a third-party server otherwise. Even when access to data from a third-party server is allowed, however, the application portal operator may act as a proxy between the third-party server and a software component that requests the data.
According to some embodiments, after developers and data providers have created software components and uploaded the software components to the application portal for electronic distribution, users of the software component may download the data for a pre-determined fee. In an embodiment, the fee may be a one-time charge, or may be a recurring charge based on a subscription model. Any such fee may be subsumed in another charge not specifically associated with the component or its use of data, such as, e.g., a general subscription or other fee charged by a data provider for use of its data.
In an embodiment, the application portal operator may collect the fees directly from the purchaser, and may then share the fees with the developer/data provider, e.g., according to a previously agreed formula. For example, it may be agreed that 70% of the revenue derived from sales of a software component may be passed along to the developer/data provider and the operator may retain 30%. Any formula for dividing revenue may be adaptive, based, e.g., on the sales volume of the developer/data provider. In addition to or instead of the foregoing, such a formula may vary based on whether the software component accesses data delivered by the operator of the application portal.
In an embodiment, the application portal operator may allow one or more software components to access data on the application portal at no charge, e.g., to stimulate sales of the software components.
According to embodiments, the developer/data provider may be required to meet one or more standards to remain a developer/data provider on the application portal. For example, an operator may impose a monthly or yearly revenue or quantity minimum to remain a developer/data provider. The developer/data provider may also be required to lease from the application portal operator, or have access to, test devices compatible with the application portal, which may include proprietary user devices. In an embodiment, the developer/data provider may be required to comply with service level agreements (“SLAs”) to ensure that the developer/data provider will timely fix high-priority software bugs identified by users.
In an embodiment, the developer/data provider may be allowed to use a proprietary front-end or user interface for a software component, but may be required to adhere to workflow or design standard guidelines set forth by the application portal operator.
According to embodiments, the application portal operator may be responsible for the deployment and version control of software components as well as billing administration, technical support, and serving as the first point of contact for users.
According to embodiments, the presence of a software component on the application portal may be advantageous to the developer/data provider, as the application portal may have a wide audience or established user base. In an embodiment, the application portal operator may choose to feature the software component of a particular developer/data provider to increase sales.
According to some embodiments, systems for carrying out the functionality and or methods disclosed herein comprise at least one computer which receives, stores, and/or transmits data provided by developers and data providers, and receives, stores, and/or transmits other data, e.g., data provided by the application portal operator. The at least one computer comprises or has access to electronic storage to store data described herein and access to code to cause the at least one computer to perform the functionality described herein.
In an embodiment, devices that may access the application portal may comprise at least one computer or computing device, appropriate data and code storage, and input and output devices, e.g., a keyboard, a pointing device, a scanner, a computer monitor, a printer, communication devices, etc., or may comprise a media player, mobile and/or cellular device, tablet, storage device, entertainment device, or other electronic device.
According to an embodiment of the invention, a method is provided of electronically distributing computer software, by a distributor, in a networked computing environment. The method comprises: electronically transmitting through a computer network computer software that comprises a controlled execution environment, the controlled execution environment being capable of controlling use of the computer network by one or more components that execute within the controlled execution environment; configuring the controlled execution environment so that a component executing within the controlled execution environment is restricted to communication via the computer network only to one or more network hosts specified by the distributor; and electronically transmitting through the computer network computer software that comprises a component, the component being configured to be capable of execution only within the controlled execution environment.
According to an embodiment of the invention, a method is provided of electronically distributing computer software to a purchaser, by a provider of electronic data, in a networked computing environment. The method comprises: electronically transmitting through a computer network computer software that comprises a controlled execution environment, the controlled execution environment being capable of controlling use of the computer network by one or more components that execute within the controlled execution environment; configuring the controlled execution environment so that any component executing within the controlled execution environment is restricted to communication via the computer network only to one or more network hosts specified by the provider of electronic data; receiving from an entity that is independent of the provider of electronic data, a component, the component being configured to be capable of execution only within the controlled execution environment; electronically receiving from the purchaser one or more queries via the computer network comprising purchase of, or a subscription to, the component in exchange for one or more first payments; and in response to receipt of the one or more queries, electronically transmitting to the purchaser through the computer network the component. In an embodiment of the invention, the method comprises receiving from the purchaser one or more second payments in exchange for electronic data services and paying the independent entity an amount that is based on the one or more first payments but is not based on the one or more second payments.
According to an embodiment, configuring the controlled execution environment comprises individually restricting one or more specified components executing within the controlled execution environment to communication only to one or more respective specified network hosts. According to an alternative embodiment, configuring the controlled execution environment comprises collectively restricting one or more components executing within the controlled execution environment to communication only to one or more specified network hosts. According to an alternative embodiment, configuring the controlled execution environment comprises restricting one or more components executing within the controlled execution environment from accessing one or more resources of a client device.
According to an embodiment, the specified network hosts are controlled by the distributor.
A method according to an embodiment comprises electronically receiving one or more queries from the computer network, wherein electronically transmitting the software that comprises the component takes place automatically in response to receipt of the one or more queries. According to an embodiment, the one or more queries comprise a purchase of, or subscription to, the component or the software that comprises the component in exchange for one or more first payments. According to an embodiment, prior to receiving the one or more queries, receiving the software from an entity that is independent of the distributor. According to an embodiment, the specified network hosts are controlled by the distributor.
According to an embodiment, the distributor is a provider of electronic data services and the purchase or subscription is made by a purchaser, comprising receipt from the purchaser of one or more second payments in exchange for the electronic data services. According to an embodiment, payment by the distributor to the independent entity is of an amount based on the one or more first payments. In an embodiment, the distributor does not make any payment to the independent entity based on the one or more second payments.
Embodiments of the invention include computer systems configured and/or otherwise programmed to carry out the above methods. Embodiments also include computer readable storage media encoded with instructions that, when executed by one or more processors within a computer system, cause the computer system to carry out the above methods.
The invention is illustrated in the figures of the accompanying drawings, which are meant to be exemplary and not limiting, and in which like references are intended to refer to like or corresponding parts, elements, or functions.
Embodiments of the invention may be implemented by systems using one or more programmable digital computers.
Although the computer system 100 is shown in
One skilled in the art will recognize that, although the data storage device 120 and memory 122 are depicted as different units, the data storage device 120 and memory 122 can be parts of the same unit or units, and that the functions of one can be shared in whole or in part by the other, e.g., as RAM disks, virtual memory, etc. It will also be appreciated that any particular computer may have multiple components of a given type, e.g., processors 110, input devices 114, communications interfaces 118, etc.
The data storage device 120 (
One skilled in the art will recognize that the computer system 100 (
Two or more computer systems 100 (
One use of a network 142 (
Further, a computer system may simultaneously act as a workstation, a server, and/or a client. For example, as depicted in
The network 142 (
An internet may comprise a network of networks 142 (
As will be recognized by those skilled in the relevant art, the terms “workstation,” “client,” and “server” are used herein to describe a computer's function in a particular context. A workstation may, for example, be a computer that one or more users work with directly, e.g., through a keyboard and monitor directly coupled to the computer system. A computer system that requests a service through a network is often referred to as a client, and a computer system that provides a service is often referred to as a server. But any particular workstation may be indistinguishable in its hardware, configuration, operating system, and/or other software from a client, server, or both.
The terms “client” and “server” may describe programs and running processes instead of or in addition to their application to computer systems described above. Generally, a (software) client may consume information and/or computational services provided by a (software) server.
in an embodiment, developers and data providers create software components and/or digital content that may be considered to exist in a developer “cloud” 302, from which they may be uploaded to the application portal 304. The application portal 304 may receive the software component and/or content from developers and data providers that have been vetted by the application portal operator.
According to some embodiments, the application portal 304 or the data center 306 may transmit the software component provided by the developer and the content provided by the data provider to one or more user devices 308, which may be a computer, server, media player, mobile and/or cellular device, tablet, storage device, entertainment device, or other electronic device. According to some embodiments, the software component may run in a sandboxed run-time environment on user devices 308 to allow third-party digital data to safely run on such devices.
In an embodiment, the application portal 304 may be based on the Microsoft .NET Framework, with software components written in one of the .NET languages, e.g., C# or VB.NET. The sandbox of the .NET framework may provide runtime security by preventing software component code from interacting with the local file system, registry, or any other unnecessary local computer resources.
In an embodiment, for example, the secure sandbox environment restricts application access to critical desktop resources such as the registry, file system, network, and unmanaged code, e.g., DLLs and COM servers. Under no circumstances, in one embodiment, will a software component running in the sandbox have the ability to launch any processes. According to some embodiments, sandbox protection is enforced using .NET Code Access Security policies.
In an embodiment, each instance of a software component executes in its own .NET Application Domain sandbox within a hosting process, as shown in
In an embodiment, the application portal 304 may rely on a private virtualized distribution of the .NET Framework Client Profile, so that a local installation is not required. According to some embodiments, when a user associated with a given user device 308 purchases a software component or data from the application portal 304, the software component or content is delivered to the user device 308 and executed in the separate .NET AppDomain.
In an embodiment, the application portal 304 will also monitor installed versions of software components and content, and will automatically download a new version of the software component or content when it becomes available, e.g., when a new version with bug fixes, new functionality, or updated content is released by the developer or data provider. In an embodiment of the invention, the application portal 304 may support redownload and/or repair of damaged software components and content.
According to some embodiments, application portal 304 may be configured to allow software components and content to only be downloadable, accessible, or executable on certain devices, or by certain individuals, groups, or users meeting certain criteria.
According to some embodiments, application portal 304 may have moderated or non-moderated features and/or controls. In a moderated environment, in an embodiment, a “manager” or other party at a customer entity can control the one or more individuals or parties at the entity that may purchase and/or receive updates to software components. For example, a manager at a given entity may permit only a particular set of individuals in Research & Development at the manager's entity to receive updates to software components, whereas the remaining individuals at the manager's entity do not receive such updates. Similarly, a manger at an entity may permit only a particular group of individuals to purchase software components while restricting all others at the manager's entity from making app portal purchases. In a non moderated environment, in an embodiment, once a given entity is enabled, there are minimal or no restrictions placed on individuals at the entity from purchasing and/or receiving updates to software components on the application portal.
In an embodiment, software components may be supplemented by data from data center 306, which may be operated by the operator of the application portal 304. In another embodiment, software components may be supplemented by data from data source 302 supplied by the developer/data provider or a third-party data source, using the application portal operator's data center 306 as a proxy. According to some embodiments, software components configured to be supplemented by data from data source 306 may receive triggers or alerts from data source 306, and update the software component or content accordingly.
In an embodiment, in step 3 (706), the application portal operator publishes the software component for release, pending review of the software component by the application portal operator in step 4 (708). In step 5 (710), the software component is released to entitled users.
In an embodiment, the screen of
While the invention has been described and illustrated in connection with certain embodiments, many variations and modifications as will be evident to those skilled in this art may be made without departing from the spirit and scope of the invention, and the invention is thus not to be limited to the precise details of methodology or construction set forth above as such variations and modifications are intended to be included within the scope of the invention as may be defined by claims.
Claims
1. A method of providing computer software from a software provider and data, the method being performed by a computer system that comprises one or more processors, one or more memories operatively coupled to at least one of the processors, and one or more interfaces operatively coupled to at least one of the processors, and the method comprising:
- transmitting through at least one of the interfaces a software component that is restricted to execution in a controlled execution environment;
- receiving through at least one of the interfaces, from the software component executing in the controlled execution environment, a request for data from a data provider specified in the request; and
- in response to receiving the request for the data, at least one of the processors executing instructions to determine (i) whether the specified data provider is also a data provider authorized by the provider of the software component, (ii) whether the requested data is available from the specified data provider, and (iii) if the specified data provider is not the authorized data provider, whether the requested data is available from the authorized data provider.
2. The method of claim 1, comprising:
- in response to determining that the requested data is available from the specified data provider and further determining either (i) that the specified data provider is the authorized data provider, or (ii) that the specified data provider is not the authorized data provider and that the requested data is not available from the authorized data provider,
- transmitting the requested data to the software component through at least one of the interfaces;
- wherein the computer system is configured to refuse to transmit the requested data to the software component in response to determining either (i) that the requested data is not available from the specified data provider, or (ii) that the requested data is available from the authorized data provider and that the specified data provider is not the authorized data provider.
3. The method of claim 2, wherein the requested data is a stream of data.
4. The method of claim 2, comprising transmitting the controlled execution environment through at least one of the interfaces, wherein the controlled execution environment is configured to restrict one or more components that execute within it to communicate only with one or more respective specified network hosts.
5. The method of claim 2, wherein the authorized data provider is the provider of the software component.
6. The method of claim 2, wherein the specified data provider is not the authorized data provider, the method comprising acting as network proxy between the software component executing in the controlled execution environment and the specified data provider.
7. The method of claim 1, comprising electronically receiving one or more queries from the computer network, wherein electronically transmitting the software that comprises the component takes place automatically in response to receipt of the one or more queries.
8. The method of claim 7, wherein the one or more queries comprise a purchase of, or subscription to, the component or the software that comprises the component in exchange for one or more first payments.
9. The method of claim 8, comprising, prior to receiving the one or more queries, receiving the software from an entity that is independent of the distributor.
10. The method of claim 9, wherein the specified network hosts are controlled by the distributor.
11. The method of claim 10, wherein the distributor is a vendor of electronic data services and the purchase or subscription is made by a purchaser, comprising receipt from the purchaser of one or more second payments in exchange for the electronic data services.
12. The method of claim 11, comprising payment by the distributor to the independent entity of an amount based on the one or more first payments.
13. The method of claim 12, wherein the distributor does not make any payment to the independent entity based on the one or more second payments.
14. A computerized method of electronically distributing computer software to a purchaser, by a vendor of electronic data, in a networked computing environment, the method comprising:
- electronically transmitting through a computer network computer software that comprises a controlled execution environment, the controlled execution environment being capable of controlling use of the computer network by one or more components that execute within the controlled execution environment;
- configuring the controlled execution environment so that any component executing within the controlled execution environment is restricted to communication via the computer network only to one or more network hosts specified by the vendor;
- receiving a software component from an entity that is independent of the vendor of electronic data, the component being configured to be capable of execution only within the controlled execution environment;
- electronically receiving from the purchaser one or more queries via the computer network comprising purchase of, or a subscription to, the component in exchange for one or more first payments;
- in response to receipt of the one or more queries, electronically transmitting to the purchaser through the computer network the component; and
- receiving from the purchaser one or more second payments in exchange for electronic data services wherein the distributor does not make any payment to the independent entity based on the one or more second payments.
15. The method of claim 14, comprising paying the entity that is independent of the vendor of electronic data an amount that is based on the one or more first payments but is not based on the one or more second payments.
16. A computer system for providing computer software from a software provider and data, the computer system comprising:
- one or more processors;
- one or more memories operatively coupled to at least one of the processors;
- one or more interfaces operatively coupled to at least one of the processors; and
- one or more computer-readable storage media operatively coupled to at least one of the processors and encoded with instructions that, when executed by at least one of the processors, cause the computer system at least to transmit through at least one of the interfaces a software component that is restricted to execution in a controlled execution environment; receive through at least one of the interfaces, from the software component executing in the controlled execution environment, a request for data from a data provider specified in the request; and in response to receiving the request for the data, determine (i) whether the specified data provider is also a data provider authorized by the provider of the software component, (ii) whether the requested data is available from the specified data provider, and (iii) if the specified data provider is not the authorized data provider, whether the requested data is available from the authorized data provider.
17. The computer system of claim 16, wherein:
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to, in response to determining that the requested data is available from the specified data provider and further determining either (i) that the specified data provider is the authorized data provider, or (ii) that the specified data provider is not the authorized data provider and that the requested data is not available from the authorized data provider, transmit the requested data to the software component through at least one of the interfaces; and
- the instructions are such that the computer system refuses to transmit the requested data to the software component in response to determining either (i) that the requested data is not available from the specified data provider, or (ii) that the requested data is available from the authorized data provider and that the specified data provider is not the authorized data provider.
18. The computer system of claim 17, wherein the requested data is a stream of data.
19. The computer system of claim 17, wherein:
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to transmit the controlled execution environment through at least one of the interfaces; and
- the controlled execution environment is configured to restrict one or more components that execute within it to communicate only with one or more respective specified network hosts.
20. The computer system of claim 17, wherein the authorized data provider is the provider of the software component.
21. The computer system of claim 17, wherein:
- the specified data provider is not the authorized data provider; and
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to act as network proxy between the software component executing in the controlled execution environment and the specified data provider.
22. The computer system of claim 6, wherein:
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to electronically receive one or more queries from the computer network; and
- electronically transmitting the software that comprises the component takes place automatically in response to receipt of the one or more queries.
23. The computer system of claim 22, wherein the one or more queries comprise a purchase of, or subscription to, the component or the software that comprises the component in exchange for one or more first payments.
24. A computer-readable storage medium encoded with instructions that, when executed by one or more processors within a computer system that comprises one or more memories operatively coupled to at least one of the processors, and one or more interfaces operatively coupled to at least one of the processors, cause the computer system at least to
- transmit through at least one of the interfaces a software component that is restricted to execution in a controlled execution environment;
- receive through at least one of the interfaces, from the software component executing in the controlled execution environment, a request for data from a data provider specified in the request; and
- determine (i) whether the specified data provider is also a data provider authorized by the provider of the software component, (ii) whether the requested data is available from the specified data provider, and (iii) if the specified data provider is not the authorized data provider, whether the requested data is available from the authorized data provider.
25. The computer-readable storage medium of claim 24, wherein:
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to, in response to determining that the requested data is available from the specified data provider and further determining either (i) that the specified data provider is the authorized data provider, or (ii) that the specified data provider is not the authorized data provider and that the requested data is not available from the authorized data provider, transmit the requested data to the software component through at least one of the interfaces; and
- the instructions are such that the computer system refuses to transmit the requested data to the software component in response to determining either (i) that the requested data is not available from the specified data provider, or (ii) that the requested data is available from the authorized data provider and that the specified data provider is not the authorized data provider.
26. The computer-readable storage medium of claim 25, wherein the requested data is a stream of data.
27. The computer-readable storage medium of claim 25, wherein:
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to transmit the controlled execution environment through at least one of the interfaces; and
- the controlled execution environment is configured to restrict one or more components that execute within it to communicate only with one or more respective specified network hosts.
28. The computer-readable storage medium of claim 25, wherein the authorized data provider is the provider of the software component.
29. The computer-readable storage medium of claim 25, wherein:
- the specified data provider is not the authorized data provider; and
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to act as network proxy between the software component executing in the controlled execution environment and the specified data provider.
30. The computer-readable storage medium of claim 24, wherein:
- the instructions comprise instructions that, when executed by at least one of the processors, cause the computer system at least to receive one or more queries from the computer network; and
- electronically transmitting the software that comprises the component takes place automatically in response to receipt of the one or more queries.
31. The computer-readable storage medium of claim 30, wherein the one or more queries comprise a purchase of, or subscription to, the component or the software that comprises the component in exchange for one or more first payments.
Type: Application
Filed: Aug 8, 2012
Publication Date: Jul 11, 2013
Inventors: Gennady SLOBODSKIY (New York, NY), Vladmir Kilatchko (Dobbs Ferry, NY), Shawn Edwards (Staford, CT), Claudio Storelli (New York, NY), Satoko Highstein (New York, NY), Tom Secunda (Croton-on-Hudson, NY), Navanath Prabuhudessal (Hicksville, NY), Oleg Polonsky (Fair Lawn, NJ)
Application Number: 13/570,076
International Classification: G06F 21/60 (20060101);