*** Welcome to piglix ***

Application virtualization


Application virtualization is software technology that encapsulates computer programs from the underlying operating system on which it is executed. A fully virtualized application is not installed in the traditional sense, although it is still executed as if it were. The application behaves at runtime like it is directly interfacing with the original operating system and all the resources managed by it, but can be isolated or sandboxed to varying degrees.

In this context, the term "virtualization" refers to the artifact being encapsulated (application), which is quite different from its meaning in hardware virtualization, where it refers to the artifact being abstracted (physical hardware).

Full application virtualization requires a virtualization layer. Application virtualization layers replace part of the runtime environment normally provided by the operating system. The layer intercepts all disk operations of virtualized applications and transparently redirects them to a virtualized location, often a single file. The application remains unaware that it accesses a virtual resource instead of a physical one. Since the application is now working with one file instead of many files spread throughout the system, it becomes easy to run the application on a different computer and previously incompatible applications can be run side-by-side. Examples of this technology for the Windows platform include:

Application virtualization allows applications to run in environments that do not suit the native application. For example, Wine allows some Microsoft Windows applications to run on Linux.

Application virtualization reduces system integration and administration costs by maintaining a common software baseline across multiple diverse computers in an organization. Lesser integration protects the operating system and other applications from poorly written or buggy code. In some cases, it provides memory protection, IDE-style debugging features and may even run applications that are not written correctly, for example applications that try to store user data in a read-only system-owned location. (This feature assist in the implementation of the principle of least privilege by removing the requirement for end-users to have administrative privileges in order to run poorly written applications.) It allows incompatible applications to run side-by-side, at the same time and with minimal regression testing against one another. Isolating applications from the operating system has security benefits as well, as the exposure of the application does automatically entail the exposure of the entire OS.


...
Wikipedia

...