Computers today (e.g. PCs, smartphones, servers) typically have an operating system that manages computer hardware and software resources. Application programs typically require an operating system to function on a computer.
Various types of operating systems (OSs) exist, such as Unix™ and Unix-like, OS X™, iOS™, Linux™, Android™, Windows™, etc. The selection of an operating system can be made based on the given computer's architecture (compatibility), performance requirements and user preferences, for instance. It is common for operating systems to manage memory by virtual allocation in order to optimize resource usage.
A typical operating system allocates memory to different processes. As shown in FIG. 1, an operating system can segregate virtual memory 10 into user space 12 and kernel space 14. The kernel space 14 is reserved for specific operations associated with the kernel 16. The kernel 16 is a central core of the operating system and houses core programs 18. Application programs typically operate in user space 12.
Operating systems can allow multiple virtualized user space instances, which will be referred to herein as containers 20, 22. Communication between processes in user space is known as inter-process communication (IPC). Processes that send IPC to each other are messaging “endpoints”. Operating systems typically allow communication between processes running within a given container (container-local messaging), using IPC that is local to the container. Operating systems also allow communication 28 between processes 24, 26 running in different containers 20, 22 (inter-container messaging). Inter-container messaging uses IPC that is implemented both within and outside local containers.
Inter-container messaging is typically highly restricted, due to security or business considerations. Inter-container messaging can be restricted to specific combinations of processes or containers. There is a need to improve security and efficiency of inter-container messaging.