Bulk event scheduling
US-2016267404-A1 · Sep 15, 2016 · US
Protection feature for data stored at storage service
US10616210B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10616210-B2 |
| Application number | US-201615241116-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 19, 2016 |
| Priority date | Aug 19, 2016 |
| Publication date | Apr 7, 2020 |
| Grant date | Apr 7, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Cloud-based storage services are provided for storing data across multiple devices, where access to the data is subject to a first authentication process. Embodiments are directed to a data protection feature to prevent accidental deletion or modification of the data stored at the cloud via unintended user actions on the clients or actions by nefarious software or hackers. For example, a data protection feature for a portion of data stored at the storage service may be selected, where the feature includes elevation of the first authentication process. An attempted operation performed on the portion of data may be detected. If the attempted operation is deletion or modification of the portion of data, a second authentication process may be prompted to enable the attempted operation to be performed on the portion of data at the storage service. The second authentication process may be elevated compared to the first authentication process.
First claim
Opening claim text (preview).
What is claimed is: 1. A method to provide a data protection feature for a storage service, the method comprising: detecting an attempted operation to be performed on a portion of data as stored locally on a device; in response to the attempted operation being a new data addition operation and based on a first authentication process, performing the new data addition operation on the portion of data as stored locally on the device and synchronizing the portion of data, as updated per the new data addition operation, at a storage service; and in response to the attempted operation being a deletion operation, performing the deletion operation on the portion of data as stored locally on the device based on the first authentication process and placing a hold on synchronization of the portion of the data, as updated per the deletion operation, at the storage service; prompting a second authentication process, wherein the second authentication process is elevated compared to the first authentication process; and in response to the second authentication process being validated, removing the hold on synchronization at the storage service and synchronizing the portion of data, as updated per the deletion operation, at the storage service. 2. The method of claim 1 , further comprising: providing a selectable data protection feature to a user or an administrator for the portion of data stored at the storage service; and receiving a selection of the data protection feature from the user or the administrator associated with the portion of data, wherein the data protection feature includes elevation of the first authentication to the second authentication process. 3. The method of claim 2 , further comprising: prompting the second authentication process to enable the selection of the data protection feature. 4. The method of claim 2 , further comprising: providing to be displayed an error notification in response to detecting the deletion operation to be performed on the portion of the data. 5. The method of claim 4 , wherein the error notification includes an option to de-select the data protection feature for the portion of data. 6. The method of claim 5 , further comprising: detecting a deselection of the data protection feature; and prompting the second authentication process to allow the deselection of the data protection feature for the portion of data to be performed. 7. A server to execute a storage service configured to provide a data protection feature for data stored at the storage service, the server comprising: a memory configured to store instructions; and one or more processors coupled to the memory, the one or more processors, in conjunction with the instructions stored in the memory, are configured to: detect an attempted operation to be performed on a portion of data as stored locally on a device; in response to the attempted operation being a new data addition operation and based on a first authentication process, perform the new data addition operation on the portion of data as stored locally on the device and synchronizing the portion of data, as updated per the new data addition operation, at a storage service; and in response to the attempted operation being a deletion operation, perform the deletion operation on the portion of data as stored locally on the device based on the first authentication process and placing a hold on synchronization of the portion of the data, as updated per the deletion operation, at the storage service; prompt a second authentication process, wherein the second authentication process is elevated compared to the first authentication process by being based on a second type of factor different than the first type of factor associated with the first authentication process or being based on more factors than the first authentication process; and in response to the second authentication process being validated, remove the hold on synchronization at the storage service and synchronizing the portion of data, as updated per the deletion operation, at the storage service. 8. The server of claim 7 , wherein the portion of data is one of: all data, a file, a folder, groups of files, and groups of folders stored at the storage service. 9. The server of claim 7 , wherein the first authentication process comprises a single-factor authentication, and the second authentication process comprises at least one of a two-factor authentication, a multi-factor authentication, a multi-device authentication, a multi-application authentication, biometric authentication, and a smart card authentication. 10. The server of claim 7 , wherein validation of the prompted second authentication process is performed by one or both of the server and a separate authentication server. 11. The server of claim 7 , wherein the one or more processors are further configured to provide a selectable data protection feature for the portion of data stored at the storage service: receive a selection of the data protection feature for the portion of data stored at the storage service, wherein the data protection feature includes elevation of the first authentication process to the second authentication processor; wherein the selectable data protection feature is provided and the selection of the data protection is received through one or more of a web application, an application programming instance (API), and a synchronization client executing on a device. 12. A method to provide a data protection feature for data stored at a storage service, the method comprising: detecting an attempted operation to be performed on a portion of data as stored locally on a device; in response to the attempted operation being a new data addition operation and based on a first authentication process, performing the new data addition operation on the portion of data as stored locally on the device and synchronizing the portion of data, as updated per the new data addition operation, at a storage service; and in response to the attempted operation being a deletion operation, performing the deletion operation on the portion of data as stored locally on the device based on the first authentication process and placing a hold on synchronization of the portion of the data, as updated per the deletion operation, at the storage service; prompting a second authentication process, wherein the second authentication process is elevated compared to the first authentication process by being based on a second type of factor different than the first type of factor associated with the first authentication process or being based on more factors than the first authentication process; and in response to the second authentication process being validated, removing the hold on synchronization at the storage service and synchronizing the portion of data, as updated per the deletion operation, at the storage service. 13. The method of claim 12 , further comprising: automatically selecting a data protection feature for the portion of data stored at the storage service, wherein the data protection feature includes elevation of the first authentication process to the second authentication processor; providing to be displayed an error notification that includes an option to de-select the data protection feature for the portion of data in response to detecting the deletion operation to be performed on the portion of the data; detecting a deselection of the data protection feature; and prompting the second authentication process to allow the deselection of the data protection feature for the portion of data to be performed. 14. The method of claim 13 , f
Assignees
Inventors
Classifications
Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS] · CPC title
in relation to access · CPC title
Monitoring storage devices or systems · CPC title
to assure secure storage of data (address-based protection against unauthorised use of memory G06F12/14; record carriers for use with machines and with at least a part designed to carry digital markings G06K19/00) · CPC title
Permissions · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10616210B2 cover?
- Cloud-based storage services are provided for storing data across multiple devices, where access to the data is subject to a first authentication process. Embodiments are directed to a data protection feature to prevent accidental deletion or modification of the data stored at the cloud via unintended user actions on the clients or actions by nefarious software or hackers. For example, a data p…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/083. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 07 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).