What technology area does this patent fall under?

Primary CPC classification G06F16/27. Mapped technology areas include Physics.

When was this patent published?

Publication date Tue Jun 23 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Restrictive access control list

US10691721B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10691721-B2
Application number	US-201816118514-A
Country	US
Kind code	B2
Filing date	Aug 31, 2018
Priority date	Dec 28, 2017
Publication date	Jun 23, 2020
Grant date	Jun 23, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

The present technology pertains to a organization directory hosted by a synchronized content management system. The corporate directory can provide access to user accounts for all members of the organization to all content items in the organization directory on the respective file systems of the members' client devices. Members can reach any content item at the same path as other members relative to the organization directory root on their respective client device. In some embodiments novel access permissions are granted to maintain path consistency.

First claim

Opening claim text (preview).

What is claimed is: 1. A non-transitory computer readable medium comprising instructions stored thereon, when executed the instructions are effective to cause a content management system to: include a first folder in a restrictive access control list, wherein the restrictive access control list overrides a default access policy for a directory including the first folder to prohibit all user accounts having access to the directory from accessing the first folder except for a user account that is included in the restrictive access control list in association with the first folder, wherein the default access policy for the directory permits all user accounts having access to the directory to at least read contents of each folder within the directory; determine whether the first folder has an associated property that requires that the first folder be visible to user accounts that have access to the directory; and provide read-name-only access to the first folder for the user accounts that have access to the directory except for the user account that is included in the restrictive access control list in association with the first folder. 2. The non-transitory computer readable medium of claim 1 , further comprising instructions to cause the content management system to: provide access to a second folder to a second user account by including the second folder and the second user account in the restrictive access control list, wherein the second folder is located in a path is subordinate to the first folder to which the user account has no access; determine that the second user account should be granted a traversal right to the first folder; and store the traversal right to the first folder in a traversal dictionary. 3. The non-transitory computer readable medium of claim 1 , further comprising instructions to cause the content management system to prohibit all user accounts from having access to the directory and from seeing the existence of the first folder except for the user account that is included in the restrictive access control list in association with the first folder. 4. The non-transitory computer readable medium of claim 1 , further comprising instructions to cause the content management system to: associate the user account with a membership in a team; and record the team in association with the first folder in the restrictive access control list, wherein the user account is included in the restrictive access control list when the team to which the user account is a member is listed in the restrictive access control list. 5. The non-transitory computer readable medium of claim 1 , further comprising instructions to cause the content management system to: receive from a first client device authorized to access a second user account on the content management system to synchronize content associated with the second user account between the first client device and the content management system, wherein the second user account is not included in the restrictive access control list in association with the first folder; determine whether the second user account has access rights to a second folder that is located in a path subordinate to the first folder to which the second user account has no access; when it is determined that the second user account has access rights to the second folder that is located in the path subordinate to the first folder to which the user account has no access, synchronize the first folder with the first client device by transmitting a representation of the first folder, but not including any content items within the first folder other than the second folder; when it is determined that the second user account does not have access rights to the second folder that is located in the path subordinate to the first folder to which the user account has no access, determine if the first folder is associated with a property requiring that the property be visible; when it is determined that the first folder is associated with a property requiring that the property be visible, synchronize the first folder with the first client device by transmitting a representation of the first folder, but not including any content items within the first folder; and when it is determined that the first folder is not associated with a property requiring that the property be visible, do not synchronize the first folder. 6. A method comprising: including a first folder in a restrictive access control list, wherein the restrictive access control list overrides a default access policy for a directory including the first folder to prohibit all user accounts having access to the directory from accessing the first folder except for a user account that is included in the restrictive access control list in association with the first folder, wherein the default access policy for the directory permits all user accounts having access to the directory to at least read contents of each folder within the directory; determining whether the first folder has an associated property that requires that the first folder be visible to user accounts that have access to the directory; and providing read-name-only access to the first folder for the user accounts that have access to the directory except for the user account that is included in the restrictive access control list in association with the first folder. 7. The method of claim 6 , further comprising: providing access to a second folder to a second user account by including the second folder and the second user account in the restrictive access control list, wherein the second folder is located in a path is subordinate to the first folder to which the user account has no access; determining that the second user account should be granted a traversal right to the first folder; and storing the traversal right to the first folder in a traversal dictionary. 8. The method of claim 6 , further comprising prohibiting all user accounts from having access to the directory and from seeing the existence of the first folder except for the user account that is included in the restrictive access control list in association with the first folder. 9. The method of claim 6 , further comprising: associating the user account with a membership in a team; and recording the team in association with the first folder in the restrictive access control list, wherein the user account is included in the restrictive access control list when the team to which the user account is a member is listed in the restrictive access control list. 10. The method of claim 6 , further comprising: receiving from a first client device authorized to access a second user account on a content management system to synchronize content associated with the second user account between the first client device and the content management system, wherein the second user account is not included in the restrictive access control list in association with the first folder; determining whether the second user account has access rights to a second folder that is located in a path subordinate to the first folder to which the second user account has no access; when it is determined that the second user account has access rights to the second folder that is located in the path subordinate to the first folder to which the user account has no access, synchronizing the first folder with the first client device by transmitting a representation of the first folder, but not including any content items within the first folder other than the second folder; when it is determined that the second user account does not have access rights to the second folder that is located in the path subordinate to the first folder to which the user a

Assignees

Dropbox Inc

Inventors

Classifications

G06F16/27Primary
Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor · CPC title
G06F16/11Primary
File system administration, e.g. details of archiving or snapshots (error detection or correction of the data by redundancy in operations G06F11/14) · CPC title
H04L67/01
Protocols · CPC title
G06F16/178Primary
Techniques for file synchronisation in file systems · CPC title
G06F16/1767
Concurrency control, e.g. optimistic or pessimistic approaches · CPC title

Patent family

Related publications grouped by family.

View patent family 62949013

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10691721B2 cover?: The present technology pertains to a organization directory hosted by a synchronized content management system. The corporate directory can provide access to user accounts for all members of the organization to all content items in the organization directory on the respective file systems of the members' client devices. Members can reach any content item at the same path as other members relati…
Who is the assignee on this patent?: Dropbox Inc
What technology area does this patent fall under?: Primary CPC classification G06F16/27. Mapped technology areas include Physics.
When was this patent published?: Publication date Tue Jun 23 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).