Authorizing an untrusted client device for access on a content management system
US-2015222615-A1 · Aug 6, 2015 · US
Cursor with last observed access state
US11314774B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11314774-B2 |
| Application number | US-202016897884-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 10, 2020 |
| Priority date | Dec 28, 2017 |
| Publication date | Apr 26, 2022 |
| Grant date | Apr 26, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present technology pertains to an organization directory hosted by a synchronized content management system. The corporate directory can provide access to user accounts for all members of the organization to all content items in the organization directory on the respective file systems of the members' client devices. Members can reach any content item at the same path as other members relative to the organization directory root on their respective client device. In some embodiments novel access permissions are granted to maintain path consistency.
First claim
Opening claim text (preview).
What is claimed is: 1. A non-transitory computer readable medium comprising instructions stored thereon, when executed the instructions are effective to cause a content management system to: send, to a client device, information regarding a latest revision to a namespace, wherein the client device is authorized to access a user account on the content management system; send, to the client device, a cursor including last known revision data associated with the namespace and a token identifying one or more signed rights identifiers associated with a previously-authorized session, a previously-authorized account, or a previously-authorized client device; receive, from the client device, a request to commit a change to the namespace, wherein the request includes the cursor; and commit the change to the namespace, the change being an update to the namespace. 2. The non-transitory computer readable medium of claim 1 , wherein the instructions cause the content management system to: determine, before the committing the change, that the cursor does not reflect the latest revision; and send, to the client device, revisions subsequent to the latest revision sent associated with the cursor, wherein the change to the namespace is committed subsequently. 3. The non-transitory computer readable medium of claim 2 , wherein the cursor identifies an entry when recorded access was last confirmed. 4. The non-transitory computer readable medium of claim 3 , wherein the determining that the cursor does not reflect the latest revision is based on an identification of a mount revision that is subsequent to the entry identified by the cursor. 5. The non-transitory computer readable medium of claim 1 , wherein the instructions cause the content management system to: include any namespace to which the user account has access in the cursor or a list of paths to which the user account has partial access in the cursor. 6. The non-transitory computer readable medium of claim 1 , wherein the instructions cause the content management system to: encrypt and sign the cursor. 7. The non-transitory computer readable medium of claim 1 , wherein the instructions cause the content management system to: receive, from the client device, a second request to read further revisions from the namespace, the request includes the cursor; and send, to the client device, any further revisions when the cursor identifies access permission to the namespace as part of the last known revision data. 8. A method comprising: sending, to a client device from a content management system, information regarding a latest revision to a namespace, wherein the client device is authorized to access a user account on the content management system; sending, to the client device, a cursor including last known revision data associated with the namespace and a token identifying one or more signed rights identifiers associated with a last previously-authorized session; receiving, from the client device, a request to commit a change to the namespace, wherein the request includes the cursor; and committing the change to the namespace, the change being an update to the namespace. 9. The method of claim 8 , further comprising: determine, before the committing the change, that the cursor does not reflect the latest revision; and send, to the client device, revisions subsequent to the latest revision sent associated with the cursor, wherein the change to the namespace is committed subsequently. 10. The method of claim 9 , wherein the cursor identifies an entry when recorded access was last confirmed. 11. The method of claim 10 , wherein the determining that the cursor does not reflect the latest revision is based on an identification of a mount revision that is subsequent to the entry identified by the cursor. 12. The method of claim 8 , further comprising: including any namespace to which the user account has access in the cursor or a list of paths to which the user account has partial access in the cursor. 13. The method of claim 8 , further comprising: encrypt and sign the cursor. 14. The method of claim 8 , further comprising: receive, from the client device, a second request to read further revisions from the namespace, the request includes the cursor; and send, to the client device, any further revisions when the cursor identifies access permission to the namespace as part of the last known revision data. 15. A content management system comprising: one or more processors; and memory having instructions stored thereon, that when executed the instructions are effective to cause the one or more processors to: send, to a client device, information regarding a latest revision to a namespace, wherein the client device is authorized to access a user account on the content management system; send, to the client device, a cursor including last known revision data associated with the namespace and a token identifying one or more signed rights identifiers associated with a previously-authorized session, a previously-authorized account, or a previously-authorized client device; receive, from the client device, a request to commit a change to the namespace, wherein the request includes the cursor; and commit the change to the namespace, the change being an update to the namespace. 16. The content management system of claim 15 , wherein the instructions further cause the one or more processors to: determine, before the committing the change, that the cursor does not reflect the latest revision; and send, to the client device, revisions subsequent to the latest revision sent associated with the cursor, wherein the change to the namespace is committed subsequently. 17. The content management system of claim 16 , wherein the determining that the cursor does not reflect the latest revision is based on an identification of a mount revision that is subsequent to the latest revision identified by the cursor. 18. The content management system of claim 15 , wherein the instructions further cause the one or more processors to: include any namespace to which the user account has access in the cursor or a list of paths to which the user account has partial access in the cursor. 19. The content management system of claim 15 , wherein the instructions further cause the one or more processors to: encrypt and sign the cursor. 20. The content management system of claim 15 , wherein the instructions further cause the one or more processors to: receive, from the client device, a second request to read further revisions from the namespace, the request includes the cursor; and send, to the client device, any further revisions when the cursor identifies access permission to the namespace as part of the last known revision data.
Assignees
Inventors
Classifications
- G06F16/27Primary
Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor · CPC title
- G06F16/11Primary
File system administration, e.g. details of archiving or snapshots (error detection or correction of the data by redundancy in operations G06F11/14) · CPC title
Protocols · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
Delete operations (erasing in storage systems G06F3/0652) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11314774B2 cover?
- The present technology pertains to an organization directory hosted by a synchronized content management system. The corporate directory can provide access to user accounts for all members of the organization to all content items in the organization directory on the respective file systems of the members' client devices. Members can reach any content item at the same path as other members relat…
- Who is the assignee on this patent?
- Dropbox Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F16/27. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 26 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).