Repository redundancy implementation of a system which incrementally updates clients with events that occurred via a cloud-enabled platform
US-9396216-B2 · Jul 19, 2016 · US
Sandboxing individual applications to specific user folders in a cloud-based service
US9553758B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9553758-B2 |
| Application number | US-201313830016-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 14, 2013 |
| Priority date | Sep 18, 2012 |
| Publication date | Jan 24, 2017 |
| Grant date | Jan 24, 2017 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An example system and method comprises receiving a request from the third-party application, wherein the request includes a user identifier; allocating an area that is specific for the third-party application and for the user; and granting access of the area to the third-party application. In one embodiments, the method further comprises providing to the third-party application a token which allows the third-party application to access a given area. Additional embodiments provided herein enable a third-party application to use a user identifier (e.g., an email address or other identifiers) of its user to access area specific of a cloud-based environment/platform/services (e.g., collaboration, file sharing, and/or storage services) without necessarily triggering user account authentication, thereby avoiding the process of requiring access codes from the user which can adversely impact user experience as well as compromise security and/or user's privacy.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for providing a third-party application with access to an area in a user work space of a cloud-based service, the method comprising: receiving, by one or more servers of the cloud-based service, a request initiated by the third-party application, wherein the request includes a user identifier that uniquely identifies the user in the cloud-based service, wherein the user identifier does not include authentication credentials associated with the user in the cloud-based service; and based on evaluation of the user identifier: verifying, by the one or more servers, that the third-party application has consent of the user to access to the area of the user work space, wherein the area of the user work space is a subset area of the user work space exclusively accessible by the third-party application, providing the third-party application with a token that allows the third-party application to exclusively access the area of the user work space without providing access to other areas of the user work space, and granting, based on the token, the third-party application access to the area in the user work space of the cloud-based service. 2. The method of claim 1 , wherein granting the third-party application access to the area of the user work space further comprises: encrypting content in the area of the work space; receiving the token presented by the third-party application; verifying that the token is valid; and upon verifying that the token is valid, decrypting at least some of the content in the area of the work space. 3. The method of claim 1 , wherein the area of the work space comprises a folder. 4. The method of claim 1 , further comprising: determining if the area of the user work space already exists; and upon determining that the area of the user work space does not exist, allotting an amount of space on the one or more servers of the cloud-based service as the area of the user work space for exclusive use by the third party application. 5. The method of claim 4 , further comprising upon determining that the area of the user work space already exists, prompting the user to give permission to establish the area in the work space for the third-party application. 6. The method of claim 1 , further comprising: revoking the access to the area in the work space when the user directs the cloud-based service to delete the area from the work space. 7. The method of claim 1 , wherein the request includes the consent of the user for the third-party application to access the area of the user work space without authentication credentials associated with the user in the cloud-based service. 8. The method of claim 1 , wherein the one or more servers restricts the user from modifying content in the area of the work space. 9. The method of claim 1 , wherein the third-party application includes a web-based application or a widget. 10. The method of claim 1 , wherein the cloud-based service includes one or more of a cloud-based collaboration service, a cloud-based storage service, or a cloud-based file sharing service. 11. A system for providing access to an area in a user work space of the cloud-based service to a third-party application associated with a user, the system comprising: one or more processors; and a memory coupled to the one or more processors, the memory having instructions stored thereon, which when executed by the one or more processors, cause the cloud-based system to: receive a request initiated by the third-party application, wherein the request includes a user identifier that uniquely identifies the user in the cloud-based service, wherein the user identifier does not include authentication credentials associated with the user in the cloud-based service and based on evaluation of the user identifier: verify that the third-party application has consent of the user to access the area of the user work space, wherein the area of the user work space is a subset area of the user work space exclusively accessible by the third-party application, and provide the third-party application with a token that allows the third-party application to exclusively access the area of the user work space without providing access to other areas of the user work space. 12. The system of claim 11 , wherein the instructions, when executed by the one or more processors, further cause the system to: grant the third-party application access to the area in the user work space of the cloud-based service. 13. The system of claim 12 , wherein the instructions, when executed by the one or more processors, further cause the system to: encrypt content in the area of the work space; and decrypt at least some of the content in the area of the work space in response to the third-party application presenting a valid token, wherein, when valid, the token is used by the third-party application to access content in the area of the work space. 14. The system of claim 11 , wherein the instructions, when executed by the one or more processors, further cause the system to: determine if the area of the user work space already exists; and upon determining that the area of the user work space does not exist, allot an amount of space on the system for the work space. 15. The system of claim 11 , wherein the instructions, when executed by the one or more processors, further cause the system to: upon determining that area of the user the work space already exists, prompt the user to give permission to establish the area in the work space for the third-party application. 16. The system of claim 15 , wherein the instructions, when executed by the one or more processors, further cause the system to: revoke the access to the area in the work space when the user directs the system to delete the area from the work space. 17. A non-transitory computer readable memory having instructions stored therein, which when executed by one or more processors of a system that provides a cloud-based service, cause the system to: process a request to access an area in a user work space of the cloud-based service, wherein the request is initiated by a third-party application and includes a user identifier that uniquely identifies the user in the cloud-based service, wherein the user identifier does not include authentication credentials associated with the user in the cloud-based service; and based on evaluation of the user identifier: verify that the third-party application has consent of the user to access to the user work space, wherein the area of the user work space is a subset area of the user work space exclusively accessible by the third-party application, provide the third-party application with a token that allows the third-party application to exclusively access the area of the user work space without providing access to other areas of the user work space, and grant, based on the token, the third-party application access to the area in the user work space of the cloud-based service. 18. The non-transitory computer-readable memory of claim 17 , wherein to grant the third-party application with access to the area in the work space of the cloud-based service, the instructions, when executed by the one or more processors, further cause the system to: encrypt content in the area of the work space; receive the token presented by the third-party application; verify that the token is valid; and upon verifying that the token is valid, decrypt at least some of the content in the area of the work space. 19. Th
Assignees
Inventors
Classifications
- G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Physics · mapped topic
Electricity · mapped topic
Protecting personal data, e.g. for financial or medical purposes · CPC title
for accessing specific resources, e.g. using Kerberos tickets · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9553758B2 cover?
- An example system and method comprises receiving a request from the third-party application, wherein the request includes a user identifier; allocating an area that is specific for the third-party application and for the user; and granting access of the area to the third-party application. In one embodiments, the method further comprises providing to the third-party application a token which al…
- Who is the assignee on this patent?
- Box Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6218. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 24 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).