Cross-domain data sharing with permission control
First Claim
1. A method performed on an electronic device, the method comprising:
- executing a first clipboard agent in a first operating system (OS) domain of the electronic device, the first clipboard agent associated with a first clipboard service of the first OS domain;
coordinating between the first clipboard agent and a second clipboard agent of a second OS domain of the electronic device regarding clipboard commands in the first OS domain and the second OS domain;
mediating, at the first clipboard agent, cross-domain access to the first clipboard service based at least in part on permissions associated with the first OS domain;
receiving, at the first clipboard agent, a clipboard request from a first application in the first OS domain requesting to retrieve content from the first clipboard service;
determining that the second OS domain has most recently processed a store command associated with storing the content in a corresponding clipboard service of the first and second OS domains; and
sending a cross-domain request to the second clipboard agent to request the content from a second clipboard service in the second OS domain,wherein the first clipboard agent and the second clipboard agent separately enforce security parameters to limit access to content stored in the first clipboard service and the second clipboard service, respectively, the security parameters comprising at least one of;
one or more keyword-based permissions specifying that access to content from the first or second clipboard service is restricted to content that does not contain one or more specific keywords;
one or more time-specific permissions specifying that access to content from the first or second clipboard service is restricted to one or more specific days and/or times of the day;
orone or more location-specific permissions specifying that access to content stored in the first or second clipboard service is restricted to when the electronic device is at one or more specific locations.
8 Assignments
0 Petitions
Accused Products
Abstract
An electronic device may maintain separate OS domains associated with security permissions. The OS domain may implement separate corresponding clipboard services. A clipboard agent or clipboard mediator service may receive a clipboard data request from a first application. The clipboard agent may determine which OS domain has most recently processed a store command associated with storing data in a corresponding clipboard service of the OS domain. The clipboard agent associated with the OS domain that most recently stored content may determine whether to send the data from the corresponding clipboard service based at least in part on permissions associated with the OS domain. Security of the clipboard access may be enforced on a per domain basis. Access to clipboard content may be mediated at the time of the request without a need to share data prior to the request.
12 Citations
27 Claims
-
1. A method performed on an electronic device, the method comprising:
-
executing a first clipboard agent in a first operating system (OS) domain of the electronic device, the first clipboard agent associated with a first clipboard service of the first OS domain; coordinating between the first clipboard agent and a second clipboard agent of a second OS domain of the electronic device regarding clipboard commands in the first OS domain and the second OS domain; mediating, at the first clipboard agent, cross-domain access to the first clipboard service based at least in part on permissions associated with the first OS domain; receiving, at the first clipboard agent, a clipboard request from a first application in the first OS domain requesting to retrieve content from the first clipboard service; determining that the second OS domain has most recently processed a store command associated with storing the content in a corresponding clipboard service of the first and second OS domains; and sending a cross-domain request to the second clipboard agent to request the content from a second clipboard service in the second OS domain, wherein the first clipboard agent and the second clipboard agent separately enforce security parameters to limit access to content stored in the first clipboard service and the second clipboard service, respectively, the security parameters comprising at least one of; one or more keyword-based permissions specifying that access to content from the first or second clipboard service is restricted to content that does not contain one or more specific keywords; one or more time-specific permissions specifying that access to content from the first or second clipboard service is restricted to one or more specific days and/or times of the day;
orone or more location-specific permissions specifying that access to content stored in the first or second clipboard service is restricted to when the electronic device is at one or more specific locations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An electronic device, comprising:
-
one or more processors; and one or more memory units configured to store instructions, which when executed by at least one of the one or more processors, cause the electronic device to, execute a first clipboard agent in a first operating system (OS) domain of the electronic device, the first clipboard agent associated with a first clipboard service of the first OS domain, coordinate between the first clipboard agent and a second clipboard agent of a second OS domain of the electronic device regarding clipboard commands in the first OS domain and the second OS domain, mediate, at the first clipboard agent, cross-domain access to the first clipboard service based at least in part on permissions associated with the first OS domain, receive, at the first clipboard agent, a clipboard request from a first application in the first OS domain requesting to retrieve content from the first clipboard service, determine that the second OS domain has most recently processed a store command associated with storing the content in a corresponding clipboard service of the first and second OS domains, and send a cross-domain request to the second clipboard agent to request the content from a second clipboard service in the second OS domain, wherein the first clipboard agent and the second clipboard agent separately enforce security parameters to limit access to content stored in the first clipboard service and the second clipboard service, respectively, the security parameters comprising at least one of; one or more keyword-based permissions specifying that access to content from the first or second clipboard service is restricted to content that does not contain one or more specific keywords; one or more time-specific permissions specifying that access to content from the first or second clipboard service is restricted to one or more specific days and/or times of the day;
orone or more location-specific permissions specifying that access to content stored in the first or second clipboard service is restricted to when the electronic device is at one or more specific locations. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 27)
-
-
23. A non-transitory machine readable medium having stored thereon executable instructions for causing one or more processors to perform operations comprising:
-
executing a first clipboard agent in a first operating system (OS) domain of an electronic device, the first clipboard agent associated with a first clipboard service of the first OS domain; coordinating between the first clipboard agent and a second clipboard agent of a second OS domain of the electronic device regarding clipboard commands in the first OS domain and the second OS domain; mediating, at the first clipboard agent, cross-domain access to the first clipboard service based at least in part on permissions associated with the first OS domain; receiving, at the first clipboard agent, a clipboard request from a first application in the first OS domain requesting to retrieve content from the first clipboard service; determining that the second OS domain has most recently processed a store command associated with storing the content in a corresponding clipboard service of the first and second OS domains; and sending a cross-domain request to the second clipboard agent to request the content from a second clipboard service in the second OS domain, wherein the first clipboard agent and the second clipboard agent separately enforce security parameters to limit access to content stored in the first clipboard service and the second clipboard service, respectively, the security parameters comprising at least one of; one or more keyword-based permissions specifying that access to content from the first or second clipboard service is restricted to content that does not contain one or more specific keywords; one or more time-specific permissions specifying that access to content from the first or second clipboard service is restricted to one or more specific days and/or times of the day;
orone or more location-specific permissions specifying that access to content stored in the first or second clipboard service is restricted to when the electronic device is at one or more specific locations. - View Dependent Claims (24, 25, 26)
-
Specification