Kernel event triggers for content item security

US 10,579,443 B2
Filed: 03/31/2017
Issued: 03/03/2020
Est. Priority Date: 12/27/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

interrupting a kernel level file open event for a content item having at least a portion of the content item locally stored on a client device running the kernel, the at least the portion of the content item being locally stored on the client device is stored with digital rights management (DRM) data;

in response to the interrupting the kernel level file event, accessing the DRM data, wherein a synchronized copy of the at least the portion of the content item exists at a content management system server, the DRM data referencing a DRM server;

communicating with the DRM server according to the DRM data to download content item access instructions; and

opening the at least the portion of content item according to the content item access instructions.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present technology pertains to responding to a kernel level file event for a content item and presenting a file event window associated with the content item. A client device can detect the kernel level file event for the content item. This can be accomplished using a kernel extension on a client device that is networked with a content management system. The client device can then retrieve data associated with the content item, including an instruction for the content item. The client device can then perform the instruction. This instruction can be to retrieve collaboration data from the content management system and present the collaboration data in a file event window.

Citations

20 Claims

1. A computer-implemented method comprising:
- interrupting a kernel level file open event for a content item having at least a portion of the content item locally stored on a client device running the kernel, the at least the portion of the content item being locally stored on the client device is stored with digital rights management (DRM) data;
  
  in response to the interrupting the kernel level file event, accessing the DRM data, wherein a synchronized copy of the at least the portion of the content item exists at a content management system server, the DRM data referencing a DRM server;
  
  communicating with the DRM server according to the DRM data to download content item access instructions; and
  
  opening the at least the portion of content item according to the content item access instructions.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The computer-implemented method of claim 1, wherein the at least the portion of the content item is a stub that appears to an operating system on the client device as a complete content item while being a placeholder for the complete content item, the complete content item stored at a content management system connected to the client device by a network, and the DRM data including a reference to an address of the complete content item.
  - 3. The computer-implemented method of claim 2, further comprising:
    - retrieving the content item from the server; and
      
      preventing the content item stub from being accessed by a process operating on the client device.
  - 4. The computer-implemented method of claim 2, further comprising:
    - detecting the kernel level file event by a kernel extension of a content management system client application, the kernel level file event is associated with a process operating on the client device;
      
      wherein opening the at least the portion of the content item according to the access instruction further includes;
      
      opening the content item in a web browser when download of the content item to the client device is restricted.
  - 5. The computer-implemented method of claim 1, further comprising:
    - detecting the kernel level file event by a kernel extension of a content management system client application, the kernel level file event is associated with a process operating on the client device;
      
      wherein opening the at least the portion of the content item according to the access instruction further includes;
      
      validating credentials to confirm access rights to the at least the portion of the content item.
  - 6. The computer-implemented method of claim 1, wherein the at least the portion of the content item is a redacted version of the content item, a complete version of the content item is stored at a content management system connected to the client device by a network, and the DRM data including a reference to the address of the complete content item.
  - 7. The computer-implemented method of claim 1, wherein opening the at least the portion of the content item according to the content item access instructions includes:
    - redacting a portion of the content item.

8. A system comprising:
- a digital rights management (DRM) server;
  
  a client device including an operating system kernel, at least one storage storing a content management system client application and storing at least a portion of a content item with digital rights management (DRM) data, wherein a synchronized copy of the at least the portion of the content item exists at a content management system server, wherein the content management system client application is configured to;
  
  detect that an application executing on the client device is attempting to access the at least the portion of the content item locally stored in the at least one storage;
  
  in response to the detection that the application executing on the client device is attempting to access the at least the portion of the content item, interrupt a kernel level file open event for the content item having the at least the portion of the content item locally stored on a client device, the client device running the operating system kernel;
  
  communicate with the DRM server according to the DRM data to download content item access instructions; and
  
  open the content item according to the content item access instructions.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the at least the portion of the content item locally stored in the at least one storage is a stub that appears to the operating system on the client device as a complete content item while being a placeholder for the complete content item, the system comprising:
    - a content management system server configured to store the complete content item, the content management system server being connected to the client device by a network, and the DRM data including a reference to an address of the complete content item at the content management system server.
  - 10. The system of claim 9, wherein the client device includes a kernel extension of the content management system client application, the kernel extension configured to detect the attempt to access the at least the portion of the content item as the kernel level file open event, the kernel level file open event is associated with a process operating on the client device;
    - andwherein the opening the at least the portion of the content item according to the access instruction further includes;
      
      retrieving the content item from the content management system server; and
      
      preventing the content item stub from being accessed by the process operating on the client device.
  - 11. The system of claim 9, wherein the client device includes a kernel extension of the content management system client application, the kernel extension configured to detect the attempt to access the at least the portion of the content item as the kernel level file event, the kernel level file event is associated with a process operating on the client device;
    - andwherein opening the content item according to the access instruction further includes opening the content item in a web browser when download of the content item to the client device is restricted.
  - 12. The system of claim 8, wherein the client device includes a kernel extension of the content management system client application, the kernel extension configured to detect the attempt to access the at least the portion of the content item as the kernel level file event, the kernel level file event is associated with a process operating on the client device;
    - wherein opening the at least the portion of the content item according to the access instruction further includes;
      
      validating credentials to confirm access rights to the content item.
  - 13. The system of claim 8, wherein the at least the portion of the content item is a redacted version of the content item, a complete version of the content item is stored at a content management system connected to the client device by a network, and the DRM data including a reference to the address of the complete content item.
  - 14. The system of claim 8, wherein opening the at least the portion of the content item according to the content item access instructions includes:
    - redacting a portion of the content item.

15. A non-transitory computer-readable medium comprising instructions stored thereon, the instructions are effective for causing a computing device to:
- interrupt a kernel level file open event for a content item having at least a portion of the content item locally stored on a client device running the kernel, the at least the portion of the content item being locally stored on the client device is stored with digital rights management (DRM) data;
  
  in response to the interrupting the kernel level file event, access the DRM data, wherein a synchronized copy of the content item exists at a content management system server, the at least the portion of the content item being locally stored on the client device is stored with digital rights management (DRM) data, the DRM data referencing a DRM server;
  
  communicate with the DRM server according to the DRM data to download content item access instructions; and
  
  open the at least the portion of content item according to the content item access instructions.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the at least the portion of the content item is a stub that appears to an operating system on the client device as a complete content item while being a placeholder for the complete content item, the complete content item stored at a content management system connected to the client device by a network, and the DRM data including a reference to an address of the complete content item.
  - 17. The non-transitory computer-readable medium of claim 16, instructions are effective for causing a computing device to:
    - retrieving the content item from the server; and
      
      preventing the content item stub from being accessed by a process operating on the client device.
  - 18. The non-transitory computer-readable medium of claim 16, instructions are effective for causing a computing device to:
    - detect the kernel level file event by a kernel extension of a content management system client application, the kernel level file event is associated with a process operating on the client device;
      
      wherein opening the at least the portion of the content item according to the access instruction further includes;
      
      opening the content item in a web browser when download of the content item to the client device is restricted.
  - 19. The non-transitory computer-readable medium of claim 15, instructions are effective for causing a computing device to:
    - detect the kernel level file event by a kernel extension of a content management system client application, the kernel level file event is associated with a process operating on the client device;
      
      wherein opening the at least the portion of the content item according to the access instruction further includes;
      
      validating credentials to confirm access rights to the content item.
  - 20. The non-transitory computer-readable medium of claim 15, wherein the at least the portion of the content item is a redacted version of the content item, a complete version of the content item is stored at a content management system connected to the client device by a network, and the DRM data including a reference to the address of the complete content item.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dropbox, Inc.
Original Assignee
Dropbox, Inc.
Inventors
von Muhlen, Marcio, Valloppillil, Vinod, Bunger, Nils
Primary Examiner(s)
Shehni, Ghazal B

Application Number

US15/476,059
Publication Number

US 20180181723A1
Time in Patent Office

1,068 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/00   Information retrieval; Data...

G06F 16/13   File access structures, e.g...

G06F 16/1774   Locking methods, e.g. locki...

G06F 16/1794   Details of file format conv...

G06F 16/183   Provision of network file s...

G06F 16/1873   Versioning file systems, te...

G06F 21/1011   to devices

G06F 21/6218   to a system of files or obj...

G06F 2209/542   Intercept

G06F 3/0482   Interaction with lists of s...

G06F 40/169   Annotation, e.g. comment da...

G06F 9/542   Event management; Broadcast...

G06F 9/545   where tasks reside in diffe...

G06Q 10/06   Resources, workflows, human...

G06Q 10/0631   Resource planning, allocati...

G06Q 10/10   Office automation; Time man...

G06Q 10/101   Collaborative creation, e.g...

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/06   specially adapted for file ...

H04L 69/30 : Definitions, standards or a...

H04L 69/321 : Interlayer communication pr...

View All

Kernel event triggers for content item security

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Kernel event triggers for content item security

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links