SELECTIVE FILE ACCESS FOR APPLICATIONS
First Claim
1. A method in a computing device, comprising:
- installing an application in the computing device;
receiving an application manifest associated with the application, the application manifest indicating one or more file types that the application is allowed to access; and
registering the one or more file types in a location accessible by a broker service, the broker service being configured to limit access by the application to files of the registered one or more file types.
2 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer program products are provided for enabling selective file system access by applications. An application is installed in a computing device. An application manifest associated with the application is received. The application manifest indicates one or more file types that the application is allowed to access. The indicated file type(s) are registered in a location accessible by a broker service. The application is launched as an application process. The application process is isolated in an application container. The application container prevents direct access by the application process to file system data. An access request related to first data of the file system data is received at the broker service from the application process. Access by the application process to the first data is enabled when the broker service determines that a file type of the first data is included in the registered file type(s).
-
Citations
20 Claims
-
1. A method in a computing device, comprising:
-
installing an application in the computing device; receiving an application manifest associated with the application, the application manifest indicating one or more file types that the application is allowed to access; and registering the one or more file types in a location accessible by a broker service, the broker service being configured to limit access by the application to files of the registered one or more file types. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method in a broker service operating in a computing device, comprising:
-
receiving an access request related to first data of a file system containing data from an application process, the application process being a launched version of an application, the application process residing in an application container that prevents direct access by the application process to the file system; and enabling access by the application process to the first data when the broker service determines that a file type of the first data is included in one or more file types registered for the application as file types that the application is allowed to access. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A computing device, comprising:
-
storage that stores an application installed in the computing device and an application manifest associated with the application, the application manifest indicating one or more file types that the application is allowed to access; and a processing logic that includes a broker service and registers the one or more file types indicated by the application manifest in a location accessible by the broker service, the broker service being configured to limit access by the application to files of the registered one or more file types. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification