USER-DRIVEN ACCESS CONTROL
First Claim
1. A method, implemented by computing functionality, for granting an application module access to a user-owned resource, comprising:
- receiving an instruction to embed a gadget within an application user interface, the application module controlling the application user interface, and the gadget being associated with the user-owned resource;
associating the gadget with a provider module, the provider module controlling the gadget;
displaying the application user interface and the gadget to a user on a display mechanism of a user device, the gadget being embedded as an integral part of the application user interface;
receiving an indication that the user has interacted with the gadget; and
in response to receiving the indication, granting the application module access to the user-owned resource,the application module otherwise lacking rights to access user-owned resources in accordance with a least-privilege access paradigm.
2 Assignments
0 Petitions
Accused Products
Abstract
An access system is described herein which allows an application module to access a user-owned resource based on an indication of a user'"'"'s intent to interact with the user-owned resource. For example, the application module can provide an application user interface which embeds a gadget associated with a particular user-owned resource. The access system can interpret the user'"'"'s interaction with the gadget as conferring implicit permission to the application module to access the user-owned resource associated with the gadget. In addition, or alternatively, the user may make a telltale gesture in the course of interacting with the application module. The access system can interpret this gesture as conferring implicit permission to the application module to access a user-owned resource that is associated with the gesture.
-
Citations
20 Claims
-
1. A method, implemented by computing functionality, for granting an application module access to a user-owned resource, comprising:
-
receiving an instruction to embed a gadget within an application user interface, the application module controlling the application user interface, and the gadget being associated with the user-owned resource; associating the gadget with a provider module, the provider module controlling the gadget; displaying the application user interface and the gadget to a user on a display mechanism of a user device, the gadget being embedded as an integral part of the application user interface; receiving an indication that the user has interacted with the gadget; and in response to receiving the indication, granting the application module access to the user-owned resource, the application module otherwise lacking rights to access user-owned resources in accordance with a least-privilege access paradigm. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A physical and tangible computer readable storage medium for storing computer readable instructions, the computer readable instructions implementing a method when executed by one or more processing devices, the method comprising:
-
presenting a first gadget, embedded within an application user interface, to a user, the first gadget being controlled by a provider module, and the application user interface being controlled by an application module; receiving an indication that the user has interacted with the first gadget; in response to said receiving, obtaining one or more view items associated with one or more respective data items from at least one source entity; presenting said one or more view items using a second gadget, the second gadget being embedded within the application user interface, the second gadget being controlled by the provider module; receiving an indication that the user has interacted with the second gadget by selecting at least one view item that is presented by the second gadget; in response to receiving the indication that the user has interacted with the second gadget, obtaining at least one data item which is associated with said at least one view item that has been selected; and providing said at least one data item to the application module. - View Dependent Claims (13, 14)
-
-
15. An access system, implemented by computing functionality, for granting an application module access to a user-owned resource, comprising:
-
an application module configured to control an application user interface, the access system isolating the application module from other application modules that are executable on the access system; a provider module configured to control a gadget that forms an integral part of the application user interface, the gadget being presented at a location within the application user interface that is specified by the application module; a user-owned resource associated with the provider module; an operating system which, together with the provider module, enables the application module to access the user-owned resource; an interaction detection module configured to detect when a user interacts with the gadget, to provide an indication; and an access action module configured to respond to the indication by granting the application module access to the user-owned resource, while otherwise restricting access by the application module to user-owned resources, based on a least-privilege access paradigm. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification