PROVIDING INTENT-BASED ACCESS TO USER-OWNED RESOURCES

US 20130205385A1
Filed: 02/08/2012
Published: 08/08/2013
Est. Priority Date: 02/08/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method, implemented by computing functionality, for granting an application access to a user-owned resource, comprising:

receiving an instruction to provide an intent-based access mechanism for use in interacting with the application, the intent-based access mechanism being associated with the user-owned resource;

activating a resource monitor which is associated with the intent-based access mechanism, the resource monitor mediating access the user-owned resource;

displaying an application user interface on a display mechanism of a user device;

receiving an indication that the user has invoked the intent-based access mechanism; and

in response to receiving the indication, granting the application access to the user-owned resource, based on knowledge that the intent-based access mechanism has received authentic user input,the application otherwise lacking rights to access user-owned resources in accordance with a least-privilege access paradigm,the intent-based access mechanism corresponding to either;

(a) a gadget;

or(b) logic for detecting a permission-granting input sequence, the permission-granting input sequence being made up of one or more triggering input events produced by the user using one or more input devices,the intent-based access mechanism further corresponding to either;

(a) a system-level intent-based access mechanism which provides access to a system-level resource;

or(b) an application-specific intent-based mechanism provided by a hosting application which provides access to an application-specific resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access system is described herein which allows an application to access a system-level and/or application-specific user-owned resource based on a user'"'"'s interaction with an intent-based access mechanism. For example, the intent-based access mechanism may correspond to a gadget that is embedded in an application user interface provided by the application, and/or logic for detecting a permission-granting input sequence. The access system accommodates different types of intent-based access mechanisms. One type is a scheduled intent-based access mechanism. Another type provides access to two or more user-owned resources. Further, the access system includes a mechanism for determining whether the application is permitted to use an intent-based access mechanism.

49 Citations

View as Search Results

20 Claims

1. A method, implemented by computing functionality, for granting an application access to a user-owned resource, comprising:
- receiving an instruction to provide an intent-based access mechanism for use in interacting with the application, the intent-based access mechanism being associated with the user-owned resource;
  
  activating a resource monitor which is associated with the intent-based access mechanism, the resource monitor mediating access the user-owned resource;
  
  displaying an application user interface on a display mechanism of a user device;
  
  receiving an indication that the user has invoked the intent-based access mechanism; and
  
  in response to receiving the indication, granting the application access to the user-owned resource, based on knowledge that the intent-based access mechanism has received authentic user input,the application otherwise lacking rights to access user-owned resources in accordance with a least-privilege access paradigm,the intent-based access mechanism corresponding to either;
  
  (a) a gadget;
  
  or(b) logic for detecting a permission-granting input sequence, the permission-granting input sequence being made up of one or more triggering input events produced by the user using one or more input devices,the intent-based access mechanism further corresponding to either;
  
  (a) a system-level intent-based access mechanism which provides access to a system-level resource;
  
  or(b) an application-specific intent-based mechanism provided by a hosting application which provides access to an application-specific resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the system-level resource comprises at least one of:
    - a physical device for capturing data;
      
      a physical device for receiving data;
      
      a virtual software-implemented resource; and
      
      a setting.
  - 3. The method of claim 1, wherein the application-specific resource comprises data or a service provided by the hosting application via an interface, and wherein the hosting application provides the intent-based access mechanism to ensure authentic interaction by the user with the interface.
  - 4. The method of claim 1, wherein the intent-based access mechanism is a composite intent-based access mechanism and the resource monitor is a composite resource monitor, and wherein the composite resource monitor mediates access to two or more user-owned resources via two or more respective component resource monitors.
  - 5. The method of claim 4, wherein the composite resource monitor sends an input event to said two or more component resource monitors when the user interacts with the composite intent-based access mechanism.
  - 6. The method of claim 1, wherein the resource monitor provides access to the user-owned resource for a duration of access corresponding to one of:
    - a single-transaction access;
      
      a session-based access; and
      
      a permanent, but revocable, access.
  - 7. The method of claim 1, wherein the resource monitor provides access to the user-owned resource based on at least one specified scheduling condition, wherein the resource monitor receives said at least one scheduling condition from the user via a scheduled intent-based access mechanism.
  - 8. The method of claim 1, further comprising responding to the instruction to provide the intent-based access mechanism by determining whether the application permits the intent-based access mechanism to be used by the application.
  - 9. The method of claim 8, wherein said determining comprises:
    - determining whether the application corresponds to a top-level application having a top-level application user interface which is not nested in a parent application user interface provided by a parent application; and
      
      if the application corresponds to a top-level application, then permitting the application to use the intent-based access mechanism.
  - 10. The method of claim 9, wherein, if the application does not correspond to a top-level application, then the application corresponds to a child application having a child application user interface that is nested in the parent application user interface, and the method further comprising:
    - checking whether the parent application permits the intent-based access mechanism to be used by the child application,if the parent application permits the intent-based access mechanism to be used by the child application, permitting the child application to use the intent-based access mechanism if the parent application is a top-level application, andif the parent application is not a top-level application, considering the parent application as a new child application and repeating said checking with respect to the parent of the new child application.
  - 11. The method of claim 1, wherein the intent-based access mechanism comprises a content-selection gadget, and wherein said granting comprises:
    - providing the content-selection gadget in response to activation of a content-picking gadget, the content-selection gadget displaying item information regarding data items hosted by one or more content-provider entities;
      
      receiving an indication that the user has selected at least one view item specified by the item information within the content-selection gadget; and
      
      granting the application access to at least one data item, said at least one data item corresponding, respectively, to said at least one view item that has been selected.
  - 12. The method of claim 11, wherein the content-selection gadget embeds at least one content-view gadget that is hosted by a corresponding content-provider entity using a corresponding content-view resource monitor, the content-view gadget conveying item information regarding data items that are provided by the content-provider entity.
  - 13. The method of claim 12, wherein the application receives said at least one data item without exposing said at least one data item to a resource monitor which provides the content-selection gadget.
  - 14. The method of claim 12, wherein the content-view resource monitor is isolated from a resource monitor which provides the content-selection gadget.

15. A computer readable storage medium for storing computer readable instructions, the computer readable instructions implementing a method when executed by one or more processing devices, the method comprising:
- presenting a content-selection gadget provided by a content-selection resource monitor,the content-selection gadget incorporating at least one content-view gadget that is hosted by a corresponding content-provider entity using a corresponding content-view resource monitor, the content-view gadget conveying item information regarding data items that are provided by the content-provider entity;
  
  receiving an indication that the user has selected at least one view item identified by the item information in the content-view gadget;
  
  in response to receiving the indication, obtaining at least one data item corresponding to said at least one view item that has been selected, from the content-provider entity; and
  
  providing said at least one data item to an application without exposing the said at least one data item to the content-selection resource monitor.
- View Dependent Claims (16, 17, 18)
- - 16. The computer readable storage medium of claim 15, wherein the item information provided by the content-view gadget identifies one or more files that are maintained by the content-provider entity.
  - 17. The computer readable storage medium of claim 15, wherein the item information provided by the content-view gadget identifies one or more user contacts that are maintained by the content-provider entity.
  - 18. The computer readable storage medium of claim 15, wherein the item information provided by the content-view gadget identifies search results from the content-provider entity, the search results matching a specified search term.

19. An access system, implemented by computing functionality, for granting an application access to a user-owned resource, comprising:
- logic configured to receive an instruction to activate an intent-based access mechanism for receiving authentic user input in a context of a specified application; and
  
  logic configured to inquire whether the specified application permits the intent-based access mechanism to be used in the context of the specified application,said logic configured to inquire receiving an affirmative response if;
  
  the specified application is a top-level application having a top-level application user interface that is not nested in a chain of one or more ancestor application user interfaces, provided by a corresponding chain of one or more ancestor applications;
  
  orthe specified application is a child application that has a child application user interface that is nested in the chain of one or more application user interfaces, and each ancestor application in the chain of one or more ancestor applications authorizes an intent-based access mechanism to be used in the context of its respective child application.
- View Dependent Claims (20)
- - 20. The access system of claim 19, wherein the intent-based access mechanism for receiving authentic user input comprises one of:
    - a gadget;
      
      orlogic for detecting a permission-granting input sequence that is made up of one or more triggering input events produced by the user using one or more input devices.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Roesner, Franziska, Kohno, Tadayoshi, Moshchuk, Alexander, Parno, Bryan J., Wang, Helen J.

Application Number

US13/368,334
Publication Number

US 20130205385A1
Time in Patent Office

Days
Field of Search
US Class Current

726/17
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2141   Access rights, e.g. capabil...

PROVIDING INTENT-BASED ACCESS TO USER-OWNED RESOURCES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PROVIDING INTENT-BASED ACCESS TO USER-OWNED RESOURCES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links