SECURITY MODEL FOR LIVE APPLICATIONS IN A CLOUD COLLABORATION PLATFORM
First Claim
1. A computer-implemented method, comprising:
- instantiating, by a cloud collaboration platform, a live application comprising a type and a developer in a document in the cloud collaboration platform within a frame;
associating, by the cloud collaboration platform, the live application with a subdomain based on the type and the developer; and
serving, by the cloud collaboration platform, the frame from a different domain than the document, wherein the different domain includes the subdomain;
wherein the instantiating, associating, and serving are performed by one or more computers.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein are system, method, and computer program product embodiments for providing a security model to customizable live applications in a cloud collaboration platform. The security approach may dedicate a frame to each live application, serving the frame from a different domain than a document in which the live application is embedded. This approach ensures that more stringent security requirements may be required of the live application and allows the data presented to the live application to be narrowly tailored. The security model may further leverage sandbox attributes and content-security policies to restrict the behavior of sandboxed and non-sandboxed live applications in accordance with best security practices.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
instantiating, by a cloud collaboration platform, a live application comprising a type and a developer in a document in the cloud collaboration platform within a frame; associating, by the cloud collaboration platform, the live application with a subdomain based on the type and the developer; and serving, by the cloud collaboration platform, the frame from a different domain than the document, wherein the different domain includes the subdomain; wherein the instantiating, associating, and serving are performed by one or more computers. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
-
a memory; and at least one processor coupled to the memory and configured to; instantiate a live application comprising a type and a developer in a document in a cloud collaboration platform within a frame; associate the live application with a subdomain based on the type and the developer; and serve the frame from a different domain than the document, wherein the different domain includes the subdomain. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A non-transitory computer-readable device having instructions stored thereon that, when executed by at least one computing device, causes the at least one computing device to perform operations comprising:
-
instantiating a live application comprising a type and a developer in a document in a cloud collaboration platform within a frame; associating the live application with a subdomain based on the type and the developer; and serving the frame from a different domain than the document, wherein the different domain includes the subdomain. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification