Isolation of application-specific data within a user account
First Claim
1. In a computing system associating multiple applications with a same user account, a method for isolating data specific to a first application from a second application that share the same user account, the data being native to a central repository of application settings for applications sharing the same user account, the method comprising:
- loading the data native to the central repository of application settings, upon receiving a request for the data from the first application, from the central repository of application settings for applications sharing the same user account to a location specified by an access path;
creating a handle to the data native to the central repository of application settings, at the location specified by the access path;
passing the handle to the first application;
determining whether the data native to the central repository of application settings is designated as application-specific data for the first application that is inaccessible to other applications;
when it is determined that the data native to the central repository of application settings is designated as application-specific data for the first application, preventing creation of handles to the data other than the handle passed to the first application and denying one or more access requests that do not use the handle, from the second application sharing the same user account as the first application, for the data native to the central repository of application settings for applications sharing the same user account because the second application does not possess the handle, and;
when it is determined the data native to the central repository of application settings is not designated as application-specific data for the first application, allowing the one or more access requests for the data native to the central repository of application settings from the second application.
2 Assignments
0 Petitions
Accused Products
Abstract
A mechanism is provided for isolating application-specific data in an environment where multiple applications share a same user account. This mechanism enables data specific to an application to be accessed only by the application. When an application requests application-specific data, the data is loaded and a handle to the data is returned to the application. Access to the data is allowed only though the handle. Therefore, only the application possessing the handle can access the data. A counter may be associated with the loaded data. The counter'"'"'s value is incremented whenever a handle is created for the data and decremented whenever a handle for the data is terminated. When the value of the counter reaches zero, the data is automatically unloaded.
-
Citations
14 Claims
-
1. In a computing system associating multiple applications with a same user account, a method for isolating data specific to a first application from a second application that share the same user account, the data being native to a central repository of application settings for applications sharing the same user account, the method comprising:
-
loading the data native to the central repository of application settings, upon receiving a request for the data from the first application, from the central repository of application settings for applications sharing the same user account to a location specified by an access path; creating a handle to the data native to the central repository of application settings, at the location specified by the access path; passing the handle to the first application; determining whether the data native to the central repository of application settings is designated as application-specific data for the first application that is inaccessible to other applications; when it is determined that the data native to the central repository of application settings is designated as application-specific data for the first application, preventing creation of handles to the data other than the handle passed to the first application and denying one or more access requests that do not use the handle, from the second application sharing the same user account as the first application, for the data native to the central repository of application settings for applications sharing the same user account because the second application does not possess the handle, and; when it is determined the data native to the central repository of application settings is not designated as application-specific data for the first application, allowing the one or more access requests for the data native to the central repository of application settings from the second application. - View Dependent Claims (2, 3, 4, 5)
-
-
6. At least one computer-readable memory device encoded with a plurality of computer-executable instructions that, when executed, perform a method for providing application-specific data access in an environment where multiple applications share a same user account, the method comprising:
-
receiving an access request from a first computing process for data native to a central repository of application settings for applications sharing the same user account; based at least on information received with the access request, determining whether access to the data native to the central repository of application settings should be limited to the first computing process including at least determining whether the first computing process has exclusive access to the data as application-specific data that is inaccessible to other processes; and when it is determined that access should be limited, creating a handle through which the first computing process can exclusively access the data and denying access to the data native to the central repository of application settings to any other computing process sharing the same user account as the first computing process that does not possess the handle, such that the data native to the central repository of application settings for applications sharing the same user account can only be accessed by the first computing process through the handle; and when it is determined that access should not be limited, allowing multiple computing processes to share access to the data native to the central repository of application settings. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer-implemented method for isolating data specific to a first application from other applications sharing a same user account with the first application, the data native to a central repository of application settings for applications sharing the same user account, the method comprising:
-
upon receiving an access request from the first application for the data native to the central repository of application settings, loading the data native to the central repository of application settings from the central repository of application settings for applications sharing the same user account to a location specified by an access path; creating a handle to the data native to the central repository of application settings, at the location specified by the access path; passing the handle to the first application; based at least on information received with the access request, determining whether the data native to the central repository of application settings is designated as inaccessible to applications other than the first application; and when it is determined that the data native to the central repository of application settings is designated as inaccessible to applications other than the first application, preventing creation of handles to the data other than the handle passed to the first application and denying any access request, from the other applications sharing the same user account with the first application that does not possess the handle, for the data native to the central repository of application settings for applications sharing the same user account because the access requests do not use the handle and; when it is determined that the data native to the central repository of application settings is not designated as inaccessible to applications other than the first application, enabling creation of additional handles to the data other than the handle passed to the first application and allowing access requests to the data native to the central repository of application settings from the other applications through respective handles. - View Dependent Claims (12, 13, 14)
-
Specification