File system access for one or more sandboxed applications
First Claim
1. A non-transitory machine-readable medium storing instructions which, when executed by one or more processors, cause the one or more processors to perform operations comprising:
- receiving a selection of a resource managed by a restricted operating environment;
requesting from a resource manager of the restricted operating environment, in response to the selection, a location identifier associated with the resource;
receiving, in response to the request, a bookmark and a digest, wherein the digest is a cryptographically derived version of the bookmark and the bookmark is to enable retrieval of the resource on a storage device; and
storing the bookmark and the digest in the restricted operating environment to indicate trust of the resource.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and machine-readable storage medium are described wherein identifiers are used to allow access to files or folders in a restricted operating environment. One embodiment provides a process comprising receiving a selection of a resource managed by a restricted operating environment; requesting from a resource manager of the restricted operating environment, in response to the selection, a location identifier associated with the resource; receiving, in response to the request, a bookmark and a digest, wherein the digest is a cryptographically derived version of the bookmark and the bookmark is to enable retrieval of the resource on a storage device; and storing the bookmark and the digest in the restricted operating environment to indicate trust of the resource.
26 Citations
20 Claims
-
1. A non-transitory machine-readable medium storing instructions which, when executed by one or more processors, cause the one or more processors to perform operations comprising:
-
receiving a selection of a resource managed by a restricted operating environment; requesting from a resource manager of the restricted operating environment, in response to the selection, a location identifier associated with the resource; receiving, in response to the request, a bookmark and a digest, wherein the digest is a cryptographically derived version of the bookmark and the bookmark is to enable retrieval of the resource on a storage device; and storing the bookmark and the digest in the restricted operating environment to indicate trust of the resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system to provide a restricted operating environment for managing access to a resource on a computing device, the system comprising:
-
memory to store instructions and resources; a storage device coupled to the memory; and one or more processors coupled to the memory and the storage device, the one or more processors to; execute instructions stored in the memory to create the restricted operating environment for managing access to the resource by an application, wherein the resource is outside of the restricted operating environment and the restricted operating environment couples with a resource manager, the resource manager to receive a request from the application for a location identifier to access the resource, the request associated with an interaction that indicates trustworthiness of the resource; generate a location identifier to indicate trust of the resource, the location identifier including a bookmark and a digest; and transmit the location identifier to the application, the location identifier to enable the application to retrieve the resource. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A computing device comprising:
-
memory to store instructions; and one or more processors to execute instructions to provide a restricted operating environment for managing access to a resource stored outside of the restricted operating environment, the instructions to cause the one or more processors to perform operations to; receive a first request to provide a location identifier associated with the resource, the resource representing a collection of one or more selected files or folders; verify that the first request is entitled to access the resource; create a randomized secret key and attach the secret key to the resource; create a first keyed hash of a uniform resource locator (URL) of the resource using the secret key; and return the location identifier associated with the resource, the location identifier including the URL and the first keyed hash, the location identifier to indicate trust of the resource and to provide persistent access to the collection represented by the resource. - View Dependent Claims (18, 19, 20)
-
Specification