Advanced security protocol for broadcasting and synchronizing shared folders over local area network
First Claim
1. A computer-implemented method comprising:
- receiving, at a first application associated with a content management system on a first client device and a second application associated with the content management system on at least one second client device, from the content management system, a shared secret key generated at the content management system for a shared folder and a corresponding namespace identifier;
generating, via at least one processor of the first client device, a secure identifier based on the shared secret key and namespace identifier and further based on a cryptographic nonce that is uniquely generated for an announcement message;
broadcasting, by the first application associated with the content management system on the first client device, the announcement message comprising the secure identifier and the cryptographic nonce to the second application associated with the content management system on the at least one second client device;
receiving the announcement message at the second application associated with the content management system on the at least one second client device;
determining, based on the received announcement message, that the shared folder is associated with the at least one second client device based on the generated secure identifier,establishing a connection over a local area network between the first application associated with the content management system on the first client device and the second application associated with the content management system on the at least one second client device; and
synchronizing at least one content item in the shared folder between the first client device and the at least one second client device over the connection.
4 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and manufacture for securely broadcasting shared folders from one client device to other client devices and synchronizing the shared folders over a local area network. A first client device, associated with a content management system, generates a secure identifier for a shared folder, using a shared secret key that is associated with the shared folder. The first client device announces the secure identifier over a local area network to other client devices on the local area network including a second client device. The first client device receives a synchronization request for the shared folder from the second client device. After authenticating, using the shared secret key, that the second client device has authorization to access the shared folder, the first client device synchronizes the shared folder with the second client device over the local area network.
96 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving, at a first application associated with a content management system on a first client device and a second application associated with the content management system on at least one second client device, from the content management system, a shared secret key generated at the content management system for a shared folder and a corresponding namespace identifier; generating, via at least one processor of the first client device, a secure identifier based on the shared secret key and namespace identifier and further based on a cryptographic nonce that is uniquely generated for an announcement message; broadcasting, by the first application associated with the content management system on the first client device, the announcement message comprising the secure identifier and the cryptographic nonce to the second application associated with the content management system on the at least one second client device; receiving the announcement message at the second application associated with the content management system on the at least one second client device; determining, based on the received announcement message, that the shared folder is associated with the at least one second client device based on the generated secure identifier, establishing a connection over a local area network between the first application associated with the content management system on the first client device and the second application associated with the content management system on the at least one second client device; and synchronizing at least one content item in the shared folder between the first client device and the at least one second client device over the connection. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable medium storing computer executable instructions for causing a computer to perform a method comprising:
-
receiving, at first application associated with a content management system on a first client device and a second application associated with the content management system on at least one second client device, from the content management system, a shared folder having a folder identifier and a shared secret key generated at the content management system for the shared folder; receiving, at the first application associated with the content management system on the first client device, a first secure identifier associated with the shared folder from the second application associated with the content management system on the at least one second client device; generating, at the first application associated with the content management system on first client device, a second secure identifier associated with the shared folder based on the shared secret key; and when the first secure identifier matches the second secure identifier, associating the folder identifier with the at least one second client device; establishing a connection over a local area network between the first application associated with the content management system on the first client device and the second application associated with the content management system on the at least one second client device; and synchronizing at least one content item in the shared folder between the first client device and the at least one second client device over the connection. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A manufacture comprising:
-
a non-transitory computer-readable medium; and computer-readable instructions, stored on the non-transitory computer-readable medium, that when executed are effective to cause an application associated with a content management system on a computer to; generate, at a first application associated with the content management system on a first client device, a secure identifier for a shared folder, based on a shared secret key generated at the content management system for the shared folder and further based on a cryptographic nonce that is uniquely generated for an announcement message; broadcast by the first application associated with the content management system on the first client device the secure identifier to a second application associated with the content management system on at least one second client device using the announcement message; receive a synchronization request for the shared folder from the second application associated with the content management system on the at least one second client device; establish a connection over a local area network between the first application associated with the content management system on the first client device and the second application associated with the content management system on the at least one second client device; and in response to authenticating, using the shared secret key, that the second client device has authorization to access the shared folder, synchronize the shared folder with the second client device over the local area network. - View Dependent Claims (17, 18, 19, 20)
-
Specification