On-demand database service system, method and computer program product for conditionally allowing an application of an entity access to data of another entity
First Claim
Patent Images
1. A method, comprising:
- responsive to determining that first entity that is a user of a database service is authorized to obtain a package that includes an application of a second entity, a computer system installing the package;
extracting, by the computer system, one or more profiles from the package, wherein a first profile of the one or more profiles specifies a plurality of limitations on the application'"'"'s access to data of the first entity within the database service, including actions that may be performed on the data by the application;
responsive to an acceptance of the plurality of limitations of the first profile by the first entity, the computer system permitting the application to access data of the first entity within the database service according to the plurality of limitations of the first profile;
receiving, at the computer system, an upgrade to the package, wherein the upgrade pertains to the application and includes a modification to the first profile that includes a different set of limitations indicating an updated level of access to data of the first entity, including removal of a subset of the plurality of limitations; and
responsive to an acceptance of the upgrade, the computer system permitting the application to access data of the first entity within the database service according to the modified first profile.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with embodiments, there are provided mechanisms and methods for conditionally allowing an application of an entity access to data of another entity in an on-demand database service. These mechanisms and methods for conditionally allowing an application of an entity access to data of another entity in an on-demand database service can enable embodiments to limit such access to the data, as desired. Furthermore, embodiments of such mechanisms and methods may provide additional security when sharing data among different subscribers to an on-demand database service.
-
Citations
17 Claims
-
1. A method, comprising:
-
responsive to determining that first entity that is a user of a database service is authorized to obtain a package that includes an application of a second entity, a computer system installing the package; extracting, by the computer system, one or more profiles from the package, wherein a first profile of the one or more profiles specifies a plurality of limitations on the application'"'"'s access to data of the first entity within the database service, including actions that may be performed on the data by the application; responsive to an acceptance of the plurality of limitations of the first profile by the first entity, the computer system permitting the application to access data of the first entity within the database service according to the plurality of limitations of the first profile; receiving, at the computer system, an upgrade to the package, wherein the upgrade pertains to the application and includes a modification to the first profile that includes a different set of limitations indicating an updated level of access to data of the first entity, including removal of a subset of the plurality of limitations; and responsive to an acceptance of the upgrade, the computer system permitting the application to access data of the first entity within the database service according to the modified first profile. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A non-transitory computer-readable medium having instructions stored thereon executable by a computing device to perform operations comprising:
-
responsive to determining that a first entity is authorized to obtain a package that includes an application of a second entity, installing the package, wherein the first entity is a user of a database service, wherein the package further includes one or more profiles, wherein a first profile of the one or more profiles specifies a plurality of limitations on the application'"'"'s access to data of the first entity within the database service, including actions that may be performed on the data by the application; extracting the one or more profiles from the package; responsive to an acceptance of the plurality of limitations of the first profile by the first entity, permitting the application to access data of the first entity within the database service according to the plurality of limitations of the first profile; receiving an upgrade to the package, wherein the upgrade pertains to the application and includes a modification to the first profile that includes a different set of limitations indicating an updated level of access to data of the first entity, including removal of a subset of the plurality of limitations; and responsive to an acceptance of the upgrade, permitting the application to access data of the first entity within the database service according to the modified first profile. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable medium having instructions stored thereon executable by a computing device to perform operations comprising:
-
submitting authentication information of a first entity to a database service; in response to submitting the authentication information, receiving a package that includes an application of a second entity and one or more profiles; installing the package on the computing device; extracting the one or more profiles from the package, wherein a first profile of the one or more profiles specifies a plurality of limitations on the application'"'"'s access to data of the first entity within the database service, including actions that may be performed on the data by the application; responsive to an acceptance of the plurality of limitations of the first profile by the first entity, permitting the application to access data of the first entity within the database service according to the plurality of limitations of the first profile; receiving an upgrade to the package, wherein the upgrade pertains to the application and includes a modification to the first profile that includes a different set of limitations indicating an updated level of access to data of the first entity, including removal of a subset of the plurality of limitations; and responsive to an acceptance of the upgrade, permitting the application to access data of the first entity within the database service according to the modified first profile. - View Dependent Claims (13, 14, 15, 16, 17)
-
Specification