Systems and methods for securely submitting comments among users via external messaging applications in a cloud-based platform

US 9,712,510 B2
Filed: 07/08/2013
Issued: 07/18/2017
Est. Priority Date: 07/06/2012
Status: Active Grant

First Claim

Patent Images

1. A method of facilitating secure commenting on content items among collaborators via external messaging applications in a collaborative cloud-based environment, the method comprising:

sending a notification associated with a content item to a collaborator via an external messaging application, wherein the notification includes a message and a message authentication code, the message authentication code generated as a function of the message and to be used to verify the integrity of the message when a response to the notification is received, wherein the message includes one or more of a user identifier associated with the collaborator, an item identifier associated with the content item, or a timestamp;

receiving a response to the notification from the collaborator via the external messaging application, wherein the response includes a text-based comment associated with the content item, the message and the message authentication code; and

determining a validity of the response by verifying the integrity of the message using the message authentication code by;

extracting and decoding a response header from the response, the response header including the message and the message authentication code,descrambling the response header using an encryption key to identify the message and the message authentication code,extracting the message and generating a new message authentication code based on the message using an integrity key, andcomparing the message authentication code to the new message authentication code to verify the integrity of the message.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are disclosed for facilitating secure commenting on content items among collaborators via external messaging applications in a collaborative cloud-based environment. In one embodiment, the system receives a response to a notification associated with a content item from a collaborator via an external messaging application. The response can include a text-based comment associated with the content item and secure message information provided by the notification including a message and a message authentication code. The system then determines a validity of the response. The validity of the response can include verifying the integrity of the message using the message authentication code.

Citations

28 Claims

1. A method of facilitating secure commenting on content items among collaborators via external messaging applications in a collaborative cloud-based environment, the method comprising:
- sending a notification associated with a content item to a collaborator via an external messaging application, wherein the notification includes a message and a message authentication code, the message authentication code generated as a function of the message and to be used to verify the integrity of the message when a response to the notification is received, wherein the message includes one or more of a user identifier associated with the collaborator, an item identifier associated with the content item, or a timestamp;
  
  receiving a response to the notification from the collaborator via the external messaging application, wherein the response includes a text-based comment associated with the content item, the message and the message authentication code; and
  
  determining a validity of the response by verifying the integrity of the message using the message authentication code by;
  
  extracting and decoding a response header from the response, the response header including the message and the message authentication code,descrambling the response header using an encryption key to identify the message and the message authentication code,extracting the message and generating a new message authentication code based on the message using an integrity key, andcomparing the message authentication code to the new message authentication code to verify the integrity of the message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, further comprising:
    - submitting the text-based comment associated with the content item in the cloud-based environment if the response is valid.
  - 3. The method of claim 1,wherein the integrity of the message is verified if the new authentication code is the same as the message authentication code.
  - 4. The method of claim 1, further comprising:
    - receiving a notification trigger;
      
      determining a user identifier and a content identifier associated with the notification trigger, wherein the user identifier indicates the collaborator and an the item identifier indicates the content item;
      
      generating the message by concatenating the user identifier and the content identifier; and
      
      generating the message authentication code based on the message.
  - 5. The method of claim 4, wherein generating the message authentication code and the new message authentication code based on the message further comprises:
    - accessing a secret integrity key; and
      
      applying a deterministic hashing algorithm to the message using the secret integrity key.
  - 6. The method of claim 5, wherein the deterministic hashing algorithm comprises a keyed-hash message authentication code (HMAC).
  - 7. The method of claim 1, wherein determining the validity of the response further comprises:
    - accessing permissions associated with the content item; and
      
      verifying that the collaborator is authorized to comment on the content item based on the permissions, wherein the response is valid if the collaborator is authorized to comment on the content item.
  - 8. The method of claim 1, wherein determining the validity of the response further comprises:
    - determining an age of the notification using the timestamp; and
      
      verifying that the age of the notification does not exceed a threshold, wherein the response is not valid if the age of the notification exceeds the threshold.
  - 9. The method of claim 1, wherein the message comprises a user identifier associated with the collaborator and an item identifier associated with the content item.
  - 10. The method of claim 1, wherein the external messaging application comprises email.
  - 11. The method of claim 1, wherein the external messaging application comprises SMS.

12. A non-transitory machine-readable storage medium including executable instructions, which when executed by a processor, causes the processor to facilitate secure commenting on content items among collaborators via external messaging applications in a collaborative cloud-based environment, the instructions comprising:
- instructions for sending a notification associated with a content item to a collaborator via an external messaging application, wherein the notification includes a message and a message authentication code, the message authentication code generated as a function of the message and to be used to verify the integrity of the message when a response to the notification is received, wherein the message includes one or more of a user identifier associated with the collaborator, an item identifier associated with the content item, or a timestamp;
  
  instructions for receiving a response to the notification from the collaborator via the external messaging application, wherein the response includes a text-based comment associated with the content item, the message and the message authentication code; and
  
  instructions for determining a validity of the response, wherein determining the validity of the response includes verifying the integrity of the message using the message authentication code by;
  
  extracting and decoding a response header from the response, the response header including the message and the message authentication code,descrambling the response header using an encryption key to identify the message and the message authentication code,extracting the message and generating a new message authentication code based on the message using an integrity key, andinstructions for comparing the message authentication code to the new message authentication code to verify the integrity of the message.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The non-transitory machine-readable storage medium of claim 12, further comprising:
    - instructions for submitting the text-based comment associated with the content item in the cloud-based environment if the response is valid.
  - 14. The non-transitory machine-readable storage medium of claim 12, wherein the integrity of the message is verified if the new authentication code is the same as the message authentication code.
  - 15. The non-transitory machine-readable storage medium of claim 12, wherein the instructions for sending the notification include:
    - instructions for generating the notification associated with the content item responsive to a notification trigger; and
      
      instructions for sending the notification to the collaborator via the external messaging application.
  - 16. The non-transitory machine-readable storage medium of claim 15, further comprising:
    - instructions for receiving the notification trigger;
      
      instructions for determining a user identifier and a content identifier associated with the notification trigger, wherein the user identifier indicates the collaborator and an the item identifier indicates the content item;
      
      instructions for generating the message by concatenating the user identifier and the content identifier; and
      
      instructions for generating the message authentication code using the message.
  - 17. The non-transitory machine-readable storage medium of claim 16, wherein the instructions for generating the message authentication code or the new message authentication code based on the message further comprise:
    - instructions for accessing a secret integrity key; and
      
      instructions for applying a deterministic hashing algorithm to the message using the secret integrity key.
  - 18. The non-transitory machine-readable storage medium of claim 17, wherein the deterministic hashing algorithm comprises a keyed-hash message authentication code (HMAC).
  - 19. The non-transitory machine-readable storage medium of claim 12, wherein the instructions for determining the validity of the response further comprise:
    - instructions for accessing permissions associated with the content item; and
      
      instructions for verifying that the collaborator is authorized to comment on the content item based on the permissions, wherein the response is valid if the collaborator is authorized to comment on the content item.
  - 20. The non-transitory machine-readable storage medium of claim 12, wherein the instructions for determining the validity of the response further comprise:
    - instructions for determining an age of the notification using the timestamp; and
      
      instructions for verifying that the age of the notification does not exceed a threshold, wherein the response is not valid if the age of the notification exceeds the threshold.
  - 21. The non-transitory machine-readable storage medium of claim 12, wherein the external messaging application comprises an email or SMS.

22. A collaboration system for facilitating secure commenting on content items among collaborators via external messaging applications in a collaborative cloud-based environment, the method comprising:
- a processor;
  
  a memory unit having instructions stored thereon which when executed by the processor, causes the collaboration system to;
  
  send a notification associated with a content item to a collaborator via an external messaging application, wherein the notification includes a message and a message authentication code, the message authentication code generated as a function of the message and to be used to verify the integrity of the message when a response to the notification is received, wherein the message includes one or more of a user identifier associated with the collaborator, an item identifier associated with the content item, or a timestamp;
  
  determine a validity of a response to the notification received from the collaborator via the external messaging application, wherein the response includes a text-based comment associated with the content item and secure message information provided by the notification including the message and the message authentication code; and
  
  wherein determining the validity of the response includes verifying the integrity of the message using the message authentication code by;
  
  extracting and decoding a response header from the response, the response header including the message and the message authentication code,descrambling the response header using an encryption key to identify the message and the message authentication code,extracting the message and generating a new message authentication code based on the message using an integrity key, andcomparing the message authentication code to the new message authentication code to verify the integrity of the message.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The collaboration system of claim 22, wherein the instructions, when executed by the processor, further causes the collaboration system to:
    - submit the text-based comment associated with the content item in the cloud-based environment if the response is valid.
  - 24. The collaboration system of claim 22, wherein the instructions, when executed by the processor, further causes the collaboration system to:
    - send the notification associated with the content item to the collaborator via the external messaging application,wherein the notification includes the message information including the message and the message authentication code associated with the message.
  - 25. The collaboration system of claim 22, wherein the instructions, when executed by the processor, further causes the collaboration system to:
    - receive a notification trigger;
      
      determine a user identifier and a content identifier associated with the notification trigger, wherein the user identifier indicates the collaborator and an the item identifier indicates the content item;
      
      generate the message by concatenating the user identifier and the content identifier; and
      
      generate the message authentication code based on the message.
  - 26. The collaboration system of claim 25, wherein generating the message authentication code and the new message authentication code based on the message further comprises:
    - accessing a secret integrity key; and
      
      applying a deterministic hashing algorithm to the message using the secret integrity key.
  - 27. The collaboration system of claim 26, wherein the deterministic hashing algorithm comprises a keyed-hash message authentication code (HMAC).

28. A machine-readable non-transitory storage medium including executable instructions, which when executed by a processor, causes the processor to:
- send a notification associated with a content item to a collaborator via an external messaging application, wherein the notification includes a message and a message authentication code, the message authentication code generated as a function of the message and to be used to verify the integrity of the message when a response to the notification is received, wherein the message includes one or more of a user identifier associated with the collaborator, an item identifier associated with the content item, or a timestamp;
  
  determine a validity of a response to the notification associated with the content item received from the collaborator via the external messaging application, wherein the response includes a text-based comment associated with the content item and secure message information provided by the notification including a message and a message authentication code; and
  
  wherein determining the validity of the response includes verifying the integrity of the message using the message authentication code by;
  
  extracting and decoding a response header from the response, the response header including the message and the message authentication code,descrambling the response header using an encryption key to identify the message and the message authentication code,extracting the message and generating a new message authentication code based on the message using an integrity key, andcomparing the message authentication code to the new message authentication code to verify the integrity of the message.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Box Incorporated
Original Assignee
Box Incorporated
Inventors
Byron, Chris, Vinnik, Natalia
Primary Examiner(s)
Desrosiers, Evans

Application Number

US13/937,124
Publication Number

US 20140013104A1
Time in Patent Office

1,471 Days
Field of Search

713150, 709230- 23, 370229, 370470
US Class Current
CPC Class Codes

H04L 63/08 for authentication of entit...

H04L 63/123 received data contents, e.g...

Systems and methods for securely submitting comments among users via external messaging applications in a cloud-based platform

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for securely submitting comments among users via external messaging applications in a cloud-based platform

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links