Data access sharing

US 9,275,245 B2
Filed: 03/15/2013
Issued: 03/01/2016
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

receiving, in at least one computing device, a request to obtain a plurality of data items contained within a sandbox environment, wherein data in the sandbox environment is inaccessible to a component that is not authorized to operate within the sandbox environment, and wherein the plurality of data items comprise at least one of a plurality of calendar events, a plurality of contacts, a plurality of files, or plurality of messages;

determining, using the at least one computing device, whether access to the plurality of data items is restricted by an access control policy;

in response to determining that the access to the plurality of data items is restricted by the access control policy, determining, using the at least one computing device, whether the at least one computing device complies with a plurality of compliance rules, wherein at least one of the plurality of compliance rules specifies a hardware restriction for the at least one computing device, and wherein at least one of the plurality of compliance rules specifies a software restriction for the at least one computing device;

in response to determining that the at least one computing device complies with the plurality of compliance rules, identifying, using the at least one computing device, at least one data item a portion of the plurality of data items that does not comprise confidential data; and

the access control policy permits the client device to access; and

publishing, using the at least one computing device, the at least one data item that does not comprise the confidential data to a shared storage space in the at least one computing device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A request to obtain data items associated with an entity is received from a client device. One or more computing devices determine whether access to the data items is restricted by an access control policy and whether the client device complies with the access control policy. In response to determining that the client device complies with the access control policy, at least a portion of the data items that the access control policy permits the client device to access are identified. An integration of the at least a portion of the data items with additional data items is initiated.

165 Citations

15 Claims

1. A method comprising:
- receiving, in at least one computing device, a request to obtain a plurality of data items contained within a sandbox environment, wherein data in the sandbox environment is inaccessible to a component that is not authorized to operate within the sandbox environment, and wherein the plurality of data items comprise at least one of a plurality of calendar events, a plurality of contacts, a plurality of files, or plurality of messages;
  
  determining, using the at least one computing device, whether access to the plurality of data items is restricted by an access control policy;
  
  in response to determining that the access to the plurality of data items is restricted by the access control policy, determining, using the at least one computing device, whether the at least one computing device complies with a plurality of compliance rules, wherein at least one of the plurality of compliance rules specifies a hardware restriction for the at least one computing device, and wherein at least one of the plurality of compliance rules specifies a software restriction for the at least one computing device;
  
  in response to determining that the at least one computing device complies with the plurality of compliance rules, identifying, using the at least one computing device, at least one data item a portion of the plurality of data items that does not comprise confidential data; and
  
  the access control policy permits the client device to access; and
  
  publishing, using the at least one computing device, the at least one data item that does not comprise the confidential data to a shared storage space in the at least one computing device.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the plurality of data items comprise enterprise data.
  - 3. The method of claim 1, wherein each data item of the plurality of data items comprises a plurality of properties.
  - 4. The method of claim 1, further comprising presenting the at least one data item with a plurality of additional data items.
  - 5. The method of claim 1, wherein the sandbox environment is inaccessible to at least one application in the at least one computing device.

6. A non-transitory computer-readable medium comprising a set of instructions stored therein that, when executed by a computing device, cause the computing device to perform a method comprising:
- receiving a request to obtain a plurality of data items contained within a sandbox environment, wherein data in the sandbox environment is inaccessible to a component that is not authorized to operate in the sandbox environment, and wherein the plurality of data items comprise at least one of a plurality of calendar events, a plurality of contacts, a plurality of files, or plurality of messages;
  
  determining whether access to the plurality of data items is restricted by an access control policy;
  
  in response to determining that the access to the plurality of data items is restricted by the access control policy, determining whether the computing device complies with a compliance rule that specifies a hardware restriction for the computing device;
  
  in response to determining that the computing device complies with the compliance rule, identifying at least one data item of the plurality of data items that does not comprise confidential data; and
  
  publishing the at least one data item that does not comprise the confidential data to a shared storage space in the computing device.
- View Dependent Claims (7, 8, 9)
- - 7. The non-transitory computer-readable medium of claim 6, wherein the access control policy is among a plurality of access control policies associated with the plurality of data items.
  - 8. The non-transitory computer-readable medium of claim 6, wherein the plurality of data items are contacts representing a respective plurality of individuals.
  - 9. The non-transitory computer-readable medium of claim 6, wherein the sandbox environment is inaccessible to at least one application in the at least one computing device.

10. A system comprising:
- at least one computing device;
  
  programming code executable in the at least one computing device, the programming code being configured to cause the at least one computing device to at least;
  
  receive a request to obtain a plurality of data items contained within a sandbox environment, wherein data in the sandbox environment is inaccessible to a component that is not authorized to operate in the sandbox environment, and wherein the plurality of data items comprise at least one of a plurality of calendar events, a plurality of contacts, a plurality of files, or plurality of messages;
  
  determine whether access to the plurality of data items is restricted by an access control policy;
  
  in response to determining that the access to the plurality of data items is restricted by the access control policy, determining whether the at least one computing device complies with a compliance rule that specifies a software restriction for the at least one computing device;
  
  in response to determining that the at least one computing device complies with the compliance rule, identify at least one data item a portion of the plurality of data items that does not comprise confidential data; and
  
  publish the at least one data item that does not comprise the confidential data to a shared storage space in the at least one computing device.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10, wherein the plurality of data items are a plurality of enterprise data items, and the plurality of additional data items are a plurality of personal data items.
  - 12. The system of claim 10, wherein the plurality of data items are associated with a first user, and the plurality of additional data items are associated with a second user.
  - 13. The system of claim 10, wherein the compliance rule prohibits a particular application being installed in the client device.
  - 14. The system of claim 10, wherein the sandbox environment is inaccessible to at least one application in the at least one computing device.
  - 15. The system of claim 10, wherein the programming code is further configured to cause the at least one computing device to at least integrate the at least one data item that does not comprise the confidential data with a plurality of additional data items.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirWatch LLC (Broadcom, Inc.)
Original Assignee
AirWatch LLC (Broadcom, Inc.)
Inventors
Stuntebeck, Erich
Primary Examiner(s)
Pham, Luu
Assistant Examiner(s)
JACKSON, JENISE E

Application Number

US13/838,935
Publication Number

US 20140282828A1
Time in Patent Office

1,082 Days
Field of Search

726/1, 726/26, 726/28, 713/161
US Class Current

1/1
CPC Class Codes

G06F 21/62 Protecting access to data v...

Data access sharing

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

165 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Data access sharing

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

165 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others