Flexible permission management framework for cloud attached file systems
First Claim
1. A method of managing file permissions in a remote file storage system, said method comprising:
- defining permissions for said remote file storage system;
controlling access to objects on said remote file storage system according to said permissions of said remote file storage system;
transferring said permissions to a client file storage system remote from said remote file storage system;
controlling access to objects on said client file storage system according to said permissions of said remote file storage system;
altering said permissions of said remote file storage system at said remote file storage system;
controlling access to objects on said remote file storage system according to said altered permissions of said remote file storage system;
transferring said altered permissions to said client file storage system; and
controlling access to objects on said client file storage system according to said altered permissions of said remote file storage system; and
whereinsaid step of controlling access to objects on said client file storage system according to said permissions of said remote file storage system includes overriding permissions of said client file storage system.
5 Assignments
0 Petitions
Accused Products
Abstract
A method of managing file permissions in a remote file storage system includes defining permissions for the remote file storage system and controlling access to objects on the remote file storage system according to the permissions of the remote file storage system. The permissions are transferred to a client file storage system remote from the remote file storage system, and access to objects on the client file storage system is controlled according to the permissions of the remote file storage system. A remote file storage system includes a permissions file generator operative to generate a permissions file, which is transmitted to a client file storage system for enforcement at the client file storage system.
101 Citations
26 Claims
-
1. A method of managing file permissions in a remote file storage system, said method comprising:
-
defining permissions for said remote file storage system; controlling access to objects on said remote file storage system according to said permissions of said remote file storage system; transferring said permissions to a client file storage system remote from said remote file storage system; controlling access to objects on said client file storage system according to said permissions of said remote file storage system; altering said permissions of said remote file storage system at said remote file storage system; controlling access to objects on said remote file storage system according to said altered permissions of said remote file storage system; transferring said altered permissions to said client file storage system; and controlling access to objects on said client file storage system according to said altered permissions of said remote file storage system; and
whereinsaid step of controlling access to objects on said client file storage system according to said permissions of said remote file storage system includes overriding permissions of said client file storage system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 23, 26)
-
-
12. A remote file storage system comprising:
-
memory for storing file objects received from a client; a client interface operative to receive said file objects from said client, to provide said file objects to said client, to receive data indicative of permissions associated with said file objects, and to provide a permissions file to said client; a permissions file generator operative to generate said permissions file based on said data indicative of said permissions associated with said file objects, said permissions file defining different permissions for a plurality of said file objects; and a permissions enforcer operative to control access to said file objects according to said permissions file; and
whereinsaid client interface is operative to receive additional data indicative of permissions associated with said file objects; said permissions file generator is operative to generate an updated permissions file based at least in part on said additional data indicative of permissions associated with said file objects; and said client interface is operative to provide said updated permissions file to said client. - View Dependent Claims (13, 14, 15, 16)
-
-
17. A local file storage system for use with a remote file storage system, said local file storage system including:
-
memory for storing local file objects from local clients; a client interface operative to receive said local file objects from said local clients and to provide said local file objects to said local clients; a remote file server interface operative to receive a permissions file from a remote file server, said permissions file being indicative of permissions associated with remote file objects stored on said remote file server, said remote file objects being copies of said local file objects; and a permissions enforcer operative to control access to said local file objects by said local clients according to said permissions defined by said permissions file for said remote file objects; and
whereinsaid remote file server interface is further operative to receive an updated permissions file from said remote file server, said updated permissions file being indicative of updated permissions associated with at least some of said remote file objects stored on said remote file server; and said permissions enforcer is further operative to control access to said local file objects by said local clients according to said updated permissions defined by said updated permissions file for said remote file objects. - View Dependent Claims (18, 19, 24, 25)
-
-
20. A file storage system comprising:
-
a local file storage system including memory, said local file storage system being operative to store file objects from local clients in said memory and to provide said file objects to said local clients from said memory; a remote file storage system including memory, said remote file storage system being operative to store copies of said file objects in said memory of said remote file storage system and to provide said copies of said file objects from said memory of said remote file storage system; a permissions file generator on at least one of said local file storage system and said remote file storage system and operative to generate a permissions file and to provide said permissions file to said local file storage system and said remote file storage system; a first permissions enforcer on said local file storage system, said first permissions enforcer operative to control access to said file objects on said local file storage system according to said permissions file; and a second permissions enforcer on said remote file storage system, said second permissions enforcer operative to control access to said file objects on said remote file storage system according to said permissions file; and
whereinresponsive to receiving additional data indicative of permissions associated with said file objects stored on said remote file storage system, said permissions file generator is further operative to generate an updated permissions file based at least in part on said additional data and provide said updated permissions file to said local file storage system and said remote file storage system; responsive to receiving said updated permissions file, said first permissions enforcer is operative to control access to said file objects on said local file storage system according to said updated permissions file; and responsive to receiving said updated permissions file, said second permissions enforcer is operative to control access to said file objects on said remote file storage system according to said updated permissions file. - View Dependent Claims (21, 22)
-
Specification