Controlling distribution of resources on a network
First Claim
1. A non-transitory computer-readable medium embodying a program executable in a computing device, the program comprising code that, when executed by the computing device, causes the computing device to perform a method comprising:
- storing a plurality of resources in a data store associated with a distribution service in response to a request from a user interface to transfer the plurality of resources;
receiving a selection of access rights and a plurality of distribution rules associated with the plurality of resources;
receiving, from a client device, a request to access the plurality of resources hosted by the distribution service;
determining whether a pairing of a user of the client device and the client device is authorized to access the distribution service based at least in part on the access rights associated with the plurality of resources;
identifying which of a plurality of resource grouping identifiers are associated with the pairing, in response to determining that the pairing is authorized to access the distribution service;
identifying which of the plurality of resources are associated with the resource grouping identifiers;
identifying which of the plurality of distribution rules are associated with the identified resources, the distribution rules comprising at least one of a plurality of location rules or a plurality of time rules; and
transmitting the identified resources and the identified distribution rules to the client device, the resources being encrypted and configured to be exclusively accessible by a containerized client side application using a decryption key while the client device satisfies the identified distribution rules associated with the resources based on a device profile, wherein the containerized client side application is configured to prevent access to the identified resources by another application executed by the client device.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are various embodiments for controlling distribution of resources on a network. In one embodiment, a distribution service receives a request from a client device to access resources hosted by a distribution service. In response, the distribution service determines whether the client device is authorized to access the distribution service. The distribution service identifies which of the resources hosted by the distribution service are accessible to the client device based on the resource grouping identifiers associated with the client device. The distribution service determines which distribution rules are associated with the identified resources, the distribution rules including location rules and time rules. The distribution service then transmits the identified resources and identified distribution rules to the client device, where the resources are configured to be exclusively accessible via a containerized client application on the client device while the client device satisfies the distribution rules associated with the resources.
179 Citations
60 Claims
-
1. A non-transitory computer-readable medium embodying a program executable in a computing device, the program comprising code that, when executed by the computing device, causes the computing device to perform a method comprising:
-
storing a plurality of resources in a data store associated with a distribution service in response to a request from a user interface to transfer the plurality of resources; receiving a selection of access rights and a plurality of distribution rules associated with the plurality of resources; receiving, from a client device, a request to access the plurality of resources hosted by the distribution service; determining whether a pairing of a user of the client device and the client device is authorized to access the distribution service based at least in part on the access rights associated with the plurality of resources; identifying which of a plurality of resource grouping identifiers are associated with the pairing, in response to determining that the pairing is authorized to access the distribution service; identifying which of the plurality of resources are associated with the resource grouping identifiers; identifying which of the plurality of distribution rules are associated with the identified resources, the distribution rules comprising at least one of a plurality of location rules or a plurality of time rules; and transmitting the identified resources and the identified distribution rules to the client device, the resources being encrypted and configured to be exclusively accessible by a containerized client side application using a decryption key while the client device satisfies the identified distribution rules associated with the resources based on a device profile, wherein the containerized client side application is configured to prevent access to the identified resources by another application executed by the client device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
transmitting a request to store a plurality of resources to a distribution service via a user interface; transmitting a selection of a plurality of authorized locations associated with the plurality of resources; determining, in a containerized client side application being executed by a client device, whether the client device is located at one of the plurality of authorized locations; responsive to a determination that the client device is located at an authorized location of the plurality of authorized locations, transmitting a request for access to the plurality of resources to the distribution service; receiving the resources that are configured to be exclusively accessible by the containerized client side application using a decryption key and based on a device profile, wherein the containerized client side application is configured to prevent access to the resources by another application executed by the client device; and removing the resources from the client device if the client device is no longer located at an authorized location. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 24)
-
-
23. A system for distributing resources comprising:
-
a processor; a memory device including instructions that when executed by the processor cause the processor to perform a method comprising; storing a plurality of resources in a data store associated with a distribution service in response to a request from a user interface to transfer the plurality of resources; receiving a selection of a plurality of authorized time windows associated with the plurality of resources; receiving, from a client device, a request to access the plurality of resources hosted by a distribution service; determining whether a current time associated with the client device is within one of the plurality of authorized time windows associated with the plurality of resources; responsive to a determination that the current time is within at least one authorized time of the authorized time windows, transmitting the resources to a containerized client side application on the client device, the resources being encrypted and configured to be exclusively accessible by the containerized client side application using a decryption key and based on a device profile, wherein the containerized client side application is configured to prevent access to the resources by another application executed by the client device; monitoring the current time; and removing the resources from the client device if the current time is not within the at least one authorized time window. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A method comprising:
-
storing a plurality of resources in a data store associated with a distribution service in response to a request from a user interface to transfer the plurality of resources; receiving a selection of a plurality of authorized locations associated with the plurality of resources; receiving, from a client device, a request to access the plurality of resources hosted by the distribution service; determining whether the client device is located at one of the plurality of authorized locations associated with the plurality of resources; responsive to a determination that the client device is located at an authorized location, transmitting the resources to a containerized client side application on the client device, the resources being encrypted and configured to be exclusively accessible by the containerized client side application using a decryption key and based on a device profile, the resources including metadata specifying whether transmission outside of the containerized client side application is authorized, wherein the containerized client side application is configured to prevent access to the resources by another application executed by the client device when the metadata specifies that transmission is prohibited outside of the containerized client side application; monitoring the location of the client device; and removing the resources from the client device if the client device is not located at an authorized location. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42)
-
-
43. A non-transitory computer-readable medium embodying a program executable in a computing device, the program comprising code that, when executed by a computing device, causes the computing device to perform a method comprising:
-
transmitting a request to store a plurality of resources to a distribution service via user interface; transmitting a selection of a plurality of authorized locations and a plurality of authorized time windows associated with the plurality of resources; transmitting, from a containerized client side application executed by a client device, a request to access the plurality of resources hosted by the distribution service; and receiving access to the plurality of resources in the containerized client side application if the client device is located at one of the plurality of authorized locations and if a current time is within an authorized time window of the plurality of authorized time windows, the plurality of resources configured to be exclusively accessible in the containerized client side application using a decryption key, the plurality of resources including metadata specifying whether transmission outside of the containerized client side application is authorized based on a device profile, wherein the containerized client side application is configured to prevent access to the plurality of resources by another application executed by the client device when the metadata specifies that transmission is prohibited outside of the containerized client side application. - View Dependent Claims (44, 45, 46, 47, 48, 49, 50, 51, 52, 53)
-
-
54. A client device operating in a system for distributing resources, the client device comprising:
-
a processor; a memory device including instructions that when executed by the processor cause the processor to perform a method comprising; storing a plurality of resources in a data store in response to a request from a user interface to transfer the plurality of resources; receiving a selection of a plurality of authorized time windows associated with the plurality of resources; determining whether a client device has access to the plurality of resources associated with the plurality of authorized time windows, the plurality of resources being encrypted and configured to be exclusively accessible in a containerized client side application using a decryption key, the plurality of resources including metadata specifying whether transmission outside of the containerized client side application is authorized based on a device profile, wherein the containerized client side application is configured to prevent access to the plurality of resources by another application executed by the client device when the metadata specifies that transmission is prohibited outside of the containerized client side application; determining whether a current time associated with the client device is within an authorized time window; and removing access to the resources on the client device if the current time is not within the authorized time window. - View Dependent Claims (55, 56, 57, 58, 59, 60)
-
Specification