This is directed to providing access to content stored on a local cloud. In particular, a device can direct a librarian service overseeing the operation of a local cloud to provide another device with access to content stored on the local cloud. The librarian service can generate credentials for the other device, and provide the credentials to the other device. Using the credentials, the other device can connect directly to the local cloud and access the content. In addition, the local cloud can validate the credentials of the other before providing access to the content. The credentials can include, for example, a key to install or load on the device. The librarian may not require, however, the user to create credentials or register with the librarian before being permitted to access the content on the local cloud.
|
1. A method for authorizing access to content stored on a local cloud, the method comprising:
receiving, at a librarian service operating on a master device, a request from a first device to provide a third device with access to the content stored on a second device, wherein:
the first device and the second device are associated with a first user account,
the third device is associated with a second user account, and
the librarian service selects the first and second devices to form the local cloud associated with the first user account based on one or more resources of each of the first and second devices made available for the local cloud;
receiving, at the librarian service from the second device, an indication that the third device associated with the second user account is authorized to access the content stored on the second device;
determining, at the librarian service, whether the third device associated with the second user account is known to the librarian service, wherein said determining involves determining whether the third device has been made available to the librarian service to form another local cloud;
when the third device associated with the second user account is determined to be known to the librarian service:
identifying credentials associated with the second user account, and
when the credentials are already installed at the third device associated with the second user account, associating the credentials with the content to provide the third device authorization to access the content; and
providing by the librarian service, addressing information for the local cloud to the third device associated with the second user account, wherein the addressing information is used by the third device to connect to the local cloud to gain access to the content stored on the second device.
12. An electronic device for controlling access to content in local clouds, the electronic device comprising a processor configured to:
identify a plurality of devices associated with a first user account;
define a local cloud comprising the plurality of devices associated with the first user account, wherein the local cloud is defined based on one or more resources of each device of the plurality of devices made available for the local cloud;
receive, at a librarian service operating on the electronic device, a request from a first device in the local cloud to allow a third device access to the content stored on a second device in the local cloud, wherein the third device is associated with a second user account;
receive, at the librarian service from the second device, an indication that the third device associated with the second user account is authorized to access the content stored on the second device;
determine whether the third device associated with the second user account is known to the librarian service, wherein to determine whether the third device is known to the librarian service the processor is further configured to determine whether the third device has been made available to the librarian service to form another local cloud;
when the third device associated with the second user account is determined to be known to the librarian service:
identify credentials associated with the second user account, and
when the credentials are already installed at the third device associated with the second user account, associate the credentials with the content to provide the third device authorization to access the content; and
provide addressing information for the local cloud to the third device associated with the second user account, wherein the addressing information is used by the third device to connect to the local cloud to gain access to the content stored on the second device.
18. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor included in a computing device, cause the computing device to authorize access to content stored on a local cloud, by carrying out steps that include:
receiving, at a librarian service operating on a master device, a request from a first device to provide a third device with access to the content stored on a second device, wherein:
the first device and the second device are associated with a first user account,
the third device is associated with a second user account, and
the librarian service selects the first and second devices to form the local cloud associated with the first user account based on one or more resources of each of the first and second devices made available for the local cloud;
receiving, at the librarian service from the second device, an indication that the third device associated with the second user account is authorized to access the content stored on the second device;
determining, at the librarian service, whether the third device associated with the second user account is known to the librarian service, wherein said determining involves determining whether the third device has been made available to the librarian service to form another local cloud;
when the third device associated with the second user account is determined to be known to the librarian service:
identifying credentials associated with the second user account, and
when the credentials are already installed at the third device associated with the second user account, associating the credentials with the content to provide the third device authorization to access the content; and
providing, by the librarian service, addressing information for the local cloud to the third device associated with the second user account, wherein the addressing information is used by the third device to connect to the local cloud to gain access to the content stored on the second device.
2. The method of
identifying the first user account associated with the request; and
determining access rights for the content based on the request.
3. The method of
4. The method of
an email address; and
a telephone number.
5. The method of
determining that the third device associated with the second user account is new to the librarian service; and
generating new credentials for the second user account.
6. The method of
7. The method of
adding the credentials to an access control list associated with the content.
8. The method of
providing, to the third device associated with the second user account, a network address for at least one node of the local cloud.
9. The method of
the at least one node operates a service indicating how to access the content.
10. The method of
adding the content to the another local cloud associated with the second user account.
11. The method of
providing, to the third device associated with the second user account, an instruction to operate a particular application used to access the content.
13. The electronic device of
provide an indication to the third device associated with the second user account of available access to the local cloud.
14. The electronic device of
provide, to the third device associated with the second user account, a network address for at least one node of the local cloud.
15. The electronic device of
receive a request from the third device for available local clouds; and
provide identifying information for the local cloud to the third device in response to receiving the request.
16. The electronic device of
determine that the third device is not known to the librarian service;
generate new credentials for the second user account; and
transmit the new credentials to the third device.
17. The electronic device of
associate the new credentials with an access list of the local cloud.
19. The non-transitory computer-readable storage medium of
determining that the third device associated with the second user account is new to the librarian service; and
generating new credentials for the second user account.
|
This is directed to providing access to restricted content stored in a network storage system using a single step process. In particular, this is directed to providing an instruction to share content stored on a network storage system with another device, and automatically providing credentials to the other device.
With the increased availability of high speed Internet connections, many devices have the ability to connect to remote services or sources. In addition, as the cost of high speed Internet connections decreases, many users may maintain a constant or near constant connection to the Internet. Furthermore, as wireless communications systems expand, users can connect to remote sources at many different locations, including far from the user's work, home or other areas where the user typically can access the Internet. For example, wireless communications networks have expanded to the point where a device can connect to the Internet on a mountaintop in nature (e.g., while skiing or hiking).
Because of the enhanced ability of devices to connect to the Internet as a user moves or travels, a user can make an increased use of remote storage. In particular, a user can store information in one or more remote locations, while knowing that the information can remain accessible so long as the user has an Internet connection available. This can allow a user to expand the amount of storage available to the user beyond the actual storage within the device (e.g., the storage of a hard drive or solid state drive in a device).
A device can connect to any suitable remote storage source to store or access content. In some embodiments, one or more cloud storage solutions can be available to a user. A cloud storage solution can typically include one or more racks of storage devices geographically located in one area and connected to each other and to the Internet. The storage devices can be managed by a system administrator, who ensures that all of the storage devices operate properly, run appropriate profiles, and manages the storage of information by users on the cloud storage. While such cloud storage may be of use to a user, it may also come at a cost. In particular, the cloud provider can charge a monthly or other recurring fee in exchange for use of the cloud storage. In addition, the cost of operating a cloud storage system can include not only material costs (e.g., storage devices) but also network administration costs. In particular, each time a user wishes to provide access to restricted content to another user, an administrator may be required to generate and provide the credentials to the other user, and to release access to the restricted content for the generated credentials. This can require both time and administrator resources.
This is directed to systems, methods and computer-readable media for providing access to content stored on a local network storage system (e.g., a local cloud) using a single step. In particular, this is directed to providing access to content stored on a local cloud that includes devices identified by a user and administrated by a device providing a librarian service.
A user can define a local cloud by selecting a list of devices controlled by the user to include in a cloud. The devices in the list can identify themselves and their owner to a librarian, which can allocate resources of the identified devices for the local cloud. In addition, the user can elect to trust one or more other users, whose devices can also be made available for a cloud. The librarian can select a set of devices to combine to form a local cloud, where the devices are owned by one or more users.
In some cases, a user may wish to give another user access to content on the local cloud. For example, a user may wish to share an image, audio, video, or other content for review or editing (e.g., a group project). As another example, a user may wish to give another person access to some or all of the local cloud (e.g., a directory and sub-directory, content associated with a particular tag, or any content associated with selected metadata). To do so, the user can provide an instruction to the librarian identifying the content or local cloud to share, and the other person with which to share the content or local cloud. For example, the user can identify a particular file or directory, and an email address associated with the other user.
In response to receiving the instruction, the librarian can determine whether the user or email address is known to it. For example, the librarian can determine whether the target user has provided devices for use in a local cloud, or whether the user has already been provided with access to content on another local cloud. If the librarian determines that the user is new, the librarian can generate credentials (e.g., a key) for the user. In addition, the librarian can generate a link via which the other user can access the content. For example, the link can be a shortcut for connecting to the local cloud. As another example, the link can include a shortcut for operating a particular application used to view the shared content. In some embodiments, the link can be tied to the credential, such that installing the credential also provides a selection of the link. The librarian can transmit the link, with the credential (e.g., if newly generated or requested) to the other user (e.g., using the email address provided for the other user).
The librarian can update one or more access control lists associated with the local cloud or content to include the identified user. Alternatively, the librarian can receive, from a user, an indication of the devices to which the user wants to grant access, and can grant access to those devices in response to the user indication. In some embodiments, the librarian can revise or edit a database from which local network information is pulled by each device or user managed by the librarian to indicate that the other user has access to the local cloud. Alternatively, each device in a local cloud can be initially informed by the librarian of the other users authorized to access content on the device. The device can then notify the librarian of the authorized users. This may allow the other user to see the shared content or local cloud appear as available to the user's device even if the user does not receive or select the link provided in the communication from the librarian.
Using an electronic device, the other user can operate an application used to access the content or directory in the local cloud, and access the content. For example, the electronic device of the other can request, from the librarian, information regarding the location of devices forming a local cloud associated with the other user, and receive automatically from the librarian information for connecting to the shared content in addition to the other user's local cloud. This approach may allow the other user to seamlessly and rapidly connect to other users' local clouds without requiring burdensome credential generating or credential entering steps on the part of the other user when the other user is new to the librarian.
The above and other features of the present invention, its nature and various advantages will be more apparent upon consideration of the following detailed description, taken in conjunction with the accompanying drawings in which:
This is directed to providing access to restricted content stored on a network storage source to another device. In particular, this is directed to a one-step process for providing access to restricted content.
Electronic device 100 can include a processor or control circuitry 102, storage 104, memory 106, input/output circuitry 108, and communications circuitry 110 as typically found in an electronic device of the type of electronic device 100, and operative to enable any of the uses expected from an electronic device of the type of electronic device 100 (e.g., connect to a host device for power or data transfers). In some embodiments, one or more of electronic device components 100 can be combined or omitted (e.g., combine storage 104 and memory 106), electronic device 100 can include other components not combined or included in those shown in
Control circuitry 102 can include any processing circuitry or processor operative to control the operations and performance of electronic device 100. Storage 104 can include, for example, one or more storage mediums including a hard-drive, solid state drive, flash memory, permanent memory such as ROM, any other suitable type of storage component, or any combination thereof. Memory 106 can include cache memory, semi-permanent memory such as RAM, and/or one or more different types of memory used for temporarily storing data. In some embodiments, memory 106 and storage 104 can be combined as a single storage medium. Input/output circuitry 108 can be operative to convert (and encode/decode, if necessary) analog signals and other signals into digital data.
Input/output interface 108 can convert (and encode/decode, if necessary) analog signals and other signals into digital data. For example, input/output interface 108 may receive and convert physical contact inputs (e.g., from a multi-touch screen or a button press), physical movements (e.g., from a mouse or sensor), analog audio signals (e.g., from a microphone), or any other input provided by a user. Although input/output interface 108 is illustrated in
Electronic device 100 can include any suitable mechanism, circuitry or component for allowing a user to provide inputs to input/output interface 108. For example, electronic device 100 may include a button, keypad, dial, a click wheel, or a touch interface (e.g., a capacitive touch screen), or combination of these. In some embodiments, input/output information 108 can instead or in addition include circuitry, software, firmware, or other components for detecting and processing voice inputs or other audio inputs. In some cases, input/output interface 108 can be operative to detect and process inputs received from gestures of the device (e.g., inputs detected from movements of the device, such as shaking, twisting or spinning).
Electronic device 100 can include specialized output interface associated with output signals such as, for example, one or more audio or visual outputs. An audio output may include one or more speakers (e.g., mono or stereo speakers) built into electronic device 100, or an audio component that is remotely coupled to electronic device 100 (e.g., a headset, headphones or earbuds that may be coupled to communications device with a wire or wirelessly). A visual output can include display circuitry (e.g., a screen or projection system) for providing a display visible to the user. For example, the display circuitry can include a screen (e.g., an LCD screen) that is incorporated in electronics device 100, a movable display or a projecting system for providing a display of content on a surface remote from electronic device 100 (e.g., a video projector), or combinations of these. In some embodiments, input/output interface 108 can include a coder/decoder (Codec) to convert digital media data into analog signals such as, for example, video Codecs, audio Codecs, or any other suitable type of Codec.
Communications circuitry 110 may be operative to communicate with other devices or with one or more servers using any suitable communications protocol. Electronic device 100 may include one more instances of communications circuitry for simultaneously performing several communications operations using different communications networks. For example, communications circuitry may support Wi-Fi (e.g., a 802.11 protocol), Ethernet, Bluetooth™ (which is a trademark owned by Bluetooth Sig, Inc.), radio frequency systems, cellular networks (e.g., GSM, AMPS, GPRS, CDMA, EV-DO, EDGE, 1GSM, DECT, IS-136/TDMA, iDen, LTE or any other suitable cellular network or protocol), infrared, TCP/IP (e.g., any of the protocols used in each of the TCP/IP layers), HTTP, FTP, RTP, RTSP, SSH, Voice over IP (VOIP), any other communications protocol, or any combination thereof. In some embodiments, communications circuitry 110 may include one or more communications ports operative to provide a wired communications link between electronic device 100 and a host device. For example, a portable electronic device may include one or more connectors (e.g., 10 pin connectors or USB connectors) operative to receive a cable coupling the portable electronic device to a host computer. Using software on the host computer (e.g. iTunes available from Apple Inc.), the portable electronic device may communicate with the host computer.
In some embodiments, electronic device 100 can include a device having a limited interface. For example, electronic device 100 can serve as a storage node for a network storage system. In particular, electronic device 100 can be limited to a device having storage capabilities, and communications circuitry to connect the electronic device to a communications network. The device may not include an integrated input interface, but may instead be remotely accessed by another device (e.g., over a wired or wireless communications path).
Several electronic devices, including electronic devices having some or all of the same features, can be connected to each other to form a network over which information can be shared. In particular, a user may own several devices that are interconnected to share information or to store information that can be accessed from any of the devices.
In some embodiments, some or all of the devices can be connected to a communications network that allows the interconnection of all of the devices. For example, the devices shown in
In some embodiments, different users can elect to share resources to form a communications network that spans several individual communications networks. For example, the first user can elect to trust the second user, and vice versa. Each user can allocate some of the user's devices for the shared communications network. For example, the first and second users can connect devices 212, 222, 224 and 226 to form communications network 240. The devices can communicate over communications network 202, using one or more authentication and encryption protocols.
One or more users can combine to form a local or personal networked storage system (e.g., local cloud) using any suitable approach. In some embodiments, several users can each own one or more devices that can be connected to network 202. To form a networked storage system that can be remotely accessed, and to take advantage of distributed storage available from each of the devices, each of the several users can contribute one or more devices, or resources from one or more devices (e.g., storage or processing capabilities).
The different devices associated with each user can be incorporated in the local cloud using any suitable approach. In some embodiments, each user can elect one or more specific users with which to form a local cloud. The user can identify those users to a control system, for example a librarian service operating on a master device of network 202. The master device can include any suitable feature or component, including for example one or more components described in connection with device 100 (
In some embodiments, the user can (e.g., using display 300) indicate the specific resources 320 of the user that the user is willing to dedicate to a local network storage system. For example, the user can list, in box 322, the individual devices associated with that user. In some embodiments, one or more of the devices can be automatically identified by the librarian, or by the device providing display 300. For example, the device used by the user can detect the other devices in the network associated with the user's devices. The user can select a particular device using highlight region 324, and provide, in box 326, device resources for the selected particular device to make available for a local network storage system. The user can select any suitable resource, including for example storage (e.g., in a percentage or numerical amount), processing resources (e.g., percentage of clock cycles), or combinations of these. In some embodiments, the user can define one or more limitations to the shared resources, such as time constraints, restrictions based on the resources used or required by a user, connection speed, resource cost, or combinations of these. Once a user has specified one or more trusted users and allocated devices, the user can provide an instruction to transmit the information to the librarian (e.g., select submit option 330).
A user can form a local network storage system (e.g., a personal or local cloud) using any suitable approach. In some embodiments, a user can provide a request to the librarian for a local cloud. The user request can include any suitable criteria or requirement, including for example a storage requirement (e.g., at least 1 TB). In response to receiving a request, the librarian can identify all devices meeting the request's criteria that the requesting user trusts, and that in turn also trust the requesting user that. The librarian can identify the devices associated with each of the users that were made available for networked storage. The system can then select some or all of the devices to form a new local cloud for the requesting user. In particular, the devices can communicate amongst themselves and share information (e.g., share services and data). In some cases, the librarian can maintain a map of the devices used in each local cloud, and provide the listing of devices and addresses to any device requesting to retrieve or access a local cloud that the device is authorized to access. In some cases, one or more devices made available to any one user can be used in several other users' local clouds. For example, the owner of a device can request a local cloud, and another user trusting and trusted by the owner of the device can also request a local cloud that makes use of the device. Information corresponding to each cloud can be encrypted and distinguished to ensure that only an appropriate or authorized user can access information stored by the device.
An electronic device connected to a local cloud can provide any suitable interface for accessing the cloud (e.g., to read or write content). For example, the cloud can appear with a listing of other drives or storage resources of a device.
In some embodiments, a user can instead or in addition store or access content on a local cloud from an application corresponding to the stored or accessed content. For example, a user can access images stored in a local cloud from a photo application.
In some embodiments, a user may wish to share content stored on a local cloud with another user. In particular, a user may wish to share content with another user who is not trusted by the user, and whose devices are not used in the user's local cloud. As another example, a user may wish to share content with another user who has provided devices used as part of the user's local cloud, but for whom access has been restricted. The user can allow the other user any suitable access rights for the user-owned content stored in the local cloud, including for example one or more of read, write, and view rights. The user can use any suitable approach to provide access to the content stored on the local cloud.
Once second device 630 has received the credentials, the second device can provide confirmation of receipt of the credentials to first device 610, and can access content 622 from local cloud 620. For example, second device 630 can provide the confirmation via communications path 612. The second device can access content 622 over communications path 632, which can include a communications path provided by one or both of a general network (e.g., the Internet) or local cloud 620.
In some embodiments, local cloud 620 can be administered by a system administrator. The system administrator can include a person operating the network, software operating on a server, or combinations of these. In such systems, first device 610 can instead or in addition indicate to system administrator 640 that the devices wishes to allow second device 630 access to content 622 on local cloud 620. For example, first device 610 can send the indication to system administrator 640 via communications path 616. Communications path 616 can, in some embodiments, include some or all of the features of communications path 612 or path 614.
In response to receiving the request, system administrator 640 can generate credentials for second device 630, and transmit the generated credentials to the device over communications path 634. The credentials can take any suitable form, including one or more of the forms described above. The credentials can be communicated using any suitable approach, including for example one or more of the approaches described above. In some embodiments, system administrator 640 can instead or in addition direct second device 630 to connect to the system administrator to register and create credentials. For example, system administrator 640 can direct a user of second device 630 to create an account with a username and password entered by the user.
Once the system administrator has generated or received the credentials from second device 630, the system administrator can transmit the credentials to local cloud 620 with instructions to allow access to content 622 to a device providing the credentials. The system administrator can provide the credentials and instructions using any suitable approach, including for example over communications path 642, which can include some or all of the features of the communications paths described above. Second device 630 can retrieve the credentials provided by system administrator 640, and connect to local cloud 620 to access content 622.
While these approaches may provided the desired final result (i.e., the second device has access to the content owned by the first device and stored in the local cloud), these approaches require several steps and actions by several users. In addition, a time cost is associated with each of these steps. In some embodiments, the number of steps and time costs can be reduced by leveraging the librarian overseeing the local cloud.
To share content 722 with second device 730, first device 710 (or the user of first device 710) can add the user of second device 730 (or second device 730) to an internal trust list. First device 710 can then tell librarian 740 of this expansion to the trust list. In some embodiments, the first device can instead or in addition send an instruction (e.g., a globally unique identifier for second device 730, such as an email address), to librarian 740. In some embodiments, the instruction can identify one or more instances of content to share, although the content can be identified when the user of the second device contacts the first device. Alternatively, the instruction can identify one or more local clouds associated with the user of first device 710. In some embodiments, the instruction can specify the access rights of second device 730. For example, the instruction can specify read and write access rights.
First device 710 can provide the instruction or revised trust list to librarian 740 over any suitable communications path, including for example communications path 712. Communications path 712 can include, for example, a communications path over a general network to which both first device 710 and librarian 740 are connected (e.g., the Internet). As another example, communications path 712 can be entirely or partially be within local cloud 720.
In response to receiving the instruction, librarian 740 can generate credentials for second device 730, for the user of second device 730, or both. For example, librarian 740 can generate credentials for second device 730 in response to receiving an instruction from the user of first device 710. As another example, librarian 740 can generate credentials for second device 730 in response to receiving a request from the second device. In some embodiments, librarian 740 can initially determine whether second device 730 (or the user of second device) is known to the local cloud system (e.g., known to the librarian). For example, the librarian can determine whether the user of the second device has trusted other devices, or whether the second device has been provided to the librarian as an available device for a local cloud for one or more users. As another example, the librarian can determine whether the user of the second device has previously been granted access to content on one or more local clouds. If the electronic device determines that the second device or the user is new to the librarian, the librarian can generate credentials associated with the second device, the user or both. As another example, the librarian can generate a certificate or key associated with the second device, a certificate or key associated with the user of the second device, or both.
If the second device (and its user) is known to the librarian, the librarian can instead or in addition associate content 722 with the known credentials of the second device and user, and provide the credentials to first device 710. Because the user of first device 710 trusts the user of second device 730, or grants access content 722 to the user of second device 730, first device 710 can automatically enable second device 730, which has the known credentials of the user of second device 730, to access content 722.
Librarian 740 can provide the generated credentials to the user of second device 730 over communications path 742. For example, librarian 740 can send an email to the user of second device 730 (e.g., using the identifying email provided in the instruction from first device 710) in which the generated credentials are included. For example, credentials can be incorporated in the body of a message (e.g., an email body). As another example, the credentials can be attached to the message (e.g., an email attachment). In some embodiments, librarian 740 can instead or in addition send a link to the shared content (e.g., a link to content 722). For example, the librarian can send a coded instruction directing the user of second device 730 to open an application associated with content 722, and access the local cloud on which the content is stored. As another example, the librarian can send a link to connect to the local cloud.
If the user of second device 730 was previously known to the librarian, the librarian can assume that second device 730 already has the credentials installed, and instead or in addition only provide a link to content 722 or to local cloud 720. When electronic device 730 contacts librarian 740 to ask for local clouds available to the user of second device 730, the librarian can return a listing of clouds or devices that includes device 710 and content 722. Alternatively, the librarian can instead or in addition send local cloud 720 an instruction to allow second device 730, or a device having the credentials associated with second device 730 (e.g., the device of the user of second device 730) access to content 722. The librarian can provide the information or instruction over communications path 744, which can include some or all of the features of the communications paths described above.
In response to receiving the credentials, link, or both from the librarian, second device 730 can connect to local cloud 720 to access content 722. For example, a user of second device 730 can select the link to open an application or window for connecting to local cloud 720, for example creating communications path 732 that can have some or all of the features of the communications paths described above. As another example, when second device 730 contacts librarian 740 (e.g., to retrieve existing local clouds associated with or available to second device 730), the librarian can provide addressing information for second device 730 to automatically connect to local cloud 720 and add content 722 to an application window. In particular, if content 722 is an image, second device 740 can automatically connect to local cloud 720 and identify the local cloud and content in a “local cloud” or “remote” region of an image application display (e.g., display 500,
In cases where the second device is new to the librarian, the second device may be required to select and install the credentials before accessing content 722. For example, a user can select the credentials, which can automatically install and seamlessly open an application for accessing content 722. The credentials can be stored using any suitable approach, for example in a credential store associated with a networking process or local cloud process (e.g., in communication with librarian 740).
Accordingly, using this approach, the first device only requires a single step—viz., instructing the librarian to give access to the content to the second user—for the second user to get access. In addition, the second user does not need to perform any step, if credentials have been previously installed, to access the content. In fact, the second device does not even need to be made aware of the availability of the content from the librarian, as the second device can automatically connect to or be made aware of the local cloud on which the content is stored (e.g., receive addressing information for the local cloud from the librarian, or automatically include the first device in a local cloud of the second device). Once connected, the second device can provide the available content on an appropriate field. Furthermore, because the librarian does not require any user interaction (e.g., by a system administrator), the process can be very fast (e.g., less than 500 ms between the time the first device indicates that a second user can access content to when the second user can access the content).
At step 806, the librarian can determine whether the second user is known to the librarian. For example, the librarian can determine whether the email address provided with the instruction is known (e.g., is an email address that has been used to generate a local cloud, or has received access to other content). In some embodiments, the librarian can determine whether additional identifying information (e.g., a name, location or social connection) matches another known user having a different email address. If the librarian identifies such a known user, the librarian can associate the newly received email address with the known user. If the librarian determines that the second user is known, process 800 can move to step 808. At step 808, the librarian can retrieve credentials associated with the second user. For example, the librarian can retrieve a certificate or key associated with the second user. Process 800 can then move to step 812.
If, at step 810, the librarian instead determines that the second user is unknown, the librarian can generate credentials associated with the second user. For example, the librarian can generate a key or certificate for the second user. Process 800 can then move to step 812. At step 812, the first user can associate the identified content with the second user. For example, the first user can direct a device to authorize the second user to access the content. In some embodiments, the first user's device can associate credentials of the second user, or an identity associated with the second device (e.g., an email) with the content. Alternatively, the credentials provided by the librarian for the second user can serve to validate the identity of the second user. In some embodiments, steps 810 and 812 can occur simultaneously. In other embodiments, portions of step 812 can occur as part of step 804 (e.g., when a second device, owned by the first user and hosting the content, provides the instruction to the librarian, as described above in connection with step 804). At step 814, the librarian can indicate the availability of the content to the second user. For example, the librarian can send an indication to the second user to connect to the local cloud to view the content. As another example, a device of the second user can ping the librarian or request a list of available clouds. As still another example, a cloud to which the second user has access can automatically incorporate the content in the cloud. In some embodiments, if the second user was unknown to the librarian, the librarian can in addition transmit the generated credentials to the second user for installation to receive access to the local cloud. The indication can include, for example, a link to the content. As another example, the indication can include an instruction to operate a particular application used to access the content. Process 800 can then end at step 816.
If, at step 1006, the electronic device instead determines that there is no certificate in the communication, process 1000 can move to step 1010. At step 1010, the electronic device can select a link embedded or included in the communication. For example, the electronic device can select a link corresponding to an instruction to access the content. At step 1012, the electronic device can run an operation providing access to the content. For example, the electronic device can execute an application for accessing a local cloud. As another example, the electronic device can execute an application in which a connection with a local cloud can be provided. At step 1014, the electronic device can seamlessly connect to the local cloud to access the content. For example, the electronic device can create a communications path with a local cloud to access the content. In some embodiments, for example when the electronic device does not receive the communication from the librarian, the electronic device can nevertheless ask the librarian for available networks (e.g., as part of a routine process). In response, the librarian can identify the local cloud. Alternatively, if the electronic device is already connected to a local cloud, the local cloud can itself automatically identify and incorporate the content in the local cloud. Process 1000 can then end at step 1016.
Although many of the embodiments of the present invention are described herein with respect to personal computing devices, it should be understood that the present invention is not limited to personal computing applications, but is generally applicable to other applications.
The invention is preferably implemented by software, but can also be implemented in hardware or a combination of hardware and software. The invention can also be embodied as computer readable code on a computer readable medium. The computer readable medium is any data storage device that can store data which can thereafter be read by a computer system. Examples of the computer readable medium include read-only memory, random-access memory, CD-ROMs, DVDs, magnetic tape, and optical data storage devices. The computer readable medium can also be distributed over network-coupled computer systems so that the computer readable code is stored and executed in a distributed fashion.
Insubstantial changes from the claimed subject matter as viewed by a person with ordinary skill in the art, now known or later devised, are expressly contemplated as being equivalently within the scope of the claims. Therefore, obvious substitutions now or later known to one with ordinary skill in the art are defined to be within the scope of the defined elements.
The above described embodiments of the invention are presented for purposes of illustration and not of limitation.
Patent | Priority | Assignee | Title |
Patent | Priority | Assignee | Title |
7237268, | Jul 13 2004 | RPX Corporation | Apparatus and method for storing and distributing encrypted digital content and functionality suite associated therewith |
7266839, | Jul 12 2001 | JPMORGAN CHASE BANK, N A | System and method for providing discriminated content to network users |
7567987, | Oct 24 2003 | Microsoft Technology Licensing, LLC | File sharing in P2P group shared spaces |
7720767, | Oct 24 2005 | CONTENTGUARD HOLDING, INC | Method and system to support dynamic rights and resources sharing |
7802293, | Apr 06 2005 | ASSA ABLOY AB | Secure digital credential sharing arrangement |
8336090, | May 24 2005 | MOON GLOW, SERIES 82 OF ALLIED SECURITY TRUST I | System and method for unlimited licensing to a fixed number of devices |
8402555, | Mar 21 2010 | UNITED STATES DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE | Personalized digital media access system (PDMAS) |
8473429, | Jul 10 2008 | SAMSUNG ELECTRONICS CO , LTD | Managing personal digital assets over multiple devices |
8533860, | Jan 11 2013 | UNITED STATES DEPARTMENT OF THE TREASURY BUREAU OF THE FISCAL SERVICE | Personalized digital media access system—PDMAS part II |
9038138, | Sep 10 2012 | Adobe Systems Incorporated | Device token protocol for authorization and persistent authentication shared across applications |
20030182551, | |||
20070266095, | |||
20080040283, | |||
20080083025, | |||
20080091763, | |||
20080134316, | |||
20090100060, | |||
20090249439, | |||
20090293108, | |||
20090307361, | |||
20100010944, | |||
20100083351, | |||
20100185868, | |||
20100248698, | |||
20100325199, | |||
20100325422, | |||
20100332456, | |||
20110093941, | |||
20110099382, | |||
20110099616, | |||
20110154212, | |||
20110209064, | |||
20110225640, | |||
20110231670, | |||
20120030318, | |||
20120096497, | |||
20120151220, | |||
20120166522, | |||
20130007208, | |||
20130283364, | |||
EP1939781, |
Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
Apr 23 2010 | Apple Inc. | (assignment on the face of the patent) | / |
Date | Maintenance Fee Events |
Date | Maintenance Schedule |
Apr 19 2019 | 4 years fee payment window open |
Oct 19 2019 | 6 months grace period start (w surcharge) |
Apr 19 2020 | patent expiry (for year 4) |
Apr 19 2022 | 2 years to revive unintentionally abandoned end. (for year 4) |
Apr 19 2023 | 8 years fee payment window open |
Oct 19 2023 | 6 months grace period start (w surcharge) |
Apr 19 2024 | patent expiry (for year 8) |
Apr 19 2026 | 2 years to revive unintentionally abandoned end. (for year 8) |
Apr 19 2027 | 12 years fee payment window open |
Oct 19 2027 | 6 months grace period start (w surcharge) |
Apr 19 2028 | patent expiry (for year 12) |
Apr 19 2030 | 2 years to revive unintentionally abandoned end. (for year 12) |