Patent application number | Description | Published |
20090112870 | MANAGEMENT OF DISTRIBUTED STORAGE - Systems and methods of distributed storage are disclosed herein. A request to store data in a client computer is received. A request is sent from the client computer to a storage service to create a core object such that the core object can be created with a member entry to a member feed in the core object. The member feed can be indicative of one or more entities that are permitted to access to the core object. A message is received at the client computer with the core object. A replica of the core object on the client computer is created. The client computer can add the data as a data entry to a data feed in the core object. An updating message is sent to the storage service. The message can include a copy of the replica of the core object including the data entry. | 04-30-2009 |
20090248695 | ONLINE AND OFFLINE APPLICATIONS - Systems and methods for implementing online and offline applications are described. Such systems and methods may in some cases provide the same programming interface, regardless of whether the application is online or offline. Such systems and methods may also or instead in some cases provide additional or other possible capabilities, including installation without elevated privileges, simplified data synchronization, sharing of applications and application data, access to data from other applications, and richer client functionality than may be provided by an application such as a web browser. | 10-01-2009 |
20100093310 | DEVICE AUTHENTICATION WITHIN DEPLOYABLE COMPUTING ENVIRONMENT - A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g., user identification ticket). | 04-15-2010 |
20100274910 | HOSTED APPLICATION SANDBOX MODEL - An application host (such as a web application server) may execute a set of applications on behalf of a set of users. Such applications may not be fully trusted, and a two-way isolation of the distributed resources of an application (e.g., the executing application, the application user interface on the user's computer, and server- and client-side stored resources) from other applications may be desirable. This isolation may be promoted utilizing the cross-domain restriction policies of each user's computer by allocating a distinct subdomain of the application host for each application. The routing of network requests to a large number of distinct subdomains may be economized by mapping all distinct subdomains to the address of the domain of the application host. Moreover, the application user interfaces may be embedded in an isolation construct (e.g., an IFRAME HTML element) to promote two-way isolation among application user interfaces and client-side application resources. | 10-28-2010 |
20100306000 | UNIFIED MODEL FOR AUTHORING AND EXECUTING FLOW-BASED AND CONSTRAINT-BASED WORKFLOWS - Designing and executing a workflow having flow-based and constraint-based regions. A user selects one or more activities to be part of a constraint-based region. Each constraint-based region has a constraint associated therewith. The workflow is executed by executing the flow-based region and the constraint-based region. The flow-based region executes sequentially. The constraint is evaluated, and the constraint-based region executes responsive to the evaluated constraint. | 12-02-2010 |
20120078677 | UNIFIED MODEL FOR AUTHORING AND EXECUTING FLOW-BASED AND CONSTRAINT-BASED WORKFLOWS - Designing and executing a workflow having flow-based and constraint-based regions. A user selects one or more activities to be part of a constraint-based region. Each constraint-based region has a constraint associated therewith. The workflow is executed by executing the flow-based region and the constraint-based region. The flow-based region executes sequentially. The constraint is evaluated, and the constraint-based region executes responsive to the evaluated constraint. | 03-29-2012 |
20130212652 | DEVICE AUTHENTICATION WITHIN DEPLOYABLE COMPUTING ENVIRONMENT - A deployable computing environment may facilitate interaction and data sharing between users and devices. Users, devices, and relationships between the users and devices may be represented within the deployable computing environment. A relationship between a user and a device may specify that the device is owned by the user and that the device is authorized to perform operations within the deployable computing environment on behalf of the user. Secure authentication of devices and users for interaction within the deployable computing environment is achieved by authenticating tickets corresponding to the user, the device, and the relationship. A device identification ticket and a user identification ticket are used to authenticate the device and user for interaction within the deployable computing environment. A device claim ticket allows the device to perform delegated operations (e.g., data synchronization, peer connectivity, etc.) on behalf of the user without the user's credentials (e.g., user identification ticket). | 08-15-2013 |
20160080358 | HOSTED APPLICATION SANDBOX MODEL - An application host (such as a web application server) may execute a set of applications on behalf of a set of users. Such applications may not be fully trusted, and a two-way isolation of the distributed resources of an application (e.g., the executing application, the application user interface on the user's computer, and server- and client-side stored resources) from other applications may be desirable. This isolation may be promoted utilizing the cross-domain restriction policies of each user's computer by allocating a distinct subdomain of the application host for each application. The routing of network requests to a large number of distinct subdomains may be economized by mapping all distinct subdomains to the address of the domain of the application host. Moreover, the application user interfaces may be embedded in an isolation construct (e.g., an IFRAME HTML element) to promote two-way isolation among application user interfaces and client-side application resources. | 03-17-2016 |