公开(公告)号：US09773102B2

公开(公告)日：2017-09-26

申请号：US13229367

申请日：2011-09-09

申请人： Scott Graham ,  Kavitha Radhakrishnan ,  Sermet Iskin ,  Katrina M. Blanch ,  Steven Ball ,  John Hazen ,  Tyler Kien Beam ,  Allen Kim ,  Guillermo Enrique Rueda Quintero

发明人： Scott Graham ,  Kavitha Radhakrishnan ,  Sermet Iskin ,  Katrina M. Blanch ,  Steven Ball ,  John Hazen ,  Tyler Kien Beam ,  Allen Kim ,  Guillermo Enrique Rueda Quintero

IPC分类号： G06F1/00 ,  G06F21/33 ,  G06F21/62

CPC分类号： G06F21/335 ,  G06F21/6218 ,  G06F2221/2141

摘要： Methods, systems, and computer program products are provided for enabling selective file system access by applications. An application is installed in a computing device. An application manifest associated with the application is received. The application manifest indicates one or more file types that the application is allowed to access. The indicated file type(s) are registered in a location accessible by a broker service. The application is launched as an application process. The application process is isolated in an application container. The application container prevents direct access by the application process to file system data. An access request related to first data of the file system data is received at the broker service from the application process. Access by the application process to the first data is enabled when the broker service determines that a file type of the first data is included in the registered file type(s).

公开(公告)号：US20130067600A1

公开(公告)日：2013-03-14

申请号：US13229367

申请日：2011-09-09

申请人： Scott Graham ,  Kavitha Radhakrishnan ,  Sermet Iskin ,  Katrina M. Blanch ,  Steven Ball ,  John Hazen ,  Tyler Kien Beam ,  Allen Kim ,  Guillermo Enrique Rueda Quintero

发明人： Scott Graham ,  Kavitha Radhakrishnan ,  Sermet Iskin ,  Katrina M. Blanch ,  Steven Ball ,  John Hazen ,  Tyler Kien Beam ,  Allen Kim ,  Guillermo Enrique Rueda Quintero

IPC分类号： G06F21/00

CPC分类号： G06F21/335 ,  G06F21/6218 ,  G06F2221/2141

摘要： Methods, systems, and computer program products are provided for enabling selective file system access by applications. An application is installed in a computing device. An application manifest associated with the application is received. The application manifest indicates one or more file types that the application is allowed to access. The indicated file type(s) are registered in a location accessible by a broker service. The application is launched as an application process. The application process is isolated in an application container. The application container prevents direct access by the application process to file system data. An access request related to first data of the file system data is received at the broker service from the application process. Access by the application process to the first data is enabled when the broker service determines that a file type of the first data is included in the registered file type(s).

摘要翻译： 提供了方法，系统和计算机程序产品，以实现应用程序的选择性文件系统访问。 应用程序安装在计算设备中。 收到与应用程序关联的应用程序清单。 应用程序清单指示应用程序允许访问的一个或多个文件类型。 指定的文件类型被注册在可由代理服务访问的位置。 该应用程序作为应用程序进程启动。 应用程序进程在应用程序容器中被隔离。 应用程序容器阻止应用程序进程直接访问文件系统数据。 从应用程序进程在代理服务处接收与文件系统数据的第一数据有关的访问请求。 当代理服务确定第一数据的文件类型被包括在注册的文件类型中时，由应用进程访问第一数据被启用。