公开(公告)号：US20140068588A1

公开(公告)日：2014-03-06

申请号：US13776467

申请日：2013-02-25

Applicant: BOX, INC.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: G06F9/445

CPC classification number: G06F8/65 ,  G06F8/656

Abstract: Systems and methods which forces or automatically upgrades a mobile application installed on a mobile device for security, stability or any other concerns via a server-side configuration file are disclosed. In one embodiment, a configuration file including a list of build identifiers that have been banned or flagged is placed on a server, which can be a server providing cloud-based collaboration or file sharing services, for access by associated mobile applications and/or devices. A mobile application installed on a mobile device can download the configuration file and determine whether a build identifier of the mobile application is listed on the configuration file. If so, the mobile application can shut down, prompt or force an upgrade, or restrict operation of the mobile application in other ways.

Abstract translation: 公开了通过服务器端配置文件强制或自动升级安装在移动设备上的移动应用以实现安全性，稳定性或任何其它关注的系统和方法。 在一个实施例中，包括已被禁止或标记的构建标识符的列表的配置文件被放置在服务器上，服务器可以是提供基于云的协作或文件共享服务的服务器，用于由相关联的移动应用和/或设备 。 安装在移动设备上的移动应用可以下载配置文件，并确定配置文件中是否列出了移动应用的构建标识符。 如果是这样，移动应用程序可以以其他方式关闭，提示或强制升级或限制移动应用程序的操作。

公开(公告)号：US09311071B2

公开(公告)日：2016-04-12

申请号：US13776467

申请日：2013-02-25

Applicant: Box, Inc.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: G06F9/445

CPC classification number: G06F8/65 ,  G06F8/656

Abstract: Systems and methods which forces or automatically upgrades a mobile application installed on a mobile device for security, stability or any other concerns via a server-side configuration file are disclosed. In one embodiment, a configuration file including a list of build identifiers that have been banned or flagged is placed on a server, which can be a server providing cloud-based collaboration or file sharing services, for access by associated mobile applications and/or devices. A mobile application installed on a mobile device can download the configuration file and determine whether a build identifier of the mobile application is listed on the configuration file. If so, the mobile application can shut down, prompt or force an upgrade, or restrict operation of the mobile application in other ways.

Abstract translation: 公开了通过服务器端配置文件强制或自动升级安装在移动设备上的移动应用以实现安全性，稳定性或任何其它关注的系统和方法。 在一个实施例中，包括已被禁止或标记的构建标识符的列表的配置文件被放置在服务器上，服务器可以是提供基于云的协作或文件共享服务的服务器，用于由相关联的移动应用和/或设备 。 安装在移动设备上的移动应用可以下载配置文件，并确定配置文件中是否列出了移动应用的构建标识符。 如果是这样，移动应用程序可以以其他方式关闭，提示或强制升级或限制移动应用程序的操作。

公开(公告)号：US09117087B2

公开(公告)日：2015-08-25

申请号：US13776535

申请日：2013-02-25

Applicant: Box, Inc.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: G06F21/00 ,  G06F21/60 ,  G06F9/54 ,  H04L9/00 ,  G06F17/24

CPC classification number: G06F21/606 ,  G06F9/544 ,  G06F17/24 ,  G06F21/6218 ,  H04L9/00 ,  H04L63/104 ,  H04L67/1002 ,  H04L67/16

Abstract: System and method for creating a secure channel for inter-application communication based on the messaging system called Intents in the Android OS are disclosed. In one embodiment, an application for accessing a cloud-based storage platform triggers the broadcast of a custom Intent to all applications on a mobile device to detect an authorized application that is capable of interacting with the application. Once an authorized application is chosen, the application opens a secure channel for communication with the authorized application and passes encrypted data stream to the to the secure channel for access by the authorized application.

Abstract translation: 公开了基于Android OS中称为Intents的消息系统来创建用于应用间通信的安全通道的系统和方法。 在一个实施例中，用于访问基于云的存储平台的应用触发对移动设备上的所有应用的定制意图的广播，以检测能够与应用交互的授权应用。 一旦选择了授权的应用程序，应用程序打开一个用于与授权应用程序进行通信的安全通道，并将加密的数据流传递到安全通道以供授权的应用程序访问。

公开(公告)号：US20140068632A1

公开(公告)日：2014-03-06

申请号：US13794401

申请日：2013-03-11

Applicant: BOX, INC.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: G06F9/54

CPC classification number: G06F9/54 ,  G06F9/542

Abstract: Systems and methods for disabling the self-referential appearance of a mobile application in an Intent via a background thread are disclosed. On the Android platform, an application such as a mobile application for providing access to a cloud environment or cloud based service including cloud-based storage and/or collaborative services, can serve as both a source and a target for a given Intent. In one implementation, such a mobile application that can receive and send the same Intent, can include a background service that detects when the Intent is about to be issued, and unregisters the application to prevent the application from receiving the Intent. When a target application for handling the Intent is identified, the background service re-registers the application to receive the Intent.

Abstract translation: 公开了通过背景线程禁止在Intent中的移动应用的自引用外观的系统和方法。 在Android平台上，诸如用于提供对云环境或基于云的存储和/或协作服务的基于云的服务的移动应用的应用可以作为给定Intent的源和目标。 在一个实现中，可以接收和发送相同Intent的这样的移动应用可以包括检测Intent即将发布的后台服务，并且注销应用以防止应用接收到Intent。 当识别到用于处理Intent的目标应用程序时，后台服务重新注册应用程序以接收Intent。

公开(公告)号：US09195519B2

公开(公告)日：2015-11-24

申请号：US13794401

申请日：2013-03-11

Applicant: Box, Inc.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: G06F13/00 ,  G06F9/54

CPC classification number: G06F9/54 ,  G06F9/542

Abstract: Systems and methods for disabling the self-referential appearance of a mobile application in an Intent via a background thread are disclosed. On the Android platform, an application such as a mobile application for providing access to a cloud environment or cloud based service including cloud-based storage and/or collaborative services, can serve as both a source and a target for a given Intent. In one implementation, such a mobile application that can receive and send the same Intent, can include a background service that detects when the Intent is about to be issued, and unregisters the application to prevent the application from receiving the Intent. When a target application for handling the Intent is identified, the background service re-registers the application to receive the Intent.

Abstract translation: 公开了通过背景线程禁止在Intent中的移动应用的自引用外观的系统和方法。 在Android平台上，诸如用于提供对云环境或基于云的存储和/或协作服务的基于云的服务的移动应用的应用可以作为给定Intent的源和目标。 在一个实现中，可以接收和发送相同Intent的这样的移动应用可以包括检测Intent即将发布的后台服务，并且注销应用以防止应用接收到Intent。 当识别到用于处理Intent的目标应用程序时，后台服务重新注册应用程序以接收Intent。

公开(公告)号：US20140068779A1

公开(公告)日：2014-03-06

申请号：US13776535

申请日：2013-02-25

Applicant: BOX, INC.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: G06F21/60

CPC classification number: G06F21/606 ,  G06F9/544 ,  G06F17/24 ,  G06F21/6218 ,  H04L9/00 ,  H04L63/104 ,  H04L67/1002 ,  H04L67/16

Abstract: System and method for creating a secure channel for inter-application communication based on the messaging system called Intents in the Android OS are disclosed. In one embodiment, an application for accessing a cloud-based storage platform triggers the broadcast of a custom Intent to all applications on a mobile device to detect an authorized application that is capable of interacting with the application. Once an authorized application is chosen, the application opens a secure channel for communication with the authorized application and passes encrypted data stream to the to the secure channel for access by the authorized application.

Abstract translation: 公开了基于Android OS中称为Intents的消息系统来创建用于应用间通信的安全通道的系统和方法。 在一个实施例中，用于访问基于云的存储平台的应用触发对移动设备上的所有应用的定制意图的广播，以检测能够与应用交互的授权应用。 一旦选择了授权的应用程序，应用程序打开一个用于与授权应用程序进行通信的安全通道，并将加密的数据流传递到安全通道以供授权应用程序访问。

公开(公告)号：US20130332723A1

公开(公告)日：2013-12-12

申请号：US13776358

申请日：2013-02-25

Applicant: BOX, INC.

Inventor： Simon Tan ,  David Maynard ,  Rico Yao ,  Don Cung

IPC: H04L29/06 ,  G06F21/31

CPC classification number: H04L63/0428 ,  G06F17/30165 ,  G06F21/31 ,  G06F21/335 ,  G06F21/53 ,  G06F21/606 ,  G06F2221/2107 ,  H04L63/04 ,  H04L63/0807 ,  H04L63/102

Abstract: Systems and methods for secure file portability between mobile applications in a cloud-based environment or cloud-based collaboration and file sharing environment. In one embodiment, a server-based key generation service generates an encryption key that is unique to each file transfer transaction between mobile applications accessed via a mobile device. Data packages leaving a mobile application are then encrypted using the encryption key to provide secure file portability between mobile applications. In another embodiment, a background service triggered by a mobile application detects when a user is logged out of the mobile application and revalidates the user session with the mobile application to maintain portability of files between mobile applications. The background service presents a minimal user interface to get the user's credentials for the mobile application, without the user having to switch to the mobile application, and obtains an authentication token from a remote server using the user's credentials.

Abstract translation: 基于云环境的移动应用程序或基于云的协作和文件共享环境之间的安全文件可移植性的系统和方法。 在一个实施例中，基于服务器的密钥生成服务生成对经由移动设备访问的移动应用之间的每个文件传输交易是唯一的加密密钥。 然后使用加密密钥对离开移动应用程序的数据包进行加密，以提供移动应用程序之间的安全文件可移植性。 在另一个实施例中，由移动应用程序触发的后台服务检测用户何时退出移动应用程序，并重新验证与移动应用程序的用户会话，以维护移动应用程序之间文件的可移植性。 后台服务提供了最小的用户界面来获取移动应用程序的用户凭据，而无需用户切换到移动应用程序，并使用用户凭据从远程服务器获取身份验证令牌。