公开(公告)号：US20230306133A1

公开(公告)日：2023-09-28

申请号：US18129734

申请日：2023-03-31

Applicant: Box, Inc.

Inventor： Rohit BAKSHI ,  Yi ZHAO ,  Kanav GANDHI ,  Areg ALIMIAN ,  Will CARLSON ,  Virender GUPTA ,  Sanjiv PANDEY ,  Kechen HUANG

IPC: G06F21/62 ,  G06F21/64

CPC classification number: G06F21/6245 ,  G06F21/645

Abstract: Methods, systems, and computer program products for content management systems. Multiple components are operatively interconnected to carry out operations for establishing a user device trust level. A content management system facilitates interactions between a plurality of user devices and a plurality of shared content objects. The plurality of user devices are network connected to the content management system. One of the user devices issues a request to access a particular one of the content objects. Responsive to the request, a two-step device check is performed before granting access to the particular one of the content objects. A first step of the two-step device check process is based on environmental information, and a second step of the two-step device check process is based at least in part on analysis of the content of the particular one of the content objects. The actual bits of the content object itself are inspected.

公开(公告)号：US20240114056A1

公开(公告)日：2024-04-04

申请号：US18346137

申请日：2023-06-30

Applicant: Box, Inc.

Inventor： Areg ALIMIAN ,  Ryan Matthew Knotts ,  Kanav GANDHI

IPC: H04L9/40

CPC classification number: H04L63/20 ,  H04L63/1425

Abstract: Methods, systems, and computer program products for content management systems. Multiple components are operatively interconnected to carry out operations for content management systems. Content objects of a content management system (CMS) are managed from original creation through to final disposition (e.g., deletion). The CMS communicates with a security threat management facility (STMF). In operation, the STMF establishes a first set of security parameters corresponding to information derived from packet inspection, whereas the CMS establishes a second set of security parameters corresponding to information derived at least in part by analysis of user activities or contents of the content object. A security perimeter is formed by combining the first set of security parameters and a second set of security parameters. Risks or vulnerabilities corresponding to the content object are minimized by choosing the lower of any two compared parameters to define a lower risk perimeter for the content object.

公开(公告)号：US20240111877A1

公开(公告)日：2024-04-04

申请号：US18346156

申请日：2023-06-30

Applicant: Box, Inc.

Inventor： Areg ALIMIAN ,  Ryan Matthew Knotts ,  Kanav GANDHI

IPC: G06F21/57

CPC classification number: G06F21/577 ,  G06F2221/034

Abstract: Methods, systems, and computer program products for content management systems. Multiple components are operatively interconnected to carry out operations for content management systems. A security threat management facility (STMF) is identified. The STMF contains a database of threat assessment values in addition to further information pertaining to one or more users. Concurrent with operation of the STMF, a content management system (CMS) tracks user-initiated content object interaction events. Based on analysis of the tracked user-initiated content object interaction events, a further threat assessment value is generated by the CMS. Such a further threat assessment is determined based on one or more user-to-user relationships or one or more user-to-file relationships as determined at the content management system. An augmented threat assessment is formed using both the threat assessment values of the STMF with the further threat assessment value from the CMS. The augmented threat assessment is then provided to the STMF.