Abstract: A storage manager represents XML-compliant documents as a collection of objects in memory, allowing the storage manager to manipulate the document, or parts of the document, with a consistent interface and to provide for features that are not available in conventional XML documents, such as element attributes with types other than text and documents that contain binary rather than text information. The XML-compliant document may be associated with a schema document which defines the arrangement of the document elements and attributes. The schema data associated with a document can contain a mapping between document elements and program code to be associated with each element. The storage manager further has methods for retrieving the code from the element tag. The retrieved code can then be invoked using attributes and content from the associated element and the element then acts like a conventional object.

Abstract: A component manager receives requests for component updates from a variety of sources, parses the requests and extracts URL information that identifies the location of a file containing the component resources. The component manager presents the URL to a download manager that asynchronously retrieves the component resources from the specified location and places the file in a staging area. Once the component resources have been downloaded, an install manager, also operating asynchronously from the component manager and the download manager, installs the component update.

Abstract: A storage manager represents XML-compliant documents as a collection of objects, each associated with an element of the XML document. The objects are created with a hierarchy that conforms to the hierarchy of elements in the XML document. Access to the document is then through methods of the objects exposed to application programs through a programming interface. The methods provide a consistent interface to documents regardless of how the data associated with the documents is stored in memory. Consequently, the underlying content of XML documents can be stored using a distributed virtual object system that provides a mechanism for multiple processes to access each object. As an example of the benefits of such a storage manager, the storage manager may be used to maintain a telespace, such as may store information shared by multiple users participating in a collaboration session.

Abstract: Proper user-to-data associations are maintained in shared spaces created in a peer-to-peer collaborative system by means of a simplified and minimal user interface that permits users to easily authenticate other members of a shared space. In particular, support is provided for automatically building authenticated relationships even if users do not take the time to authenticate other users. When a user enters a shared space and views the contacts in that space, the display names of each contact are accompanied by distinctive icons that identify that authentication status of that contact. A mechanism is provided for resolving conflicts between contacts with the same display names to prevent confusion and contact “spoofing.” Security policies can be established to provide a uniform approach to authentication. These policies can be set by a user or, alternatively, the policies can be set by an administrator.

Abstract: Users and devices in a peer-to-peer collaboration system can join a management domain in which members are administered as a group by a centralized management server operated by an enterprise. In response to a administrator request to join the management domain, the user downloads an injectible identity file containing a definition of the managed user/device into the user system. The user then joins the managed domain by associating the injected identity with their actual identity. Once a user or device is part of a management domain, that user or device receives license rights and policy restrictions that are associated with the domain. In return, the management server interacts with the individual peer-to-peer collaboration systems to enable the enterprise to monitor the usage of, and control the behavior of, that specific identity within the peer-to-peer collaboration system.

Abstract: A conventional operating system folder or directory based file system is implemented with, or enhanced to provide, attributes of shared collaborative workspaces. In particular, the conventional file system is connected to either a server based or a distributed collaboration system and the user interface of the operating system file system is augmented to allow it to control aspects of the collaboration system. Each folder or directory can be synchronized and treated as a “workspace” that can be viewed and shared with other users or groups of users. Folder can also be provided with “awareness” information that indicates collaborators that are present and those that are sharing the workspace.

Abstract: A connection between a secure shared space and an external system is created with a connector tool. The connector tool code is included in an independent agent called a “bot” that is created by a software developer. Bots run in the background in an automated and unattended manner in a specialized enterprise integration server. Each bot has a unique identity and runs under an account assigned to the enterprise integration server. A bot can be invited to a shared space much as another collaborator. Bots can also invite others to shared spaces. All bots running in the enterprise integration server are administered by a centralized administrative control. This allows account and identity policies to be established and global behaviors, including authentication settings, startup options and scope to be determined centrally. The centralized control allows simple installation, configuration and deployment and administrative control of bot operation and access.

Abstract: Different levels of security are provided in a security system so that users can decide the security level of their own communications. Users can choose a low level of security and maintain the security overhead as low as possible. Alternatively, they can choose higher levels of security with attendant increases in security overhead. The different levels of security are created by the use of one or more of two keys: an encryption key is used to encrypt plaintext data in a delta and a message authentication key is used to authenticate and insure integrity of the data. Two keys are used to avoid re-encrypting the encrypted data for each member of the telespace. In one embodiment, the security level is determined when a telespace is created and remains fixed through out the life of the telespace. For a telespace, the security level may range from no security at all to security between the members of the telespace and outsiders to security between pairs of members of the telespace.

Abstract: Different levels of security are provided in a security system so that users can decide the security level of their own communications. Users can choose a low level of security and maintain the security overhead as low as possible. Alternatively, they can choose higher levels of security with attendant increases in security overhead. The different levels of security are created by the use of one or more of two keys: an encryption key is used to encrypt plaintext data in a delta and a message authentication key is used to authenticate and insure integrity of the data. Two keys are used to avoid re-encrypting the encrypted data for each member of the telespace. In one embodiment, the security level is determined when a telespace is created and remains fixed through out the life of the telespace. For a telespace, the security level may range from no security at all to security between the members of the telespace and outsiders to security between pairs of members of the telespace.

Abstract: Different levels of security are provided in a security system so that users can decide the security level of their own communications. Users can choose a low level of security and maintain the security overhead as low as possible. Alternatively, they can choose higher levels of security with attendant increases in security overhead. The different levels of security are created by the use of one or more of two keys: an encryption key is used to encrypt plaintext data in a delta and a message authentication key is used to authenticate and insure integrity of the data. Two keys are used to avoid re-encrypting the encrypted data for each member of the telespace. In one embodiment, the security level is determined when a telespace is created and remains fixed through out the life of the telespace. For a telespace, the security level may range from no security at all to security between the members of the telespace and outsiders to security between pairs of members of the telespace.

Abstract: An in-memory storage manager represents XML-compliant documents as a collection of objects in memory. The storage manager allows real-time access to the objects by separate processes operating in different contexts. The data in the objects is stored in memory local to each process and the local memories are synchronized by means of a distributed memory system that stores the data in the same data region, but maps the data region to the address space of each process. Data corruption in the data region is prevented by a locking mechanism that prevents the processes from simultaneously modifying same data.

Abstract: An in-memory storage manager represents XML-compliant documents as a collection of objects in memory. The collection of objects allows the storage manager to manipulate the document, or parts of the document with a consistent interface and to provide for features that are not available in conventional XML documents, such as element attributes with types other than text and documents that contain binary rather than text information. In addition, in the storage manager, the XML-compliant document is associated with a schema document which defines the arrangement of the document elements and attributes. The schema data associated with a document can contain a mapping between document elements and program code to be associated with each element. The storage manager further has methods for retrieving the code from the element tag. The retrieved code can then be invoked using attributes and content from the associated element and the element then acts like a conventional object.

Abstract: An in-memory storage manager represents XML-compliant documents as a collection of objects in memory. The collection of objects allows the storage manager to manipulate the document, or parts of the document with a consistent interface and to provide for features that are not available in conventional XML documents, such as element attributes with types other than text and documents that contain binary rather than text information. In addition, in the storage manager, the XML-compliant document is associated with a schema document which defines the arrangement of the document elements and attributes. The schema data associated with a document can contain a mapping between document elements and program code to be associated with each element. The storage manager further has methods for retrieving the code from the element tag. The retrieved code can then be invoked using attributes and content from the associated element and the element then acts like a conventional object.

Abstract: A distributed, activity-based collaboration system employs a data change request priority scheme for determining an order of execution of data change requests in effecting changes to local copies of data so as to optimize data consistency for collaborative activities. The data change request priority scheme can entail encoding sequence number information and dependency information in the data change requests, responsive to which data changes can be made, unmade and remade to the data.

Abstract: A distributed, activity-based collaboration system can employ a data change request priority scheme for determining an order of execution of data change requests in effecting changes to local copies of data so as to optimize data consistency for collaborative activities. The data change request priority scheme can entail encoding sequence number information and dependency information in the data change requests, responsive to which data changes can be made, unmade and remade to the data.

Abstract: In a peer-to-peer collaboration system, deltas containing data change commands are organized in a persistent data structure called a delta log. The delta log is organized into blocks, which are the largest division in the delta log. In turn, blocks contain groups, groups contain chains and chains contain deltas. Delta blocks are used to implement priority deltas that are used to limit the collection of data change commands that must be transferred. Within a block the deltas are organized by groups, each of which is a set of deltas organized into chains. The delta group in used to determine which deltas to purge. The chains are ordered by increasing creator ID of the endpoint that created the chain. Organizing the delta log in this fashion allows the log to be “walked” to detect convergence problems. To achieve causality-preservation, each delta has a list of dependencies representing other deltas that must be executed before the current delta can be executed.

Abstract: In a peer-to-peer collaborative system in which collaborators communicate via a shared telespace and exchange data change requests, a unique number is assigned to each endpoint (a unique pairing of a device and a person) of each of the telespace members. Each endpoint number indicates the order in which the member joined the telespace, and, for each member invited to join (or otherwise sponsored) by another telespace member (the “inviting member”), it also indicates the inviting member. As more and more members are invited to join by those new members, the designations add additional orders of digits to indicate the family tree or chain of inviting members. The designations are used to resolve collisions between two data change requests that are both dependent on the same data change request.

Abstract: Users and devices in a peer-to-peer collaboration system can join a management domain in which members are administered as a group by a centralized management server operated by an enterprise. In response to a administrator request to join the management domain, the user downloads an injectible identity file containing a definition of the managed user/device into the user system. The user then joins the managed domain by associating the injected identity with their actual identity. Once a user or device is part of a management domain, that user or device receives license rights and policy restrictions that are associated with the domain. In return, the management server interacts with the individual peer-to-peer collaboration systems to enable the enterprise to monitor the usage of, and control the behavior of, that specific identity within the peer-to-peer collaboration system.

Abstract: A connection between a secure shared space and an external system is created with a connector tool. The connector tool code is included in an independent agent called a “bot” that is created by a software developer. Bots run in the background in an automated and unattended manner in a specialized enterprise integration server. Each bot has a unique identity and runs under an account assigned to the enterprise integration server. A bot can be invited to a shared space much as another collaborator. Bots can also invite others to shared spaces. All bots running in the enterprise integration server are administered by a centralized administrative control. This allows account and identity policies to be established and global behaviors, including authentication settings, startup options and scope to be determined centrally. The centralized control allows simple installation, configuration and deployment and administrative control of bot operation and access.

Abstract: A communications manager provides communication services for an activity-based collaboration system, in which data change requests comprising deltas are communicated over a network between network-capable devices. The communications manager is operable on a local network capable device for sending locally-generated deltas over the network to at least one remote network-capable device and for receiving remotely-generated deltas over the network from the at least one remote network-capable device. The communications manager can send the deltas via unicasting, multicasting, or broadcasting techniques. The communications manager is responsive to network connection status information indicating that the remote network-capable device is connected to the network for sending the local deltas directly to an address for the remote network-capable device. A presence mechanism maintains and distributes, on request, the network connection status information, which it acquires from each of the network-capable devices.