Abstract: A system is provided for facilitating access to data stored in a cloud-based storage service. Data associated with a user account is stored at the cloud-based storage service. A portion of the data is associated with a heightened authentication protocol. A request for an application to receive data that is associated with the heightened authentication protocol is received at the cloud-based storage service. In response to the request, the request is authenticated based on the heightened authentication protocol. In response to authenticating the request, permission is granted for the application to receive the data that is associated with the heightened authentication protocol. In response to a locking of the data that is associated with the heightened authentication protocol, an indication that the data is unavailable is sent to the application.

Abstract: A system is provided for controlling access to data stored in a cloud-based storage service. A first request is received to access data stored at the cloud-based storage service, the data associated with a user account. The first request is authenticated based on a username and password associated with the user account. A second request is received for a file that is stored in an area associated with a heightened authentication protocol. The heightened authentication protocol is performed to authenticate the second request. In response to authenticating the second request, permission is granted to a temporary strong authentication state. The permission is to access the file that is stored in the area associated with the heightened authentication protocol.

Abstract: A system is provided for controlling access to data stored in a cloud-based storage service. A first request is received to access data stored at the cloud-based storage service, the data associated with a user account. The first request is authenticated based on a username and password associated with the user account. A second request is received for a file that is stored in an area associated with a heightened authentication protocol. The heightened authentication protocol is performed to authenticate the second request. In response to authenticating the second request, permission is granted to a temporary strong authentication state. The permission is to access the file that is stored in the area associated with the heightened authentication protocol.

Abstract: Systems and methods for synchronizing data between an online data source and a client application. The method includes, in response to a change in a permission associated with a user to a protected data set included in a shared data space of the online data source, receiving, with the client application associated with the user, a protected data synchronization token issued by the online data source associated with the protected data set and downloading, with the client application, the protected data set included in the shared data space from the online data source to the client application using the protected data synchronization token without re-downloading a public data set included in the shared data space. After downloading the protected data set, the method includes synchronizing the shared data space, including the protected data set and the public data set, using a stored data space synchronization token.

Abstract: Systems and methods for synchronizing data between an online data source and a client application. The method includes, in response to a change in a permission associated with a user to a protected data set included in a shared data space of the online data source, receiving, with the client application associated with the user, a protected data synchronization token issued by the online data source associated with the protected data set and downloading, with the client application, the protected data set included in the shared data space from the online data source to the client application using the protected data synchronization token without re-downloading a public data set included in the shared data space. After downloading the protected data set, the method includes synchronizing the shared data space, including the protected data set and the public data set, using a stored data space synchronization token.

Abstract: A system is provided for facilitating access to data stored in a cloud-based storage service. Data associated with a user account is stored at the cloud-based storage service. A portion of the data is associated with a heightened authentication protocol. A request for an application to receive data that is associated with the heightened authentication protocol is received at the cloud-based storage service. In response to the request, the request is authenticated based on the heightened authentication protocol. In response to authenticating the request, permission is granted for the application to receive the data that is associated with the heightened authentication protocol. In response to a locking of the data that is associated with the heightened authentication protocol, an indication that the data is unavailable is sent to the application.

Abstract: A system is provided for controlling access to data stored in a cloud-based storage service. A first request is received to access data stored at the cloud-based storage service, the data associated with a user account. The first request is authenticated based on a username and password associated with the user account. A second request is received for a file that is stored in an area associated with a heightened authentication protocol. The heightened authentication protocol is performed to authenticate the second request. In response to authenticating the second request, permission is granted to a temporary strong authentication state. The permission is to access the file that is stored in the area associated with the heightened authentication protocol.

Abstract: The invention relates to a policy translator for a telecommunication network. The system includes an interface between the policy translator and a policy repository storing existing policies for one or more telecommunication networks, an interface between the policy translator and one or more gateways over which interface the policy translator can receive from a gateway a request for a policy check (naming a source and destination network, the user and the service requested) and over which interface the policy translator can send a response after evaluating the request (“Permit”, “Permit, but Modify” or “Deny”), an interface between the policy translator and a subscriber database of a telecommunication network, an interface between the policy translator and a charging element for exchanging charging related information.