Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors are configured for integrating data utilizing a common model comprising a content management interoperability services data model, common property definitions, and a common security model particularly defined for use by the set of integration services. Responsive to a user query to search disparate information systems or a subset thereof, an application may communicate metadata of interest contained in the user query to a search engine which locates, via a unified index, requested data from the disparate information systems or a subset thereof. The search engine returns search results referencing the requested data to the application which interprets the search results and displays a visualization thereof on a client device.

Abstract: An interface server (e.g., Web Application Open Platform Interface (WOPI) server) is communicatively connected to an information management (IM) server and to an online application server which acts as a client of the interface server. When a user wishes to open, create, or edit a document in an online application hosted by the online application server, the interface server is called, instead of the IM server which manages the document at the backend of an enterprise computing network. The interface server is configured for obtaining a working copy of the document from the IM server and providing the working copy to the client. The client provides the working copy to the online application for display on the user device. When the work is done, the working copy is sync'd back through the interface server to the IM server as a new draft and deleted by the interface server.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors may be configured for integrating data stored in the disparate information systems utilizing a common model employed by the set of integration services. The common model may overlay, augment, integrate, or otherwise utilize a content management interoperability services data model and may include common property definitions and a common security model. The common security model may include permissions particularly defined for use by the set of integration services. These common property definitions and permissions may be uniquely defined and utilized by the information integration system.

Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors are configured for integrating data utilizing a common model comprising a content management interoperability services data model, common property definitions, and a common security model particularly defined for use by the set of integration services. Responsive to a user query to search disparate information systems or a subset thereof, an application may communicate metadata of interest contained in the user query to a search engine which locates, via a unified index, requested data from the disparate information systems or a subset thereof. The search engine returns search results referencing the requested data to the application which interprets the search results and displays a visualization thereof on a client device.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors may be configured for integrating data stored in the disparate information systems utilizing a common model employed by the set of integration services. The common model may overlay, augment, integrate, or otherwise utilize a content management interoperability services data model and may include common property definitions and a common security model. The common security model may include permissions particularly defined for use by the set of integration services. These common property definitions and permissions may be uniquely defined and utilized by the information integration system.

Abstract: An interface server (e.g., Web Application Open Platform Interface (WOPI) server) is communicatively connected to an information management (IM) server and to an online application server which acts as a client of the interface server. When a user wishes to open, create, or edit a document in an online application hosted by the online application server, the interface server is called, instead of the IM server which manages the document at the backend of an enterprise computing network. The interface server is configured for obtaining a working copy of the document from the IM server and providing the working copy to the client. The client provides the working copy to the online application for display on the user device. When the work is done, the working copy is sync'd back through the interface server to the IM server as a new draft and deleted by the interface server.

Abstract: An method for authorizing services comprises receiving an access control model comprising policy definitions for access by services and users to protected resources, storing the access control model in a database; accessing, by the authorization service, the access control model and determining, based on the access control model, whether to grant a requesting service access to the protected resource or to grant access to the protected resource based on a user associated with the protected resource. The method further includes modifying the access control model to allow access by the requesting service to the protected resource including modifying the policy definitions.

Abstract: A server computer comprises a memory configured with references to protected resources hosted by a resource server, authorization policies related to the protected resources, and assignments of users and services to the authorization policies, the authorization policies comprising client authorization policies for authorizing access by services and user authorization policies for authorizing access by users. A request authorization service is configured to receive a request from an application for authorization to access a protected resource hosted by the resource server. Based on a determination that the request is to access the protected resource on behalf of a service, the request authorization uses the client authorization policies, and based on a determination that the request is to access the protected resource on behalf of a user, the request authorization service uses the user authorization policies to determine whether to authorize the request.

Abstract: An in-place information management system having a management application built on a common data model and configured for asynchronous query-based application of policies on content stored in the disparate data storage systems through a query interface which may be part of a set of integration services. The common data model may be configured based on common architectures of the disparate data storage systems. The query interface may be configured for running a query on a data storage system in response to a search request received by the management application from a records manager and for mapping semantically equivalent keys from disparate data storage systems to a key in the common data model. The query may define a set of records to be treated similarly according to corporate policy on content lifecycle and records compliance.

Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.

Abstract: An interface server (e.g., Web Application Open Platform Interface (WOPI) server) is communicatively connected to an information management (IM) server and to an online application server which acts as a client of the interface server. When a user wishes to open, create, or edit a document in an online application hosted by the online application server, the interface server is called, instead of the IM server which manages the document at the backend of an enterprise computing network. The interface server is configured for obtaining a working copy of the document from the IM server and providing the working copy to the client. The client provides the working copy to the online application for display on the user device. When the work is done, the working copy is sync'd back through the interface server to the IM server as a new draft and deleted by the interface server.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors may be configured for integrating data stored in the disparate information systems utilizing a common model employed by the set of integration services. The common model may overlay, augment, integrate, or otherwise utilize a content management interoperability services data model and may include common property definitions and a common security model. The common security model may include permissions particularly defined for use by the set of integration services. These common property definitions and permissions may be uniquely defined and utilized by the information integration system.

Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.

Abstract: An interface server (e.g., Web Application Open Platform Interface (WOPI) server) is communicatively connected to an information management (IM) server and to an online application server which acts as a client of the interface server. When a user wishes to open, create, or edit a document in an online application hosted by the online application server, the interface server is called, instead of the IM server which manages the document at the backend of an enterprise computing network. The interface server is configured for obtaining a working copy of the document from the IM server and providing the working copy to the client. The client provides the working copy to the online application for display on the user device. When the work is done, the working copy is sync'd back through the interface server to the IM server as a new draft and deleted by the interface server.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors may be configured for integrating data stored in the disparate information systems utilizing a common model employed by the set of integration services. The common model may overlay, augment, integrate, or otherwise utilize a content management interoperability services data model and may include common property definitions and a common security model. The common security model may include permissions particularly defined for use by the set of integration services. These common property definitions and permissions may be uniquely defined and utilized by the information integration system.

Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.

Abstract: Systems, methods and computer program products for controlling access to data owned by an application subscriber using two-factor access control and user partitioning are disclosed. In one embodiment, applications are executed on a multi-tenant application platform in which user partitions designate associated users and authentication services for those users. Tenants may subscribe to the applications and may allow access to the subscriptions through designated entry points. Users that are authenticated according to the corresponding user partition and access the application through the designated entry point are allowed to access the application through the tenant's subscription.

Abstract: An information integration system may include a set of integration services embodied on one or more server machines in a computing environment. The set of integration services may include connectors communicatively connected to disparate information systems. The connectors may be configured for integrating data stored in the disparate information systems utilizing a common model employed by the set of integration services. The common model may overlay, augment, integrate, or otherwise utilize a content management interoperability services data model and may include common property definitions and a common security model. The common security model may include permissions particularly defined for use by the set of integration services. These common property definitions and permissions may be uniquely defined and utilized by the information integration system.