Abstract: Aspects of the present disclosure relate to systems and methods for providing strong resource identification. When a resource is created, saved, or re-based, a cryptographic key pair may be generated and associated with the resource. A public key of the cryptographic key pair may be used as a unique identifier. Information about the resource, such as the name of the resource and its actual location may be stored in an index based upon the resource's public key. Sharing the resource with other devices may comprise sending the resource's key, as opposed to information about the resource's actual location, to one or more recipient device.

Abstract: The present disclosure relates to systems and methods of overlaying a plurality of isolated collections to generate an overlaid isolated collection. In an example, a first and second isolated collection having at least one common resource may be overlaid. A first and second inference ruleset may be extracted from the first and second isolated collection, respectively. Based on the first and second inference ruleset, one or more suggestions may be generated relating to conflicting inference rules. A suggestion may comprise selecting a subset of the conflicting inference rules (e.g., none, some, or all of the rules) for inclusion in the overlay isolated collection. Another suggestion may comprise generating a new inference rule based on the conflicting inference rules. An indication relating to the suggestions may be received. The indication may be used to generate a third isolated collection and a third inference ruleset.

Abstract: Examples of the present disclosure describe systems and methods of managing user tasks using isolated collections of data. In aspects, input may be received by a task management application/service. The task management application/service may analyze the input to determine isolated collection of resources identifying tasks associated with one or more user accounts. The task management application/service may aggregate and analyze the tasks to determine associations between the tasks, to classify tasks and/or to prioritize tasks. The task management application/service may use the analyzed data to provide notifications, prompt user action and/or provide query results. In aspects, the task management application/service may also provide an interface comprising a single master view of tasks aggregated from disparate data stores and/or user accounts associated with a user.

Abstract: Examples of the present disclosure describe systems and methods of delegating authorization to access isolated collections of data. In aspects, a request to access an isolated collection of resource identifiers and relationships may be received by an application. The resource identifiers may correspond to resources in one or more remote data repositories. Upon receiving the request, the application may interrogate a remote data repository to determine whether the requestor is currently authorized to access the one or more resources corresponding to the resource identifiers in the isolated collection. If the requestor is determined to be authorized, the application may use an authorization indication provided by the remote data repository to provide the requestor with access to the isolated collection. If the requestor is determined to be unauthorized, the application may prohibit access to the isolated collection.

Abstract: Examples of the present disclosure describe systems and methods of delegating authorization to access isolated collections of data. In aspects, a request to access an isolated collection of resource identifiers and relationships may be received by an application. The resource identifiers may correspond to resources in one or more remote data repositories. Upon receiving the request, the application may interrogate a remote data repository to determine whether the requestor is currently authorized to access the one or more resources corresponding to the resource identifiers in the isolated collection. If the requestor is determined to be authorized, the application may use an authorization indication provided by the remote data repository to provide the requestor with access to the isolated collection. If the requestor is determined to be unauthorized, the application may prohibit access to the isolated collection.

Abstract: Aspects of the present disclosure relate to systems and methods for providing strong resource identification. When a resource is created, saved, or re-based, a cryptographic key pair may be generated and associated with the resource. A public key of the cryptographic key pair may be used as a unique identifier. Information about the resource, such as the name of the resource and its actual location may be stored in an index based upon the resource's public key. Sharing the resource with other devices may comprise sending the resource's key, as opposed to information about the resource's actual location, to one or more recipient device.

Abstract: Examples of the present disclosure describe systems and methods for partially encrypting conversations using different cryptographic keys. Messages communicated during a conversation session may be encrypted using a cryptographic key. Other conversation participants may then decrypt the messages using the cryptographic key. During the conversation, an event may occur that causes a new cryptographic key to be generated. The conversation participants may then use the new cryptographic key when communicating. As such, previously-encrypted messages may be inaccessible to new members that do not have the old cryptographic key, while newly-encrypted messages may be inaccessible to former members that do not have the new cryptographic key. An isolated collection may store the messages and related cryptographic keys. Relationships may exist within the isolated collection, such that messages may be related to one another and messages may also be related to the cryptographic keys used to encrypt them.

Abstract: Aspects of the present disclosure relate to systems and methods for providing strong resource identification. When a resource is created, saved, or re-based, a cryptographic key pair with the resource. A public key of the cryptographic key pair may be used as a unique identifier. Information about the resource, such as the name of the resource and its actual location may be stored in an index based upon the resource's public key. Sharing the resource with other devices may comprise sending the resource's key, as opposed to information about the resource's actual location, to one or more recipient device.

Abstract: Systems and methods that provide for shared processing of rulesets against one or more isolated collections representing resources and relationships between those resources. Asserted resources may be added to an isolated collection and a ruleset may be accessed or received. The ruleset may be executed against the corresponding isolated collection to generated inferred data, such as inferred relationships between the asserted resources in the isolated collection. Transmitting the isolated collection to a client may depend on the type of client and on the network connection to the client. The isolated collection may be transmitted with just the asserted data and the ruleset, but not the inferred data. The client is able to locally process the rules against the asserted data to locally generate inferred data to create a locally generated enriched isolated collection. The locally generated enriched isolated collection may then be queried locally.

Abstract: Examples of the present disclosure describe systems and methods of rendering phantom results using graph queries. In aspects, a first query may generate a first result set. The first result set may comprise ordered lists (e.g., node-edge-node 3-tuples), and may be rendered as a graph. A second query may then be executed against the data source to generate a second result set. The first and second result set may be compared. When inconsistencies between the result sets are identified, various degrees of transparency may be used in the graph to indicate the inconsistent data.

Abstract: Examples of the present disclosure describe systems and methods of conditionally authorization access to isolated collections of data. In aspects, a request to access an isolated collection of resource identifiers and relationships may be received by an application. A set of conditions may control access to the isolated collection. Upon receiving the request, the application may attempt to determine whether the set of conditions has been satisfied. If the set of conditions is determined to be satisfied, the application may provide the requestor with access to the isolated collection. If the set of conditions is determined to be unsatisfied, the application may prohibit the requestor from accessing the isolated collection.

Abstract: Systems and methods that enrich asserted data in one or more isolated collections representing resources and relationships between those resources. Isolated collections and different respective rulesets for those isolated collections are accessed or received. Each respective ruleset is executed against its corresponding isolated collection to generated inferred data, such as inferred relationships between the resources in the isolated collection, to create an enriched isolated collection. Different rules within a ruleset may be executed at different times depending on their processing requirements. A query may be received for data in a particular isolated collection, and the query is executed against the isolated collection to generate results to the query including at least a portion of the inferred data. The results to the query may be displayed as a graph with nodes representing resources and edges representing relationships.

Abstract: Examples of the present disclosure describe systems and methods for partially encrypting conversations using different cryptographic keys. Messages communicated during a conversation session may be encrypted using a cryptographic key. Other conversation participants may then decrypt the messages using the cryptographic key. During the conversation, an event may occur that causes a new cryptographic key to be generated. The conversation participants may then use the new cryptographic key when communicating. As such, previously-encrypted messages may be inaccessible to new members that do not have the old cryptographic key, while newly-encrypted messages may be inaccessible to former members that do not have the new cryptographic key. An isolated collection may store the messages and related cryptographic keys. Relationships may exist within the isolated collection, such that messages may be related to one another and messages may also be related to the cryptographic keys used to encrypt them.

Abstract: Systems and methods that control versioning of inferred data in isolated collections representing resources and relationships between those resources. Multiple versions of rulesets may be received or accessed. Execution of each ruleset generates inferred data, such as inferred relationships between resources represented in the isolated collection. A version identifier may be incorporated into each inferred relationship or other inferred data. The version identifier indicates the particular version of a ruleset that resulted in the creation of the corresponding inferred relationship. Upon receiving a query for data in the isolated collection, the query is parsed to determine a query version identifier. Based on the query version identifier, results to the query may be filtered to include inferred data resulting only from a particular version of a ruleset. The results may be displayed as a graph with nodes representing resources and edges representing relationships.

Abstract: Examples of the present disclosure describe systems and methods for partially encrypting conversations using different cryptographic keys. Messages communicated during a conversation session may be encrypted using a cryptographic key. Other conversation participants may then decrypt the messages using the cryptographic key. During the conversation, an event may occur that causes a new cryptographic key to be generated. The conversation participants may then use the new cryptographic key when communicating. As such, previously-encrypted messages may be inaccessible to new members that do not have the old cryptographic key, while newly-encrypted messages may be inaccessible to former members that do not have the new cryptographic key. An isolated collection may store the messages and related cryptographic keys. Relationships may exist within the isolated collection, such that messages may be related to one another and messages may also be related to the cryptographic keys used to encrypt them.

Abstract: Examples of the present disclosure describe systems and methods of rendering phantom results using graph queries. In aspects, a first query may generate a first result set. The first result set may comprise ordered lists (e.g., node-edge-node 3-tuples), and may be rendered as a graph. A second query may then be executed against the data source to generate a second result set. The first and second result set may be compared. When inconsistencies between the result sets are identified, various degrees of transparency may be used in the graph to indicate the inconsistent data.

Abstract: Examples of the present disclosure describe systems and methods of managing user tasks using isolated collections of data. In aspects, input may be received by a task management application/service. The task management application/service may analyze the input to determine isolated collection of resources identifying tasks associated with one or more user accounts. The task management application/service may aggregate and analyze the tasks to determine associations between the tasks, to classify tasks and/or to prioritize tasks. The task management application/service may use the analyzed data to provide notifications, prompt user action and/or provide query results. In aspects, the task management application/service may also provide an interface comprising a single master view of tasks aggregated from disparate data stores and/or user accounts associated with a user.

Abstract: Examples of the present disclosure describe systems and methods of managing user tasks using isolated collections of data. In aspects, input may be received by a task management application/service. The task management application/service may analyze the input to determine isolated collection of resources identifying tasks associated with one or more user accounts. The task management application/service may aggregate and analyze the tasks to determine associations between the tasks, to classify tasks and/or to prioritize tasks. The task management application/service may use the analyzed data to provide notifications, prompt user action and/or provide query results. In aspects, the task management application/service may also provide an interface comprising a single master view of tasks aggregated from disparate data stores and/or user accounts associated with a user.

Abstract: Aspects of the present disclosure relate to systems and methods for providing strong resource identification. When a resource is created, saved, or re-based, a cryptographic key pay may be generated and associated with the resource. A public key of the cryptographic key pay may be used as a unique identifier. Information about the resource, such as the name of the resource and its actual location may be stored in an index based upon the resource's public key. Sharing the resource with other devices may comprise sending the resource's key, as opposed to information about the resource's actual location, to one or more recipient device.

Abstract: Examples of the present disclosure describe systems and methods for partially encrypting conversations using different cryptographic keys. Messages communicated during a conversation session may be encrypted using a cryptographic key. Other conversation participants may then decrypt the messages using the cryptographic key. During the conversation, an event may occur that causes a new cryptographic key to be generated. The conversation participants may then use the new cryptographic key when communicating. As such, previously-encrypted messages may be inaccessible to new members that do not have the old cryptographic key, while newly-encrypted messages may be inaccessible to former members that do not have the new cryptographic key. An isolated collection may store the messages and related cryptographic keys. Relationships may exist within the isolated collection, such that messages may be related to one another and messages may also be related to the cryptographic keys used to encrypt them.