Data associated with a user account is stored at the cloud-based storage service. A portion of the data is associated with a heightened authentication protocol. A request for an application to access data that is associated with the heightened authentication protocol is received at the cloud-based storage service. The request may include an indication that the application is configured to interact with data with the heightened authentication protocol. The request is authenticated based on the heightened authentication protocol. In response to authenticating the first request, permission is granted to the application to access the data that is associated with the heightened authentication protocol. In response receiving requests that do not include the indication that the application is configured to interact with data with the heightened authentication protocol, data pertaining to the portion of the data with the heightened authentication protocol is hidden.

The present inventors devised a holistic approach for protecting serverless applications in single-cloud, multi-zone, multi-cloud, and/or non-cloud data center computing environments. An illustrative data storage management system discovers application assets, relationships, and interoperability dependencies and creates an “application entity” that references the various assets. Protection preferences apply to the application entity as a whole. An orchestration function in the system coordinates storage management operations (e.g., backup, replication, live synchronization, etc.) in a suitable order of operations gleaned from asset dependencies, if any. A set of copies of the application's discovered assets are generated in coordinated fashion and represent a point-in-time copy of the application. The point-in-time copy can be restored and/or migrated to other computing services by the data storage management system. The orchestration function coordinates restore and migration operations, including any cloud-to-cloud or cloud-to/from-non-cloud conversions that might be necessary to activate the application in a different computing environment.

The present inventors devised a holistic approach for protecting serverless applications in single-cloud, multi-zone, multi-cloud, and/or non-cloud data center computing environments. An illustrative data storage management system discovers application assets, relationships, and interoperability dependencies and creates an “application entity” that references the various assets. Protection preferences apply to the application entity as a whole. An orchestration function in the system coordinates storage management operations (e.g., backup, replication, live synchronization, etc.) in a suitable order of operations gleaned from asset dependencies, if any. A set of copies of the application's discovered assets are generated in coordinated fashion and represent a point-in-time copy of the application. The point-in-time copy can be restored and/or migrated to other computing services by the data storage management system. The orchestration function coordinates restore and migration operations, including any cloud-to-cloud or cloud-to/from-non-cloud conversions that might be necessary to activate the application in a different computing environment.

A method of transmitting distributed data over a channel includes distributing data from a data source to N number of collaborating transmitter devices operable to synchronously transmit N number of contributing data signals based on the data to a receiver over a channel. Channel state information of the channel between each transmitter device and the receiver is obtained. A spatial spectral weight (SSW) filter for each transmitter device based on the obtained channel state information is determined. The SSW filter associated with each transmitter device is applied to each contributing data signal transmitted from the associated transmitter device. The N number of contributing data signals filtered by the SSW filters are transmitted through the channel to the receiver, such that the contributing data signals are received at the receiver synchronously and in substantial phase alignment such that the contributing data signals coherently combine to form a coherently combined data signal.

A method of transmitting distributed data over a channel includes distributing data from a data source to N number of collaborating transmitter devices operable to synchronously transmit N number of contributing data signals based on the data to a receiver over a channel. Channel state information of the channel between each transmitter device and the receiver is obtained. A spatial spectral weight (SSW) filter for each transmitter device based on the obtained channel state information is determined. The SSW filter associated with each transmitter device is applied to each contributing data signal transmitted from the associated transmitter device. The N number of contributing data signals filtered by the SSW filters are transmitted through the channel to the receiver, such that the contributing data signals are received at the receiver synchronously and in substantial phase alignment such that the contributing data signals coherently combine to form a coherently combined data signal.

A method for controlling application enabling includes receiving from a user an indication of data for sharing and an indication of one or more recipients with which to share the data. A multidimensional zone is determined based on the indication of the data and the indication of the one or more recipients. A request from the user to enable an application via a computing device is detected. Data permission requirements of the application are accessed, and a multidimensional coordinate is determined based on the data permission requirements of the application. The multidimensional zone is compared to the multidimensional coordinate, and the user is notified via the computing device of the comparing of the multidimensional zone to the multidimensional coordinate. An affirmation of the request is received from the user via the computing device, and the application is enabled responsive to the affirmation of the request.

Systems and methods are provided for intent tracking asynchronous operations. An example method can include receiving, at a content management system (CMS), a first request to perform an operation on a content item stored at the CMS; adding the request to perform the operation to a queue of operations to be processed by the CMS; and prior to completing the operation: receiving, from a client device associated with a user account registered at the CMS, a second request to access the content item; in response to the second request, determining a predicted state of the content item, the predicted state of the content item reflecting a result of performing the operation on the content item; and providing, to the client device, a response including the predicted state of the content item.

A method of synchronizing a plurality of end points is disclosed. A spoke is connected to a hub. The connecting of the spoke to the hub includes performing inbound synchronization of all of a set of data items or a subset of the set of data items with a replica. One or more additional spokes are connected to the hub. The connecting of the one or more additional spokes to the hub includes performing inbound synchronization of all of an additional set of data items or a subset of the additional set of data items with an additional replica. A subset of a set of data items stored in the replica or the additional replica is selected for outbound synchronization with any of a plurality of spokes except a spoke from which the subset of data items originated.

Maintaining versions of data from a storage system includes detecting that a snapshot of the data has been performed at the storage device, transferring a previous version of the data to a cloud storage, and prohibiting deletion of the snapshot until the previous version of the data has been completely transferred to the cloud storage. The data may be a volume on the storage system. The cloud storage may be public cloud storage or part of a private network. The cloud storage may be accessible from any location via the World Wide Web. A connection between the storage device and the cloud storage may be provided by the Internet, a TCP/IP network, a dedicated connection, or a FICON connection. The snapshot may store a log entry in a log device corresponding to a particular point-in-time version of the data prior to data being written to the storage device.

Maintaining versions of data from a storage system includes detecting that a snapshot of the data has been performed at the storage device, transferring a previous version of the data to a cloud storage, and prohibiting deletion of the snapshot until the previous version of the data has been completely transferred to the cloud storage. The data may be a volume on the storage system. The cloud storage may be public cloud storage or part of a private network. The cloud storage may be accessible from any location via the World Wide Web. A connection between the storage device and the cloud storage may be provided by the Internet, a TCP/IP network, a dedicated connection, or a FICON connection. The snapshot may store a log entry in a log device corresponding to a particular point-in-time version of the data prior to data being written to the storage device.