A memory controller and a storage device including the same are disclosed. A memory controller for controlling a nonvolatile memory includes: a security access control module configured to convert biometric authentication data received from a biometric module into security configuration data having a data format according to a security standard protocol and perform, based on the security configuration data, at least one of authority registration and authority authentication of a user authority set for an access control of a secure area of the nonvolatile memory, encrypted user data being stored in the secure area; and a data processing unit configured to, based on an access to the secure area being permitted, encrypt user data received from a host device or decrypt the encrypted user data read from the secure area.

A method for controlling an electronic device that is in communication with the server includes: in response to a lost mode activation signal from the server, controlling the electronic device to switch to a lost mode in which the electronic device is controlled to output a message that includes contact information of an owner of the electronic device, and an offer of a monetary compensation associated with recovery of the electronic device by the owner; and in response to determination that an unlock condition has been met, controlling the electronic device to switch to a normal mode.

The techniques disclosed herein provide enhanced security features for controlling access to shared content and private content of a document. A system can enable multiple users to access a common content file, such as a Word document. Each user can add additional private content unique to each individual user. Private content associated with a particular user is restricted from being shared with any other user. Thus, when a first user opens a file authored and/or owned by other users stored in a cloud storage service, the system allows that first user to see the common content that is shared by the other users plus private content that is unique to the first user, but not allow the first user to view other private content provided by the other users.

Media, methods, and systems are disclosed for generating a document from a workflow within a group-based communication system. A document may be created from a document template in response to a workflow trigger. The document may have a plurality of structured sections and a plurality of unstructured sections. Unstructured input may be received into an unstructured section and saved into the document. Structured input may be received into a structured section. Based on the structured input, a step of a workflow associated with the document may be performed and a result saved into the document.

In association with a communication platform, one or more users can create, share, edit, and/or comment on a document. Some examples of this disclosure are related to providing a list of suggested documents that a user can reference (e.g., add a link to) in a virtual space (e.g., in a message or post to one or more other users). For example, a user can be interacting with a virtual space (e.g., composing a direct message, a channel post, a thread, a workspace, a document, and the like) and invoke a list of suggested documents that can be referenced in the virtual space. In examples of the present disclosure, the list of suggested documents can include documents that are identified (e.g., based on one or more conditions being met) to be relevant to, or otherwise associated with, the virtual space.

Using an action registry to edit data across users and devices is described. In one or more implementations, a user editing data in an application requests to share the data with another user or another device for further editing. Responsive simply to the request or based on an exchange of content transfer information, the data is communicated to the selected user or device. Using information maintained by an action registry, a list of applications capable of editing the data is presented to the selected user or via the selected device. Upon selection of an application from the list, the selected application is launched. Once changes are made to the data by the selected user or device, those changes can be saved and the changed data automatically returned to the original user and/or device. The changed data can then be automatically presented to the original user or on the original device.

Techniques for generating ephemeral collections of content items are described herein. For example, a social networking system may receive, from a first account, a request to generate a collection of content items, or a “collaborative story.” The request may include an identifier associated with a second account that is to be associated with the collaborative story. Based on the request, the social networking system may generate the collaborative story and associate the second account therewith, designating the first account and the second account are as collaborators. In some examples, the social networking system may receive content from the first account and/or the second account and may publish the content in association with the collaborative story via the social networking system.

A method for a hybrid content protection architecture includes obtaining, by data processing hardware, a client-side cryptographic key and locally encrypting user content using the client-side cryptographic key. The method also includes communicating the client-side cryptographic key to a third party key manager, the third party key manager configured to store the client-side cryptographic key. In response to the third party key manager storing the client-side cryptographic key, the method includes receiving a token from the third party key manager, the token identifying the client-side cryptographic key stored at the third party key manager. The method further includes uploading the encrypted user content and the token to a server of a cloud computing platform.

A method, system and computer-readable storage medium for controlling access to application data associated with an application configured on a computing device. The method comprises: storing data comprising, for each of a plurality of access levels associated with the application, first data indicative of a combination of one or more credentials associated with the respective access level and an access level key corresponding to the respective access level, the access level key being encrypted by the combination of one or more credentials associated with the respective access level; determining, based on the first data, an access level in the plurality of access levels corresponding to a combination of one or more credentials available to the application; decrypting the access level key in the stored data corresponding to the determined access level using the combination of one or more credentials available to the application; and providing access to encrypted application data associated with the application and corresponding to the determined access level using, at least in part, the decrypted access level key corresponding to the determined access level.

Disclosed are systems and methods for document branching. In some embodiments, the method includes the steps of: obtaining a branch model associated with a set of related documents, the branch model comprising one or more branches, each branch of the one or more branches comprising a branch type and one or more nodes, the one or more branches comprising a primary branch associated with a primary document, the set of related documents comprising the primary document having a first document identifier; generating a secondary branch based upon a revision of the primary document, the secondary branch associated with a secondary document of the set of related documents, the secondary document having a second document identifier; and adding the secondary branch to the branch model.