Cloud storage systems and services allow users to access files on a remote storage device, e.g., a cloud server, without temporal and spatial restrictions. Users can store files and easily access to their remote storage device over a network as if the files are on their local storage. Cloud storage systems also allow users to access files or folders from multiple devices and/or by multiple users. Cloud storage systems also provide back-up of stored files—the files are never lost even when the local storage fails because they are stored on the cloud server—and provide easy sharing and distribution of remote files with remote cloud users. Cloud storage systems overcome temporal and spatial restrictions of conventional file sharing and distribution mechanisms that require delivery of physical storage medium such as removable devices, USB drives, etc, or attachments of files in emails.
However, cloud storage systems have intrinsic vulnerability to malicious attacks by unauthorized users or mishandling of files even by authorized users. Providing secure access and safety of file sharing and distribution are key considerations in designing cloud services and systems.
U.S. Patent Application Pub. No. US 2007/0124536 (“'536 reference”) proposes a system that provides a secure working environment using a virtual interface. The system contains a display, a host for executing a client application, and a token device connected to the host via the virtual interface. The token device contains a processor for executing a token device application. The token device application provides image data via the virtual interface to the client application that is executed and run by the host device. The client application displays on the display of the host device those images corresponding to the image data received from the token device.
The system of the '536 reference comprises both a host device and a token device that have independent operating systems and the processors in order to provide such an isolated and secure environment. The requirement for separate host and token devices, hence separate operating systems and processors, increases the overall cost. Furthermore, such a system is not adequate for secure file sharing and distribution over a distributed file storage system such as a cloud server.