Field of the Disclosure
The technology of the disclosure relates to data accessibility within enterprise systems.
Technical Background
A common element of web applications involves managing and controlling user data provided by an individual. For instance, the web applications within social networking websites, such as Facebook® and LinkedIn®, provide each user with a personal profile generated from user-provided data. Although the user data is provided by the user, each web application typically controls the user data and limits its use to the specific needs of the web application. In this regard, FIGS. 1A-1B illustrate a typical data control scheme 10. FIG. 1A illustrates the data control scheme 10 wherein a user 12 interacts with a web application 14. Further, the web application 14 controls access to user data 16, as opposed to the user 12 having direct access to the user data 16. In this manner, the user data 16 is tied directly to logic (not shown) of the web application 14, meaning that the user data 16 can only be accessed and used by the web application 14. More specifically, FIG. 1B illustrates another view of the data control scheme 10 showing that in order for a user, such as the user 12 in FIG. 1A, to access a particular web application, such as the web application 14 in FIG. 1A, a web browser 18 communicates with a web server 20. The web server 20 accesses the user data 16 that is tied directly to web application logic 22. Because the user data 16 is directly associated with the web application logic 22, the user data 16 can only be accessed by the web application logic 22. Thus, a particular web application controls user data associated with that web application, and can prevent other web applications from accessing such user data.
Several problems can arise as a result of employing the data control scheme 10 illustrated in FIG. 1A and FIG. 1B. For example, because a web application may not provide access to user data to other web applications, the data control scheme 10 requires a user to provide similar information to multiple websites. This creates redundant instances of the user data across multiple web applications. Further, because each website controls access to its instance of the user data, as opposed to the user controlling such access, each website determines whether other web applications can access the user data. As a result, the user data is locked-in to being accessed and processed by a limited number of web applications as determined by the controlling web application (known as “application lock-in”). The data control scheme 10 in FIGS. 1A and 1B also results in rigid data boundaries, as enterprise systems often block access to certain public websites due to the failure of such websites to restrict the use of user data to enterprise-only functionality. In this regard, enterprise systems are Internet domains that employ Enterprise Application Software (EAS) in order to control which users and applications have access to the Internet domain controlled by a given enterprise. Finally, under the data control scheme 10 in FIGS. 1A and 1B, the user data life during which the user data is accessible corresponds to the life of the website, causing the user data to become obsolete once a website is no longer accessed by the user. For instance, a user with a profile on MySpace® can no longer use data within that profile if the user decides to transfer his or her social networking activities exclusively to Facebook®. Thus, the data control scheme 10 causes certain negative consequences.
The data control scheme 10 described above is also employed with enterprise applications. For instance, an enterprise system may include internal enterprise applications, such as Voice over IP telephone service, instant messaging, e-mail, and Web Real-Time Communications (WebRTC) teleconferencing. However, as is the case with web applications, such enterprise applications often require an enterprise user to provide user data separately to each application, because such data is tied directly to the enterprise application logic. For example, the user data associated with an enterprise user's contact list within an e-mail application may be identical to the user's contact list within an instant messaging application. However, the data control scheme 10 in FIGS. 1A and 1B within the enterprise system may prevent enterprise applications from sharing user data, requiring the user to provide the same information to each enterprise application separately. Thus, similar problems arise within enterprise systems as those previously described in relation to web applications as a result of employing the data control scheme 10 for enterprise applications.
One solution to remedy problems arising from the data control scheme 10 involves the use of shared user data within an enterprise system. More specifically, configuring an enterprise system to access user data tied to web application logic may eliminate the need for enterprise users to separately manage user data for enterprise applications. For instance, an enterprise specific e-mail application may interface to Gmail® accounts for certain e-mail services and features. Alternatively, enterprise application logic may be configured to access and share the user data controlled by a web application. For example, an enterprise specific e-mail application may be configured to access only a user's contact list controlled by Gmail® application logic. However, allowing web applications to run within an enterprise system or share user data associated with web application logic with an enterprise application creates the potential for proprietary, secure enterprise information being accessed without authorization over public web servers that host such web applications. Further, enterprise applications sharing data with web applications still requires users to update multiple instances of user data in order to access similar information across enterprise applications.
Thus, it would be advantageous for enterprise applications to be able to access user data used by web applications in an efficient manner, without leaving secure enterprise information susceptible to unauthorized access over public web servers.