Data access and ownership management

US 10,122,718 B2
Filed: 08/21/2015
Issued: 11/06/2018
Est. Priority Date: 08/21/2015
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

obtaining, by a data processing device comprising processing circuitry and computer-readable memory, first secret data associated with a first user and corresponding to a first location of a remote resource, the first secret data including a uniform resource locator (URL) transformation including URL encoding information, wherein obtaining the first secret data comprises receiving the first secret data from the remote resource;

generating, by the data processing device using the first secret data, a first URL usable to obtain the first location of the remote resource;

accessing, by the data processing device, the first location of the remote resource using the first URL;

obtaining, by the data processing device in response to a transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource;

generating, by the data processing device using the second secret data, a second URL usable to obtain the second location of the remote resource; and

accessing, by the data processing device, the second location of the remote resource using the second URL;

wherein the second location of the remote resource is inaccessible via the first URL, and wherein the first location of the remote resource is inaccessible via the second URL.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.

Citations

22 Claims

1. A method comprising:
- obtaining, by a data processing device comprising processing circuitry and computer-readable memory, first secret data associated with a first user and corresponding to a first location of a remote resource, the first secret data including a uniform resource locator (URL) transformation including URL encoding information, wherein obtaining the first secret data comprises receiving the first secret data from the remote resource;
  
  generating, by the data processing device using the first secret data, a first URL usable to obtain the first location of the remote resource;
  
  accessing, by the data processing device, the first location of the remote resource using the first URL;
  
  obtaining, by the data processing device in response to a transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource;
  
  generating, by the data processing device using the second secret data, a second URL usable to obtain the second location of the remote resource; and
  
  accessing, by the data processing device, the second location of the remote resource using the second URL;
  
  wherein the second location of the remote resource is inaccessible via the first URL, and wherein the first location of the remote resource is inaccessible via the second URL.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The method of claim 1, further comprising:
    - verifying the authenticity of the remote resource to validate the first secret data.
  - 3. The method of claim 2, wherein verifying the authenticity of the remote resource comprises:
    - receiving a certificate chain from the remote resource; and
      
      verifying the authenticity of the remote resource via the received certificate chain.
  - 4. The method of claim 3, wherein verifying the authenticity of the remote resource via the received certificate chain comprises verifying the authenticity of the received certificate chain using an encryption key stored at the computer-readable memory of the data processing device.
  - 5. The method of claim 3,wherein the remote resource comprises a first remote resource;
    - wherein the certificate chain is stored at a third location of the first remote resource; and
      
      wherein receiving the certificate chain from the first remote resource comprises accessing a location of a second remote resource via an ownership URL stored at the computer-readable memory of the data processing device, the location of the second remote resource comprising data usable to obtain the third location of the first remote resource.
  - 6. The method of claim 1,wherein obtaining the first secret data comprises storing the first secret data at the computer-readable memory of the data processing device;
    - andwherein obtaining the second secret data comprises replacing the first secret data with the second secret data at the computer-readable memory of the data processing device.
  - 7. The method of claim 1,wherein the first URL identifies a first key node location of a first key node resource, the first key node resource comprising data usable to obtain a first resource URL identifying the first location of the remote resource;
    - andwherein the second URL identifies a second key node location of a second key node resource, the second key node resource comprising data usable to obtain a second resource URL identifying the second location of the remote resource.
  - 8. The method of claim 1, further comprising:
    - obtaining, by the data processing device, an initial URL corresponding to the remote resource;
      
      wherein generating the first URL comprises obscuring the initial URL using the first secret data; and
      
      wherein generating the second URL comprises obscuring the initial URL using the second secret data.
  - 9. The method of claim 8,wherein obscuring the initial URL using the first secret data comprises performing a first transformation of the initial URL into the obscured first URL using the first secret data;
    - andwherein obscuring the initial URL using the second secret data comprises performing a second transformation of the initial URL into the obscured second URL using the second secret data.
  - 10. The method of claim 9, wherein each of the first and second transformations are one-way transformations.
  - 11. The method of claim 9, wherein the initial URL cannot be obtained from either the obscured first URL or the obscured second URL using either the first secret data or the second secret data.
  - 12. The method of claim 8, wherein the initial URL does not identify either the first location of the remote resource or the second location of the remote resource.
  - 13. The method of claim 1, wherein each of the first and second locations of the remote resource comprise encrypted data.
  - 14. The method of claim 13,wherein the first secret data comprises a first encryption key configured to decode the encrypted data at the first location of the remote resource;
    - andwherein the second secret data comprises a second encryption key configured to decode the encrypted data at the second location of the remote resource.
  - 15. The method of claim 1, wherein generating the second URL comprises refraining from generating the first URL in response to the transfer of usage rights of the data processing device from the first user to the second user.
  - 16. The method of claim 1, further comprising:
    - obtaining, by the data processing device, third secret data corresponding to a third location of the remote resource;
      
      generating, by the data processing device using the third secret data, a third URL usable to obtain the third location of the remote resource; and
      
      accessing, by the data processing device, the third location of the remote resource using the third URL;
      
      wherein the third location of the remote resource is inaccessible via each of the first URL and the second URL, and wherein each of the first location and the second location of the remote resource are inaccessible via the third URL.
  - 17. The method of claim 16, wherein accessing the third location of the remote resource comprises accessing the third location of the remote resource using the third URL before and after the transfer of usage rights of the data processing device from the first user to the second user.
  - 18. The method of claim 16, wherein the third secret data is associated with the data processing device.
  - 19. The method of claim 1, wherein the remote resource comprises a plurality of inter-connected server devices.

20. A data processing device comprising:
- processing circuitry;
  
  communications circuitry; and
  
  computer-readable memory encoded with instructions that, when executed by the processing circuitry, cause the data processing device to;
  
  obtain, via the communications circuitry, first secret data associated with a first user and corresponding to a first location of a remote resource, the first secret data including a uniform resource locator (URL) transformation including URL encoding information, wherein obtaining the first secret data comprises receiving the first secret data from the remote resource;
  
  generate, using the first secret data, a first URL usable to obtain the first location of the remote resource;
  
  access, via the communications circuitry, the first location of the remote resource using the first URL;
  
  obtain, via the communications circuitry in response to a transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource;
  
  generate, using the second secret data, a second URL usable to obtain the second location of the remote resource; and
  
  access, via the communications circuitry, the second location of the remote resource using the second URL;
  
  wherein the second location of the remote resource is inaccessible via the first URL, and wherein the first location of the remote resource is inaccessible via the second URL.

21. A method comprising:
- generating, by a server system comprising at least one computing device and computer-readable memory, first secret data associated with a first user and corresponding to a first location of the computer-readable memory of the server system, the first secret data including a uniform resource locator (URL) transformation including URL encoding information;
  
  providing, by the server system to a data processing device, the first secret data for generating a first URL usable to obtain the first location of the computer-readable memory of the server system;
  
  generating, by the server system in response to a transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the computer-readable memory of the server system; and
  
  providing, by the server system to the data processing device, the second secret data for generating a second URL usable to obtain the second location of the computer-readable memory of the server system;
  
  wherein the second location of the computer-readable memory of the server system is inaccessible via the first URL, and wherein the first location of the computer-readable memory of the server system is inaccessible via the second URL.
- View Dependent Claims (22)
- - 22. The method of claim 21, wherein the first URL identifies a first key node resource location of the computer-readable memory of the server system, and wherein the second URL identifies a second key node resource location of the computer-readable memory of the server system, the method further comprising:
    - storing, by the server system, first data for obtaining the first location of the computer-readable memory of the server system at the first key node resource location; and
      
      storing, by the server system, second data for obtaining the second location of the computer-readable memory of the server system at the second key node resource location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arm IP Limited (SoftBank Group Corp.), Arm Ltd. (United Kingdom) (SoftBank Group Corp.)
Original Assignee
Arm IP Limited (SoftBank Group Corp.), Arm Ltd. (United Kingdom) (SoftBank Group Corp.)
Inventors
Meriac, Milosch, Luff, Geraint, Curtis, William Allen, Pottier, Remy
Primary Examiner(s)
Powers, William S

Application Number

US14/832,428
Publication Number

US 20170054721A1
Time in Patent Office

1,173 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0421   Anonymous communication, i....

H04L 63/10   for controlling access to d...

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

Data access and ownership management

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Data access and ownership management

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links