Application based hardware identifiers

US 10,356,204 B2
Filed: 12/13/2012
Issued: 07/16/2019
Est. Priority Date: 12/13/2012
Status: Active Grant

First Claim

Patent Images

1. A device for maintaining privacy by preventing tracking of a device across different applications, the device comprising:

one or more processors; and

one or more computer-readable storage media having stored thereon multiple instructions that, when executed by the one or more processors, cause the one or more processors to;

obtain application information for an application on the device, the application associated with a service provider that provides content or other functionality to the device, the application information comprising an identifier of the application on the device;

obtain device information including information for one or more hardware components of the device;

generate, by a trusted module of the device, an identifier of the device by combining the device information and the application information comprising the identifier of the application on the device, such that the service provider is not able to determine, from the identifier of the device, the device information, the trusted module trusted by the service provider; and

communicate the identifier of the device to the application, wherein the application is configured to subsequently transmit the identifier to the service provider to obtain the content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An application based hardware identifier is generated for an application on a device. The application based hardware identifier is generated based on both information describing the application and information describing one or more hardware components of the device. The application based hardware identifier can also optionally be based on an identifier of a user of the device. The application based hardware identifier can be provided by the application to a service provider, allowing the service provider to associate the application based hardware identifier with a particular user or user account. However, as the application based hardware identifier is based on the application information, different applications on the same device will have different application based hardware identifiers. The application based hardware identifier thus helps maintain privacy by preventing tracking of the device across different applications.

195 Citations

20 Claims

1. A device for maintaining privacy by preventing tracking of a device across different applications, the device comprising:
- one or more processors; and
  
  one or more computer-readable storage media having stored thereon multiple instructions that, when executed by the one or more processors, cause the one or more processors to;
  
  obtain application information for an application on the device, the application associated with a service provider that provides content or other functionality to the device, the application information comprising an identifier of the application on the device;
  
  obtain device information including information for one or more hardware components of the device;
  
  generate, by a trusted module of the device, an identifier of the device by combining the device information and the application information comprising the identifier of the application on the device, such that the service provider is not able to determine, from the identifier of the device, the device information, the trusted module trusted by the service provider; and
  
  communicate the identifier of the device to the application, wherein the application is configured to subsequently transmit the identifier to the service provider to obtain the content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. A device as recited in claim 1, the instructions causing the one or more processors to generate the identifier comprising instructions causing the one or more processors to generate the identifier of the device based on the device information, the application information, and an identifier of a user of the device.
  - 3. A device as recited in claim 1, the instructions causing the one or more processors to generate the identifier comprising instructions causing the one or more processors to combine the device information and the application information such that different applications on the device have different generated identifiers.
  - 4. A device as recited in claim 3, the one or more hardware components of the device comprising multiple hardware components, the device information comprising information for each of the multiple hardware components, and the instructions causing the one or more processors to generate the identifier comprising instructions causing the one or more processors to, for each of the multiple hardware components:
    - combine the information for the hardware component and the application information; and
      
      generate a hash value by applying a hash function to the combination of the information and the application information.
  - 5. A device as recited in claim 4, the instructions causing the one or more processors to combine the information for the hardware component and the application information comprising instructions causing the one or more processors to concatenate the information for the hardware component and the application information.
  - 6. A device as recited in claim 4, the instructions causing the one or more processors to generate the identifier further comprising instructions causing the one or more processors to truncate each generated hash value.
  - 7. A device as recited in claim 1, the application information including at least one of a name of a publisher of the application or a name of the application.
  - 8. A device as recited in claim 1, wherein the one or more hardware components comprises at least two hardware components such that the information for each of the at least two hardware components of the device uniquely distinguishes each of the at least two hardware components.
  - 9. A device as recited in claim 1, the instructions causing the one or more processors to communicate the identifier of the device further comprising instructions causing the one or more processors to communicate, with the identifier of the device, a nonce provided by a requester and a digital signature generated by digitally signing both the identifier and the nonce, the nonce being a value for protecting against replay attacks.
  - 10. A device as recited in claim 1, wherein the identifier of the application is assigned by an operating system of the device.
  - 11. A device as recited in claim 1, wherein the identifier of the application comprises a package identifier of a package including or more components or modules for the application, the package identifier allowing the package to be accessed by an operating system of the device but not by at least one other component executing on the device.

12. A method implemented in a service provider for maintaining privacy by preventing tracking of a device across different applications, the method comprising:
- communicating with a device to obtain a device identifier of the device, the device identifier having been generated by a trusted module of the device by combining an application identifier of an application running on the device and device information including information for one or more hardware components of the device, the application associated with the service provider, such that the service provider is not able to determine, from the device identifier, the device information, the service provider providing content or other functionality to the device, the trusted module trusted by the service provider; and
  
  using, by the service provider, the device identifier to identify the device to provide the content.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. A method as recited in claim 12, the using comprising using the device identifier to determine whether the device is permitted to access particular content of the service provider, the method further comprising:
    - checking whether the device identifier matches a previously received device identifier; and
      
      determining that the device is permitted to access the particular content if the device identifier matches the previously received device identifier.
  - 14. A method as recited in claim 13, the device identifier including information for multiple hardware components of the device, the checking comprising determining whether parts of the device identifier corresponding to particular ones of the multiple hardware components are the same as corresponding parts of the previously received device identifier.
  - 15. A method as recited in claim 12, the device identifier having been also generated based on a user identifier of a user of the device.
  - 16. A method as recited in claim 12, the device including multiple hardware components, and the device identifier having been generated by, for each of the multiple hardware components, combining the information for the hardware component and the application identifier, and generating a hash value by applying a hash function to the combination of the information for the hardware component and the application identifier.
  - 17. A method as recited in claim 12, the communicating comprising communicating with the application to obtain the device identifier.
  - 18. A method as recited in claim 12, wherein different service providers have different device identifiers for the device based on the combined application identifier and device information.

19. A method implemented on a device for maintaining privacy by preventing tracking of a device across different applications, the method comprising:
- receiving, from a service provider, a nonce and a request for a device identifier of the device, the nonce being a value for protecting against replay attacks, the device including multiple components, the service provider providing content or other functionality to an application on the device;
  
  requesting the device identifier from a trusted component of the device, and providing the nonce to the trusted component, the trusted component trusted by the service provider;
  
  receiving both a device identifier and a digital signature from the trusted component, the digital signature having been generated by digitally signing data including the nonce and the device identifier, the device identifier having been generated by, for each of the multiple hardware components, combining the information for the hardware component and application information comprising an identifier of the application on the device, such that the service provider is not able to determine, from the device identifier, the device information, and generating a hash value by applying a hash function to the combination of the information for the hardware component and the application information;
  
  communicating both the device identifier and the digital signature to the service provider to obtain the content.
- View Dependent Claims (20)
- - 20. A method as recited in claim 19, the device identifier having been further generated by, for each of the multiple hardware components:
    - combining the information for the hardware component, the application information, and a user identifier of a user of the device; and
      
      generating the hash value by applying the hash function to the combination of the information for the hardware component, the application information, and the user identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
Hazen, John A. M., Pennington, Stan D., Iskin, Sermet, Speed, Robin C., Sheehan, John M., Graham, Scott B.
Primary Examiner(s)
Shingles, Kristie D

Application Number

US13/714,389
Publication Number

US 20140173071A1
Time in Patent Office

2,406 Days
Field of Search

709223
US Class Current
CPC Class Codes

H04L 2101/604   Address structures or formats

H04L 61/35   involving non-standard use ...

H04L 61/5092   by self-assignment, e.g. pi...

H04L 63/0876   based on the identity of th...

H04L 63/12   Applying verification of th...

H04L 67/306   User profiles

Application based hardware identifiers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

195 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Application based hardware identifiers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

195 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links