Method and an apparatus to protect data security in a mobile application processing system

US 20070162760A1
Filed: 01/09/2006
Published: 07/12/2007
Est. Priority Date: 01/09/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising:

receiving an encrypted private key from a user via a mobile device;

using the encrypted private key to access an area associated with the user within a database;

decrypting the encrypted private key; and

using the decrypted private key to decrypt user preference information retrieved from the area.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and an apparatus to protect data security in a mobile application processing system are presented. In one embodiment, the method includes receiving an encrypted private key from a user via a mobile device, using the encrypted private key to access an area associated with the user within a database, decrypting the encrypted private key, and using the decrypted private key to decrypt user preference information retrieved from the area.

Citations

23 Claims

1. A method comprising:
- receiving an encrypted private key from a user via a mobile device;
  
  using the encrypted private key to access an area associated with the user within a database;
  
  decrypting the encrypted private key; and
  
  using the decrypted private key to decrypt user preference information retrieved from the area.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising receiving an application invocation request from the user via the mobile device, wherein the encrypted private key is incorporated into the application invocation request.
  - 3. The method of claim 2, further comprising:
    - invoking an application in response to the application invocation request; and
      
      inputting the decrypted user preference information to the application.
  - 4. The method of claim 1, wherein decrypting the encrypted private key comprises:
    - passing the encrypted private key to a database access security adapter; and
      
      using the database access security adapter to decrypt the encrypted private key with a database access security encryption key of an authentication protocol.
  - 5. The method of claim 4, wherein the database access security encryption key has been distributed to both the mobile device and the database access security adapter according to the authentication protocol.
  - 6. The method of claim 5, wherein the authentication protocol is Extensible Authentication Protocol (EAP).

7. A machine-accessible medium that provides instructions that, if executed by a processor, will cause the processor to perform operations comprising:
- encrypting user preference information using a private encryption key;
  
  storing the encrypted user preference information in an area associated with a user in a database; and
  
  making the stored encrypted user preference information available to an application querying the database with an encrypted version of the private encryption key.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The machine-accessible medium of claim 7, wherein the operations further comprise:
    - receiving the private encryption key and the user preference information from the user via a network interface.
  - 9. The machine-accessible medium of claim 7, wherein the operations further comprise:
    - in response to an application invocation request sent from the user via a mobile device, authenticating the user; and
      
      invoking the application if the user is authenticated.
  - 10. The machine-accessible medium of claim 9, wherein the operations further comprise:
    - retrieving at least a portion of the encrypted user preference information from the area associated with the user in response to one or more requests from the application invoked.
  - 11. The machine-accessible medium of claim 10, wherein the operations further comprise:
    - decrypting the encrypted version of the private encryption key to recover the private encryption key; and
      
      using the private encryption key to decrypt the user preference information retrieved.
  - 12. The machine-accessible medium of claim 9, wherein authenticating the user comprises:
    - using an application identifier, a terminal identifier associated with the mobile device, and the encrypted version of the private encryption key, the application identifier, the terminal identifier, and the encrypted version of the private encryption key being incorporated into the application invocation request.
  - 13. The machine-accessible medium of claim 9, wherein the operations further comprise:
    - in response to the application invocation request sent from the user via the mobile device, authenticating against a mobile operator of a mobile network to which the mobile device is communicably coupled to.

14. An apparatus comprising:
- a processing module to run an application to generate payment data associated with one or more transactions between a user and an entity;
  
  an encrypting module coupled to the processing module to encrypt the payment data using a public encryption key from the entity; and
  
  a network interface coupled to the processing module and the encrypting module to send the encrypted payment data to a mobile application processing system.
- View Dependent Claims (15, 16, 17)
- - 15. The apparatus of claim 14, wherein the mobile application processing system augments the encrypted payment data with user preference information associated with the user and sends the augmented encrypted payment data to the entity.
  - 16. The apparatus of claim 14, further comprising:
    - a user interface coupled to the processing module to receive instructions from the user to initiate the application.
  - 17. The apparatus of claim 14, wherein the network interface is to be communicably coupled to the mobile application processing system via a Secure Socket Layer (SSL) using Advanced Encryption Standard (AES).

18. A system comprising:
- a mobile application processing (MAP) server having a web interface to receive user preference information and a private encryption key from a user and to encrypt the user preference information using the private encryption key;
  
  a database coupled to the MAP server, the database being partitioned into one or more areas, one of the one or more areas being associated with the user to store the encrypted user preference information; and
  
  a mobile device coupled to the web server via a wireless network to invoke an application on the MAP server to access the area associated with the user using an encrypted version of the private encryption key.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The system of claim 18, wherein the mobile device comprises:
    - a user interface to allow the user to enter the private encryption key; and
      
      an encrypting module coupled to the user interface to encrypt the private encryption key.
  - 20. The system of claim 18, wherein the MAP server further comprises a mobile network interface coupled to the mobile device via a Secure Socket Layer (SSL) using Advanced Encryption Standard (AES) to receive the encrypted private encryption key from the mobile device;
    - and a database access security adapter coupled to the wireless interface to receive the encrypted private encryption key and to decrypt the encrypted private encryption key.
  - 21. The system of claim 20, wherein the application is operable to retrieve at least a portion of the encrypted user preference information from the area of the database and to decrypt the encrypted user preference information using the private encryption key from the database access security adapter.
  - 22. The system of claim 18, wherein the mobile device further comprises:
    - a processing module coupled to the encrypting module to run a mobile application to generate payment data associated with one or more transactions between the user and an entity, wherein the encrypting module is operable to encrypt the payment data; and
      
      a network interface operable to send the encrypted payment data to the MAP server.
  - 23. The system of claim 22, wherein the MAP server further comprises a processing module to augment the encrypted payment data;
    - and a network interface to send the augmented encrypted payment data to a server associated with the entity via a Secure Socket Layer (SSL) virtual private network (VPN) tunnel.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mobio Networks
Original Assignee
Mobio Networks
Inventors
Samuelsson, Mats, Sardana, Sanjeev

Application Number

US11/329,327
Publication Number

US 20070162760A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06F 21/6227   where protection concerns t...

H04L 63/0442   wherein the sending and rec...

H04L 63/162   at the data link layer

H04L 67/306   User profiles

Method and an apparatus to protect data security in a mobile application processing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method and an apparatus to protect data security in a mobile application processing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links