TRUST EXCEPTION MANAGEMENT

US 20090228986A1
Filed: 12/31/2008
Published: 09/10/2009
Est. Priority Date: 03/04/2008
Status: Active Grant

First Claim

Patent Images

1. A machine implemented method for processing data, the method comprising:

determining, in a first context, whether a first action is an un-trusted action and a reason for failure; and

performing the un-trusted action if a first trust exception corresponds to the un-trusted action, the reason for failure, and the first context.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A machine implemented method includes storing a first data representing a prior exception to a first trust failure (e.g., expired certificate). The prior exception may be stored as part of establishing a first communication with a data processing system (e.g., a handheld device). The first communication may not be trustworthy. The method may determine, as part of establishing a second communication with the data processing system, that a second trust failure has occurred. The second trust failure (e.g., revoked certificate) indicates that the second communication may not be trustworthy. The method may determine whether the prior exception applies to the second trust failure. If the prior exception does not apply, the data processing system determines, automatically, whether to create a new exception for the second trust failure.

53 Citations

View as Search Results

27 Claims

1. A machine implemented method for processing data, the method comprising:
- determining, in a first context, whether a first action is an un-trusted action and a reason for failure; and
  
  performing the un-trusted action if a first trust exception corresponds to the un-trusted action, the reason for failure, and the first context.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 further comprising:
    - receiving a user input indicating to perform the un-trusted action, wherein the un-trusted action does not correspond to the first trust exception;
      
      creating a second trust exception corresponding to the un-trusted action, the reason for failure, and the first context; and
      
      performing the un-trusted action.
  - 3. The method of claim 1 wherein the first action is connecting to a secure server and wherein the reason for failure is one of the following:
    - certificate revoked and certificate expired and certificate unknown.
  - 4. The method of claim 1 wherein the first action is verifying a signed user application.
  - 5. The method of claim 1 wherein the first context is a user application.
  - 6. The method of claim 5 wherein the user application is one of the following:
    - an e-mail application, a web browser, media management application, and a personal finance application.

7. A machine implemented method comprising:
- storing first data representing a prior exception to a first trust failure, the first trust failure indicating, as part of establishing a first communication with a data processing system, that the first communication may not be trustworthy;
  
  determining, as part of establishing a second communication with the data processing system, that a second trust failure has occurred, the second trust failure indicating that the second communication may not be trustworthy;
  
  determining whether the prior exception applies to the second trust failure and if it does not, determining, automatically by the data processing system, whether to create a new exception for the second trust failure.
- View Dependent Claims (8, 9)
- - 8. The method as in claim 7 wherein the data processing system determines whether to create the new exception without requiring user interaction to create the new exception.
  - 9. The method as in claim 8 wherein the data processing system determines whether to create the new exception by comparing the first trust failure and the second trust failure and wherein the comparing comprises comparing a context of the first trust failure and a context of the second trust failure.

10. A machine-readable storage medium storing instructions which when executed by a data processing system cause the data processing system to perform a method of processing data, the method comprising:
- determining, in a first context, whether a first action is an un-trusted action and a reason for failure; and
  
  performing the un-trusted action if a first trust exception corresponds to the un-trusted action, the reason for failure, and the first context.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The machine-readable storage medium of claim 10, the method further comprising:
    - receiving a user input indicating to perform the un-trusted action, wherein the un-trusted action does not correspond to the first trust exception;
      
      creating a second trust exception corresponding to the un-trusted action, the reason for failure, and the first context; and
      
      performing the un-trusted action.
  - 12. The machine-readable storage medium of claim 10 wherein the first action is connecting to a secure server and wherein the reason for failure is one of the following:
    - certificate revoked and certificate expired and certificate unknown.
  - 13. The machine-readable storage medium of claim 10 wherein the first action is verifying a signed user application.
  - 14. The machine-readable storage medium of claim 10 wherein the first context is a user application.
  - 15. The machine-readable storage medium of claim 14 wherein the user application is one of the following:
    - an e-mail application, a web browser, media management application, and a personal finance application.

16. A machine-readable storage medium storing instructions which when executed by a data processing system cause the data processing system to perform a method of processing data, the method comprising:
- storing first data representing a prior exception to a first trust failure, the first trust failure indicating, as part of establishing a first communication with the data processing system, that the first communication may not be trustworthy;
  
  determining, as part of establishing a second communication with the data processing system, that a second trust failure has occurred, the second trust failure indicating that the second communication may not be trustworthy;
  
  determining whether the prior exception applies to the second trust failure and if it does not, determining, automatically by the data processing system, whether to create a new exception for the second trust failure.
- View Dependent Claims (17, 18)
- - 17. The machine-readable storage medium as in claim 16 wherein the data processing system determines whether to create the new exception without requiring user interaction to create the new exception.
  - 18. The machine-readable storage medium as in claim 17 wherein the data processing system determines whether to create the new exception by comparing the first trust failure and the second trust failure and wherein the comparing comprises comparing a context of the first trust failure and a context of the second trust failure.

19. A data processing system comprising:
- means for determining, in a first context, whether a first action is an un-trusted action and a reason for failure; and
  
  means for performing the un-trusted action if a first trust exception corresponds to the un-trusted action, the reason for failure, and the first context.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The data processing system of claim 19 further comprising:
    - means for receiving a user input indicating to perform the un-trusted action, wherein the un-trusted action does not correspond to the first trust exception;
      
      means for creating a second trust exception corresponding to the un-trusted action, the reason for failure, and the first context; and
      
      means for performing the un-trusted action.
  - 21. The data processing system of claim 19 wherein the first action is connecting to a secure server and wherein the reason for failure is one of the following:
    - certificate revoked and certificate expired and certificate unknown.
  - 22. The data processing system of claim 19 wherein the first action is verifying a signed user application.
  - 23. The data processing system of claim 19 wherein the first context is a user application.
  - 24. The data processing system of claim 23 wherein the user application is one of the following:
    - an e-mail application, a web browser, media management application, and a personal finance application.

25. A data processing system comprising:
- means for storing first data representing a prior exception to a first trust failure, the first trust failure indicating, as part of establishing a first communication with a data processing system, that the first communication may not be trustworthy;
  
  means for determining, as part of establishing a second communication with the data processing system, that a second trust failure has occurred, the second trust failure indicating that the second communication may not be trustworthy;
  
  means for determining whether the prior exception applies to the second trust failure and if it does not, determining, automatically by the data processing system, whether to create a new exception for the second trust failure.
- View Dependent Claims (26, 27)
- - 26. The data processing system as in claim 25 wherein the data processing system determines whether to create the new exception without requiring user interaction to create the new exception.
  - 27. The data processing system as in claim 26 wherein the means for determining whether to create the new exception comprises:
    - means for comparing the first trust failure and the second trust failure, wherein the comparing comprises comparing a context of the first trust failure and a context of the second trust failure.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
ADLER, MITCHELL D., Brouwer, Michael Lambertus Hubertus, Sauerwald, Conrad

Granted Patent

US 8,739,292 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/33   using certificates

G06F 21/57   Certifying or maintaining t...

G06F 2211/009   Trust

TRUST EXCEPTION MANAGEMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

53 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

TRUST EXCEPTION MANAGEMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

53 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links