SECURING DATA USAGE IN COMPUTING DEVICES

US 20130074142A1
Filed: 09/15/2011
Published: 03/21/2013
Est. Priority Date: 09/15/2011
Status: Active Grant

First Claim

Patent Images

1. A computer storage medium having computer readable instructions stored thereupon that, when executed by a computer, cause the computer to:

receive a definition for a policy configured to control access to data on a computing device;

store the policy; and

send the policy to the computing device, whereat access to the data is controlled in accordance with the policy.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Policies are applied to specific data rather than to an entire computing device that contains the specific data. Access to the specific data is controlled by the policies utilizing various password or other authentication credential requirements, selective data caching, data transmission, temporary data storage, and/or pre-defined conditions under which the specific data is to be erased or rendered inaccessible. Policies may be defined by an administrator and pushed to a mobile computing device, whereat the policies are enforced.

Citations

20 Claims

1. A computer storage medium having computer readable instructions stored thereupon that, when executed by a computer, cause the computer to:
- receive a definition for a policy configured to control access to data on a computing device;
  
  store the policy; and
  
  send the policy to the computing device, whereat access to the data is controlled in accordance with the policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The computer storage medium of claim 1, wherein the policy comprises a lock policy comprising instructions specifying one or more lock levels that each permit access to the data or a portion thereof in response to receipt of a valid authentication credential.
  - 3. The computer storage medium of claim 1, wherein the policy comprises a lock policy comprising instructions specifying one or more lock levels that each permit access to the data or a portion thereof in response to the computing device being located in a certain location.
  - 4. The computer storage medium of claim 1, wherein the policy comprises a storage control policy comprising instructions that dictate storage of the data on the computing device.
  - 5. The computer storage medium of claim 4, wherein the storage control policy comprises instructions indicating whether the data can be cached on the computing device.
  - 6. The computer storage medium of claim 5, wherein the storage control policy further comprises instructions indicating how long the data can be cached on the computing device.
  - 7. The computer storage medium of claim 4, wherein the storage control policy further comprises instructions indicating how long the data can be stored on the computing device.
  - 8. The computer storage medium of claim 4, wherein the storage control policy comprises instructions indicating one or more conditions under which the data is to be erased or is to be rendered inaccessible.
  - 9. The computer storage medium of claim 8, wherein the one or more conditions comprise a location.
  - 10. The computer storage medium of claim 1, wherein the computing device is a mobile computing device.
  - 11. The computer storage medium of claim 10, wherein the policy is defined in a mobile digital certificate for the mobile computing device.
  - 12. The computer storage medium of claim 1, wherein the computing device is a server configured to provide the data to a mobile computing device.

13. A computer storage medium having computer readable instructions stored thereupon that, when executed by a computer, cause the computer to:
- receive a policy;
  
  receive a request for specific data associated with the policy; and
  
  allow or deny access to the specific data in accordance with the policy.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The computer storage medium of claim 13, wherein the policy comprises a lock policy comprising instructions specifying one or more lock levels that each permit access to the data or a portion thereof in response to receipt of a valid authentication credential.
  - 15. The computer storage medium of claim 13, wherein the policy comprises a lock policy comprising instructions specifying one or more lock levels that each permit access to the data or a portion thereof in response to the computing device being located in a certain location.
  - 16. The computer storage medium of claim 13, wherein the policy comprises a storage control policy comprising instructions that dictate storage of the data on the computer.
  - 17. The computer storage medium of claim 16, wherein the storage control policy comprises instructions indicating whether the data can be cached on the computer and, if the data can be cached, for how long the data can be cached.
  - 18. The computer storage medium of claim 16, wherein the storage control policy further comprises instructions indicating how long the data can be stored on the computing device.
  - 19. The computer storage medium of claim 16, wherein the storage control policy comprises instructions indicating one or more conditions under which the data is to be erased or is to be rendered inaccessible, the one or more conditions comprising at least a location.

20. A mobile computing device, comprising:
- a processor; and
  
  a memory in communication with the processor, the memory comprising instructions stored thereupon which, when executed by the processor, cause the processor tostore personal data associated with a user of the mobile computing device;
  
  store enterprise data associated with an enterprise;
  
  store one or more policies, each of which comprises instructions for at least one of controlling access to the enterprise data and handling of the enterprise data;
  
  receive a data request for at east a portion of the enterprise data; and
  
  selectively allow access to the portion of the enterprise data in accordance with the one or more policies without inhibiting access to the personal data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Brennan, David John, Ramanathan, Rajesh, Desai, Aditi

Granted Patent

US 10,165,007 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/31   User authentication

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

SECURING DATA USAGE IN COMPUTING DEVICES

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECURING DATA USAGE IN COMPUTING DEVICES

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links