Trusted Content Distribution System

US 20130074165A1
Filed: 03/24/2011
Published: 03/21/2013
Est. Priority Date: 03/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method for providing for a user a secure connection between a first electronic device and a second electronic device over a communication network that may be insecure and that connects the first and second electronic devices, the secure connection being used for exchanging data while executing an application, whereby said first electronic device, comprises:

a human machine interface such as visualization means; and

at least one communication portsaid first electronic device not being capable of executing the application alone;

whereby said second electronic device is adapted for storing, controlling and executing applications and storage of data and administrating the secure connection, whereby a third user specific electronic device such as a USB stick is used, the third user specific electronic device comprisingmemory, storing user identification information; and

an initialization modulethe method comprising the step of;

connecting the first electronic device with a third user specific electronic device via the communication port;

initializing and managing by said third electronic device the operation of the first electronic device for setting-up a secure connection over said communication network with the second electronic device; and

managing every interface of the first electronic device and optionally the secure connection from the second electronic device, the managing comprising administrating the secure connection by the second electronic device by receiving over the secured connection the user identification information and based thereon authenticate the user, the administrating includes allowing or denying access to data and/or applications stored on the second electronic device based on the security settings of the authenticated user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A trusted content distribution system is described comprising a trustworthy enduser device and a network management infrastructure, the enduser device being adapted for communications between the enduser device and the networked infrastructure via a secure tunnel; the end user device comprising a host processor and memory; secure non-volatile memory for storing an operating system, a trusted boot process executed by the host processor to boot the end user device into a known state, means for communicating with a visualisation device.

40 Citations

View as Search Results

15 Claims

1. A method for providing for a user a secure connection between a first electronic device and a second electronic device over a communication network that may be insecure and that connects the first and second electronic devices, the secure connection being used for exchanging data while executing an application, whereby said first electronic device, comprises:
- a human machine interface such as visualization means; and
  
  at least one communication portsaid first electronic device not being capable of executing the application alone;
  
  whereby said second electronic device is adapted for storing, controlling and executing applications and storage of data and administrating the secure connection, whereby a third user specific electronic device such as a USB stick is used, the third user specific electronic device comprisingmemory, storing user identification information; and
  
  an initialization modulethe method comprising the step of;
  
  connecting the first electronic device with a third user specific electronic device via the communication port;
  
  initializing and managing by said third electronic device the operation of the first electronic device for setting-up a secure connection over said communication network with the second electronic device; and
  
  managing every interface of the first electronic device and optionally the secure connection from the second electronic device, the managing comprising administrating the secure connection by the second electronic device by receiving over the secured connection the user identification information and based thereon authenticate the user, the administrating includes allowing or denying access to data and/or applications stored on the second electronic device based on the security settings of the authenticated user.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, further comprising executing for a user an application over the secure connection between the first electronic device and the second electronic device over the communication network, connecting the first and second electronic devices, the secure connection being used for exchanging data while executing the application,
3. The method of claim 1, after establishing the secure connection, further comprising the steps of:
- executing the application under the control of the second electronic device while exchanging the content over the secure connection for presentation to the user via a human machine interface of the first electronic device.

4. A trusted content distribution system for providing for a user a secure connection between a first electronic device and a second electronic device over a communication network that may be insecure and that connects the first and second electronic devices, the secure connection being used for exchanging data, said first electronic device comprising:
- a human machine interface such as visualization means; and
  
  at least one communication portsaid first electronic device not being capable of executing the application alone;
  
  whereby said second electronic device is adapted for storing and executing applications and storage of data and administrating the secure connection,whereby a third user specific electronic device such as a USB stick is used, the third user specific electronic device comprisingmemory, storing user identification information; and
  
  an initialization modulethe system further comprising;
  
  the at least one communication port being adapted for connecting the first electronic device with a third user specific electronic device;
  
  means for initializing and managing by said third electronic device the operation of the first electronic device for setting-up a secure connection over said communication network with the second electronic device; and
  
  means for managing every interface of the first electronic device and optionally the secure connection from the second electronic device, the managing comprising administrating the secure connection by the second electronic device by receiving over the secure connection the user identification information and based thereon authenticate the user, the administrating includes allowing or denying access to data and/or applications stored on the second electronic device based on the security settings of the authenticated user.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 5. The trusted content distribution system of claim 4 wherein the means for administrating comprises an appliance box communicating with the enduser device over a secure tunnel.
  - 6. The trusted content distribution system of claim 5, wherein the appliance box comprises a proxy component and a management component.
  - 7. The trusted content distribution system of claim 5, wherein the appliance box is provided with any of network connectivity, Support and Maintenance at boot time, a Web-enabled Management Console.
  - 8. The trusted content distribution system of claim 4, wherein the first electronic device is adapted to provide one or more authentication mechanisms to access content that is centralized on the communication network, or wherein the first electronic device is adapted to use one or both logical and physical access control.
  - 9. The trusted content distribution system of claim 4 wherein a client operating system runs either natively or virtually on the first electronic device.
  - 10. The trusted content distribution system of claim 4 wherein the first electronic device is adapted for Single Sign-On.
  - 11. The trusted content distribution system of claim 4 wherein the first electronic device is adapted to use a strong authentication medium.
  - 12. The trusted content distribution system of claim 4, wherein the means for initializing is a trusted boot process that boots an operating system in a random access memory of the first electronic device.
  - 13. The trusted content distribution system of claim 4, wherein the first electronic device is adapted for receiving over the secure connection the user identification information and based thereon to authenticate the user, the means for managing every interface being adapted to allow or deny access to data and/or applications under the control of the second electronic device based on security settings of the authenticated user.
  - 14. The trusted content distribution system of claim 4, wherein the second electronic device is adapted to control execution of an application while exchanging content over the secure connection for presentation to the user via the human machine interface of the first electronic device.

15. A bootable user specific electronic device comprising:
- memory, storing user identification information;
  
  a communications port and an initialization modulethe user specific electronic device having means for initializing and managing the operation of a further electronic device for setting-up a secure connection over a communication network with a third electronic device for trusted content distribution using a secure connection between the further electronic device and the third electronic device, the secure connection being used for exchanging data, said further electronic device comprising;
  
  a human machine interface such as visualization means;
  
  the communications port being adapted for connecting the user specific electronic device to the further electronic device, the initialization module being adapted to install an operating system on the further electronic device that allows managing of every interface of the further electronic device from the third electronic device via the secure connection, the managing comprising administrating the secure connection by the third electronic device by receiving over the secure connection the user identification information and based thereon authenticate the user, the administrating includes allowing or denying access to data and/or applications stored on the user specific electronic device based on the security settings of the authenticated user.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
E&M Enterprises LLC
Original Assignee
E&M Enterprises LLC
Inventors
DHAENE, Christophe

Granted Patent

US 9,432,333 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 63/0272   Virtual private networks

H04L 63/0815   providing single-sign-on or...

Trusted Content Distribution System

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

40 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

Trusted Content Distribution System

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others