PLATFORM TO BUILD SECURE MOBILE COLLABORATIVE APPLICATIONS USING DYNAMIC PRESENTATION AND DATA CONFIGURATIONS

US 20150317493A1
Filed: 05/05/2014
Published: 11/05/2015
Est. Priority Date: 05/05/2014
Status: Active Grant

First Claim

Patent Images

1. A system to provide access to protected data for a communication terminal, comprising:

a first server coupled to a publisher database, wherein the publisher database is configured to store protected data in encrypted form;

a second server coupled to the first server, the second server configured to provide a cryptographically strong authentication of access to the protected data;

an interface to a first secure channel, between the first server and the communication terminal; and

an interface to a second secure channel, between the first server and a customer application,wherein the first server is configured to exchange protected data with the communication terminal via the first secure channel, and to exchange protected data with the customer application via the second secure channel.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

System and method to provide access to protected data for a communication terminal, the system including: a publisher database configured to store protected data in encrypted form; a first server coupled to the publisher database; a second server coupled to the first server, the second server configured to provide a cryptographically strong authentication of access to the protected data; an interface to a first secure channel, between the first server and the communication terminal; and an interface to a second secure channel, between the first server and a customer application, wherein the first server is configured to exchange protected data with the communication terminal via the first secure channel, and to exchange protected data with the customer application via the second secure channel.

18 Citations

View as Search Results

20 Claims

1. A system to provide access to protected data for a communication terminal, comprising:
- a first server coupled to a publisher database, wherein the publisher database is configured to store protected data in encrypted form;
  
  a second server coupled to the first server, the second server configured to provide a cryptographically strong authentication of access to the protected data;
  
  an interface to a first secure channel, between the first server and the communication terminal; and
  
  an interface to a second secure channel, between the first server and a customer application,wherein the first server is configured to exchange protected data with the communication terminal via the first secure channel, and to exchange protected data with the customer application via the second secure channel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1, wherein the first server is configured to receive a configuration of at least one of a datagroup, a dataset and a URL of the customer application, and the first server is further configured to provide to the customer application a notification when data from the datagroup is affected.
  - 3. The system of claim 1, wherein the first server is configured to receive an updated application configuration to be posted to the communication terminal.
  - 4. The system of claim 1, wherein the communication terminal is configured to use a user password and received security credentials to derive an encryption key for the secure storage, without storage of password or encryption keys in the communication terminal.
  - 5. The system of claim 1, wherein the communication terminal receives application configuration and logic from at least one of the first server and the second server.
  - 6. The system of claim 1, wherein the communication terminal receives application configuration and logic by use of an encrypted wireless channel.
  - 7. The system of claim 1, wherein the first server comprises a queue in order to queue and deliver notifications to the customer application when corresponding data is affected.
  - 8. The system of claim 1, wherein the first server is configured to accept Secured Web Service Interface calls to exchange protected data with customer applications, and to allow an application to access only the protected data that the application is assigned to monitor.
  - 9. The system of claim 1, wherein the customer application comprises an application configured to communicate interactively with the first server to discover modified information in the publisher database.
  - 10. The system of claim 1, wherein access to configuration applications is based upon group membership of a user of the communication terminal.
  - 11. The system of claim 1, wherein the mobile processor is further configured to provide a first mobile application and a second mobile application, wherein the second mobile application is configured to share usage of encryption modules and data with the first mobile application.
  - 12. The system of claim 1, wherein the communication terminal is configured to download multiple application configurations for respective types of users.
  - 13. The system of claim 1, wherein the secure storage is configured to support remote automatic erasure of secure information and remote restoration of an unavailable secure storage.
  - 14. The system of claim 1, wherein the first server is configured to support multi-organization usage.
  - 15. The system of claim 1, wherein the first server comprises an interface to the communication terminal and customer applications via a non-SSL secure communication channel that is usable with SSL.
  - 16. The system of claim 1, wherein the first server is configured to publish information in support of a plurality of communication terminal, independently of each other.

17. A method to provide access to protected data for a communication terminal, comprising:
- storing, by a first server coupled to a publisher database, protected data in encrypted form;
  
  receiving, from the communication terminal, a request to access the protected data, the request comprising purported credentials;
  
  transmitting the purported credentials to a second server in order to authenticate the purported credentials by a cryptographically strong authentication;
  
  if the purported credentials are authenticated, granting access between the communication terminal and the protected data;
  
  communicating the protected data between a customer application and the publisher database; and
  
  communicating the protected data between the communication terminal and the publisher database.
- View Dependent Claims (18, 19, 20)
- - 18. The method of claim 17, further comprising:
    - receiving a configuration of at least one of a datagroup, a dataset and a URL of the customer application;
      
      and providing to the customer application a notification when data from the datagroup is affected.
  - 19. The method of claim 17, further comprising:
    - receiving an updated application configuration to be posted to the communication terminal.
  - 20. The method of claim 17, wherein the communication terminal is configured to provide a first mobile application and a second mobile application, wherein the second mobile application is configured to share usage of encryption modules and data with the first mobile application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IQVIA, Inc. (IQVIA Holdings, Inc.)
Original Assignee
IMS Health Incorporated (IQVIA Holdings, Inc.)
Inventors
Florez, Elkin, Fung, Ryan, Blair, Charles, Annan, David, Mahgoub, Hussam

Granted Patent

US 9,792,458 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/604   Tools and structures for ma...

G06F 21/6218   to a system of files or obj...

G06F 21/6263   during internet communicati...

H04W 12/02   Protecting privacy or anony...

H04W 12/03   Protecting confidentiality,...

H04W 12/068   using credential vaults, e....

H04W 12/069   using certificates or pre-s...

PLATFORM TO BUILD SECURE MOBILE COLLABORATIVE APPLICATIONS USING DYNAMIC PRESENTATION AND DATA CONFIGURATIONS

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

18 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PLATFORM TO BUILD SECURE MOBILE COLLABORATIVE APPLICATIONS USING DYNAMIC PRESENTATION AND DATA CONFIGURATIONS

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

18 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links