SECONDARY DEVICE AS KEY FOR AUTHORIZING ACCESS TO RESOURCES

US 20160337347A1
Filed: 07/26/2016
Published: 11/17/2016
Est. Priority Date: 03/15/2013
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising:

causing a resource to be encrypted to create an encrypted version of the resource, the encrypted version of the resource being configured to be inaccessible by a primary client device, the encrypted version of the resource being configured to be decrypted using an authorization credential to create an unencrypted version of the resource, and the unencrypted version of the resource being configured to be accessible by the primary client device;

causing the encrypted version of the resource to be provided to the primary client device;

determining that the primary client device is authorized to access the unencrypted version of the resource based at least in part on a first distribution rule, the first distribution rule being associated with the primary client device;

determining that a secondary client device is authorized to provide the primary client device with the unencrypted version of the resource based at least in part on a second distribution rule, the second distribution rule being associated with the secondary client device; and

,causing the authorization credential to be provided to the secondary client device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secondary device may be used to provide access to resources to a primary device. Upon receiving an authorization indication at a device, a registration key based on the authorization indication, a user identifier, and a property of the device may be created. Upon determining whether access to at least one resource is permitted according to the registration key the device may be permitted to access the at least one resource.

Citations

20 Claims

1. A method, comprising:
- causing a resource to be encrypted to create an encrypted version of the resource, the encrypted version of the resource being configured to be inaccessible by a primary client device, the encrypted version of the resource being configured to be decrypted using an authorization credential to create an unencrypted version of the resource, and the unencrypted version of the resource being configured to be accessible by the primary client device;
  
  causing the encrypted version of the resource to be provided to the primary client device;
  
  determining that the primary client device is authorized to access the unencrypted version of the resource based at least in part on a first distribution rule, the first distribution rule being associated with the primary client device;
  
  determining that a secondary client device is authorized to provide the primary client device with the unencrypted version of the resource based at least in part on a second distribution rule, the second distribution rule being associated with the secondary client device; and
  
  ,causing the authorization credential to be provided to the secondary client device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising:
    - identifying a request by the primary client device to access the resource.
  - 3. The method of claim 1, further comprising:
    - identifying a request by the secondary client device for authorization to provide the primary client device with the unencrypted version of the resource.
  - 4. The method of claim 1, wherein the authorization credential comprises a decryption key.
  - 5. The method of claim 1, wherein the first distribution rule specifies that the primary client device must be physically located within a particular threshold distance of the secondary client device.
  - 6. The method of claim 1, wherein the first distribution rule specifies that the primary client device must be communicatively coupled to the secondary client device through a particular network.

7. A non-transitory computer readable medium comprising executable instructions, which when executed by at least one processor, cause a computing device to at least:
- cause a resource to be encrypted to create an encrypted version of the resource, the encrypted version of the resource being configured to be inaccessible by a primary client device, the encrypted version of the resource being configured to be decrypted using an authorization credential to create an unencrypted version of the resource, and the unencrypted version of the resource being configured to be accessible by the primary client device;
  
  cause the encrypted version of the resource to be provided to the primary client device;
  
  determine that the primary client device is authorized to access the unencrypted version of the resource based at least in part on a first distribution rule, the first distribution rule being associated with the primary client device;
  
  determine that a secondary client device is authorized to provide the primary client device with the unencrypted version of the resource based at least in part on a second distribution rule, the second distribution rule being associated with the secondary client device; and
  
  ,cause the authorization credential to be provided to the secondary client device.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The non-transitory computer readable medium of claim 7, further including executable instructions, which when executed by the at least one processor, cause the computing device to:
    - identify a request by the primary client device to access the resource.
  - 9. The non-transitory computer readable medium of claim 7, further including executable instructions, which when executed by the at least one processor, cause the computing device to:
    - identify a request by the secondary client device for authorization to provide the primary client device with the unencrypted version of the resource.
  - 10. The non-transitory computer readable medium of claim 7, wherein the first distribution rule specifies that the primary client device must comprise at least one of:
    - a particular hardware component, a particular software component, or a particular device configuration.
  - 11. The non-transitory computer readable medium of claim 10, further including executable instructions, which when executed by the at least one processor, cause the computing device to:
    - identify information describing at least one aspect of the primary client device, the at least one aspect comprising at least one of;
      
      a hardware component of the primary client device, a software component of the primary client device, or a particular device configuration of the primary client device.
  - 12. The non-transitory computer readable medium of claim 7, wherein the second distribution rule specifies that the secondary client device must comprise at least one of:
    - a particular hardware component, a particular software component, or a particular device configuration.
  - 13. The non-transitory computer readable medium of claim 12, further including executable instructions, which when executed by the at least one processor, cause the computing device to:
    - identify information describing at least one aspect of the secondary client device, the at least one aspect comprising at least one of;
      
      a hardware component of the secondary client device, a software component of the secondary client device, or a particular device configuration of the secondary client device.

14. A computing device, including:
- at least one processor; and
  
  ,at least one memory comprising executable instructions, which when executed by the at least one processor, cause the computing device to at least;
  
  cause a resource to be encrypted to create an encrypted version of the resource, the encrypted version of the resource being configured to be inaccessible by a primary client device, the encrypted version of the resource being configured to be decrypted using an authorization credential to create an unencrypted version of the resource, and the unencrypted version of the resource being configured to be accessible by the primary client device;
  
  cause the encrypted version of the resource to be provided to the primary client device;
  
  determine that the primary client device is authorized to access the unencrypted version of the resource based at least in part on a first distribution rule, the first distribution rule being associated with the primary client device;
  
  determine that a secondary client device is authorized to provide the primary client device with the unencrypted version of the resource based at least in part on a second distribution rule, the second distribution rule being associated with the secondary client device; and
  
  ,cause the authorization credential to be provided to the secondary client device.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The computing device of claim 14, further including executable instructions, which when executed by the at least one processor, cause the computing device to:
    - identify a request for the primary client device to access the resource.
  - 16. The computing device of claim 14, further including executable instructions, which when executed by the at least one processor, cause the computing device to:
    - identify a request by the secondary client device for authorization to provide the primary client device with the unencrypted version of the resource.
  - 17. The computing device of claim 14, wherein the first distribution rule specifies that the primary client device must be operated by an authorized user based at least in part on a user credential provided by a user of the primary client device.
  - 18. The computing device of claim 17, wherein the user credential comprises at least one of:
    - a personal identification number (PIN), a password, a certificate, or a token.
  - 19. The computing device of claim 14, wherein the second distribution rule specifies that the secondary client device must be operated by an authorized user based at least in part on a user credential provided to the secondary client device.
  - 20. The computing device of claim 19, wherein the user credential comprises at least one of:
    - a personal identification number (PIN), a password, a certificate, or a token.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AirWatch LLC (Broadcom, Inc.)
Original Assignee
AirWatch LLC (Broadcom, Inc.)
Inventors
DeWeese, William, Stuntebeck, Erich

Application Number

US15/220,331
Publication Number

US 20160337347A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0823   using certificates cryptogr...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

H04L 63/102   Entity profiles

H04L 63/107   wherein the security polici...

H04L 63/20   for managing network securi...

H04W 12/068   using credential vaults, e....

SECONDARY DEVICE AS KEY FOR AUTHORIZING ACCESS TO RESOURCES

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SECONDARY DEVICE AS KEY FOR AUTHORIZING ACCESS TO RESOURCES

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links