SECURING ENTERPRISE DATA ON MOBILE DEVICES
First Claim
1. A computer-implemented method for securing enterprise data in a mobile computing environment, the method comprising:
- receiving, by a processor, a request to access an enterprise data stored on a mobile computing device in an encrypted format;
determining whether a decryption key is stored in a cache memory of the mobile computing device;
based on determining that the decryption key is not stored in a cache memory of the mobile computing device;
transmitting a request to an enterprise network for the decryption key; and
receiving the decryption key and storing the decryption key in the cache memory;
decrypting the enterprise data using the decryption key; and
deleting the decryption key from the cache memory based on a determination that the decryption key has not been accessed for a period of time greater than a threshold time.
4 Assignments
0 Petitions
Accused Products
Abstract
Embodiments include method, systems and computer program products for securing enterprise data in a mobile computing environment. Aspects include receiving a request to access the enterprise data stored on the mobile computing device in an encrypted format and determining whether a decryption key is stored in a cache memory of the mobile computing device. Based on determining that the decryption key is not stored in a cache memory of the mobile computing device, aspects include transmitting a request to an enterprise network for the decryption key and receiving the decryption key and storing the decryption key in the cache memory. Aspects also include decrypting the enterprise data using the decryption key and deleting the decryption key from the cache memory based on a determination that the decryption key has not been accessed for a period of time greater than a threshold time.
41 Citations
7 Claims
-
1. A computer-implemented method for securing enterprise data in a mobile computing environment, the method comprising:
-
receiving, by a processor, a request to access an enterprise data stored on a mobile computing device in an encrypted format; determining whether a decryption key is stored in a cache memory of the mobile computing device; based on determining that the decryption key is not stored in a cache memory of the mobile computing device; transmitting a request to an enterprise network for the decryption key; and receiving the decryption key and storing the decryption key in the cache memory; decrypting the enterprise data using the decryption key; and deleting the decryption key from the cache memory based on a determination that the decryption key has not been accessed for a period of time greater than a threshold time. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
Specification
-
- Resources
-
Current AssigneeGreen Market Square Limited
-
Original AssigneeInternational Business Machines Corporation
-
InventorsABDIRASHID, MOHAMMAD, DEGILIO, FRANK J.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current
-
CPC Class CodesG06F 21/6218 to a system of files or obj...H04L 63/0272 Virtual private networksH04L 63/0428 wherein the data content is...H04L 67/568 Storing data temporarily at...H04L 9/0816 Key establishment, i.e. cry...H04L 9/0819 Key transport or distributi...H04L 9/0891 Revocation or update of sec...H04L 9/0894 Escrow, recovery or storing...H04W 12/03 Protecting confidentiality,...H04W 12/04 Key management, e.g. using ...H04W 12/08 Access security
