Transferring application secrets in a trusted operating system environment
First Claim
1. A method comprising:
- receiving a request to transfer application data from a source computing device to a destination computing device;
determining if the requested application data is unconditionally non-migrateable to another computing device, the determination based at least in part on a non-migrateable encryption key stored on the source computing device, and not transferring the requested application data in response to that determination; and
determining if the requested application data is user-migrateable and in response thereto;
receiving input identifying a user-defined passphrase;
identifying an encryption key previously used to encrypt the application data,encrypting the encryption key based at least in part on the user-defined passphrase, andtransferring the encrypted encryption key to be copied to the destination computing device.
2 Assignments
0 Petitions
Accused Products
Abstract
Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.
145 Citations
14 Claims
-
1. A method comprising:
-
receiving a request to transfer application data from a source computing device to a destination computing device; determining if the requested application data is unconditionally non-migrateable to another computing device, the determination based at least in part on a non-migrateable encryption key stored on the source computing device, and not transferring the requested application data in response to that determination; and determining if the requested application data is user-migrateable and in response thereto; receiving input identifying a user-defined passphrase; identifying an encryption key previously used to encrypt the application data, encrypting the encryption key based at least in part on the user-defined passphrase, and transferring the encrypted encryption key to be copied to the destination computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. One or more computer readable media having stored thereon a plurality of instructions that, when executed by one or more processors of a source computing device, causes the one or more processors to:
-
receive a request to transfer application data from a source computing device to a destination computing device; determine if the requested application data is unconditionally non-migrateable to another computing device, the determination based at least in part on a non-migrateable encryption key stored on the source computing device, and not transfer the requested application data in response to that determination; receive input identifying a user-defined passphrase; identify an encryption key previously used to encrypt the application data, encrypt the encryption key based at least in part on the user-defined passphrase, and transfer the encrypted encryption key to be copied to the destination computing device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification