Method and system for managing the display of sensitive content in non-trusted environments

US 7,694,148 B2
Filed: 03/11/2009
Issued: 04/06/2010
Est. Priority Date: 12/08/2003
Status: Expired due to Fees

First Claim

Patent Images

1. A system for managing a presentation of sensitive content in non-trusted environments, comprising:

a memory;

a display; and

a processor coupled to the memory and the display, wherein the processor is programmed to;

interrogate a list of one or more corporate policies associated with a given user and a physical device, the policy data being acquired locally from the physical device or dynamically via access to a corporate network, each corporate policy prohibiting or restricting access to corporate data in a non-trusted environment;

determine a location of the physical device;

determine whether the user and the physical device is in a trusted or non-trusted environment by comparing the determined location of the physical device with a list of trusted locations, the list of trusted locations being embedded within the policy data or stored separately;

access a subscription-based service that maintains an organization list of individuals and machine identification information indicating that a listed individual or machine is associated with a predetermined organization;

determine that an individual or machine identified on the list associated with a competitive organization is within a predetermined proximity of the physical device, and in response thereto, transmitting an alert to the physical device; and

enforce a plurality of rules contained in the corporate policy for managing the presentation of sensitive content by blocking a visual presentation or audible presentation of at least one object in portions of the presentation if the physical device is not located in a trusted location or if an individual or a machine identified on the competitive organization list is within a predetermined proximity of the physical device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method (10) for managing the display of sensitive content in non-trusted environments can include the steps of interrogating (12) a list of policies associated with a given user and a physical device, determining (14) a location of the physical device, comparing (18) the location of the physical device with a list of trusted locations, and enforcing (20) a plurality of rules contained in the policy by limiting or restricting access to sensitive information based on the location.

29 Citations

View as Search Results

12 Claims

1. A system for managing a presentation of sensitive content in non-trusted environments, comprising:
- a memory;
  
  a display; and
  
  a processor coupled to the memory and the display, wherein the processor is programmed to;
  
  interrogate a list of one or more corporate policies associated with a given user and a physical device, the policy data being acquired locally from the physical device or dynamically via access to a corporate network, each corporate policy prohibiting or restricting access to corporate data in a non-trusted environment;
  
  determine a location of the physical device;
  
  determine whether the user and the physical device is in a trusted or non-trusted environment by comparing the determined location of the physical device with a list of trusted locations, the list of trusted locations being embedded within the policy data or stored separately;
  
  access a subscription-based service that maintains an organization list of individuals and machine identification information indicating that a listed individual or machine is associated with a predetermined organization;
  
  determine that an individual or machine identified on the list associated with a competitive organization is within a predetermined proximity of the physical device, and in response thereto, transmitting an alert to the physical device; and
  
  enforce a plurality of rules contained in the corporate policy for managing the presentation of sensitive content by blocking a visual presentation or audible presentation of at least one object in portions of the presentation if the physical device is not located in a trusted location or if an individual or a machine identified on the competitive organization list is within a predetermined proximity of the physical device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The system of claim 1, wherein the processor is further programmed to provide a reminder of the policy regarding confidential material to the given user in response to an attempt to access sensitive information on the physical device.
  - 3. The system of claim 1, wherein the processor is further programmed to request authentication from the given user in response to an attempt to access sensitive information in an open application on the physical device.
  - 4. The system of claim 3, wherein the processor requests authentication by requesting at least one among the provision of a unique password for the given user, a unique accessing device, or a unique biometric characteristic of the given user.
  - 5. The system of claim 1, wherein the processor determines the location by using at least one among a global positioning system and a terrestrial wireless infrastructure system to provide the location of the physical device.
  - 6. The system of claim 1, wherein the processor enforces the policies by at least one among blacking out a visual object in a display during the presentation, replacing a visual object with innocuous content during the presentation, visually hiding the at least one object from the given user during the presentation and inserting audio ‘
    - white noise’
      
      gaps in an audio object.

7. A machine-readable storage, having stored thereon a computer program having a plurality of code sections executable by a machine for causing the machine to perform the steps of:
- interrogating a list of one or more corporate policies associated with a given user and a physical device, the policy data being acquired locally from the physical device or dynamically via access to a corporate network, each corporate policy prohibiting or restricting access to corporate data in a non-trusted environment;
  
  determining a location of the physical device;
  
  determining whether the user and the physical device is in a trusted or non-trusted environment by comparing the determined location of the physical device with a list of trusted locations, the list of trusted locations being embedded within the policy data or stored separately;
  
  providing access to a subscription-based service that maintains an organization list of individuals and machine identification information indicating that a listed individual or machine is associated with a predetermined organization;
  
  determining that an individual or machine identified on the list associated with a competitive organization is within a predetermined proximity of the physical device, and in response thereto, transmitting an alert to the physical device; and
  
  enforcing a plurality of rules contained in the corporate policy for managing the presentation of sensitive content by blocking a visual presentation or audible presentation of at least one object in portions of the presentation if the physical device is not located in a trusted location or if an individual or a machine identified on the competitive organization list is within a predetermined proximity of the physical device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The machine-readable storage of claim 7, wherein the computer program further comprises a plurality of code sections for causing the machine to provide a reminder of the policy regarding confidential material to the given user in response to an attempt to access sensitive information on the physical device.
  - 9. The machine-readable storage of claim 7, wherein the computer program further comprises a plurality of code sections for causing to request authentication from the given user in response to an attempt to access sensitive information in an open application on the physical device.
  - 10. The machine-readable storage of claim 9, wherein the computer program requests authentication by requesting at least one among a provision of a unique password for the given user, a unique accessing device, or a unique biometric characteristic of the given user.
  - 11. The machine-readable storage of claim 7, wherein the computer program determines a location by using at least one among a global positioning system and a terrestrial wireless infrastructure system to provide the location of the physical device.
  - 12. The machine-readable storage claim 7, wherein the computer program enforces the policy by at least one among blacking out a visual object in a display during the presentation, replacing a visual object with innocuous content during the presentation, visually hiding the at least one object from the given user during the presentation and inserting audio ‘
    - white noise’
      
      gaps in an audio object.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Cossey, Brent, Fitzpatrick, Gregory, Cheng, Tsz
Primary Examiner(s)
Zand; Kambiz
Assistant Examiner(s)
Wang; Harris C

Application Number

US12/401,680
Publication Number

US 20090172408A1
Time in Patent Office

391 Days
Field of Search

713/183
US Class Current

713/183
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/6245   Protecting personal data, e...

G06F 21/84   output devices, e.g. displa...

G06F 2221/2111   Location-sensitive, e.g. ge...

Method and system for managing the display of sensitive content in non-trusted environments

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for managing the display of sensitive content in non-trusted environments

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links