Key revocation in a mobile device
First Claim
Patent Images
1. A network services revocation system comprising:
- a device configured to access a plurality of network-based services, the device further configured to store one or more authentication credentials for authenticating the device, and data associated with an access to a network-based service in the plurality of network-based services;
an agent provided by a network server, the agent configured to provide a plurality of revocation procedures for revoking access to the plurality of network-based services;
wherein the agent is configured to store for each network-based service, an identification of a revocation procedure in the plurality of revocation procedures associated with the network-based service,wherein the agent is further configured to access the identification of the revocation procedure associated with a requested network-based service and to revoke access to the requested network-based service based on the revocation procedure,wherein the agent is further configured to prevent re-authentication of the requested network-based service by revoking an authentication credential used for authenticating the device to the requested network-based service, and configured to cause deletion of data associated with previous access to the requested network-based service.
7 Assignments
0 Petitions
Accused Products
Abstract
A system for revoking access to a mobile device comprises a mobile device providing a plurality of applications and an agent providing a plurality of revocation procedures for revoking access by the mobile device to the plurality of applications running on the mobile device. Access to a first application is revoked by the agent using a first revocation procedure, and access to a second application is revoked by the agent using a second revocation procedure.
-
Citations
15 Claims
-
1. A network services revocation system comprising:
-
a device configured to access a plurality of network-based services, the device further configured to store one or more authentication credentials for authenticating the device, and data associated with an access to a network-based service in the plurality of network-based services; an agent provided by a network server, the agent configured to provide a plurality of revocation procedures for revoking access to the plurality of network-based services; wherein the agent is configured to store for each network-based service, an identification of a revocation procedure in the plurality of revocation procedures associated with the network-based service, wherein the agent is further configured to access the identification of the revocation procedure associated with a requested network-based service and to revoke access to the requested network-based service based on the revocation procedure, wherein the agent is further configured to prevent re-authentication of the requested network-based service by revoking an authentication credential used for authenticating the device to the requested network-based service, and configured to cause deletion of data associated with previous access to the requested network-based service. - View Dependent Claims (2, 3, 4, 15)
-
-
5. A system for revoking access to a plurality of network-based services, comprising:
-
a device configured to access the plurality of network-based services, the device further configured to store one or more authentication credentials for authenticating the device, and data associated with an access to a network-based service in the plurality of network-based services; an agent provided by a network server, the agent configured to provide a plurality of revocation procedures for revoking access to the plurality of network-based services; wherein the agent is configured to revoke access to a first one of the plurality of services using a first set of the plurality of revocation procedures; wherein the agent is further configured to revoke access to a second one of the plurality of services using a second set of the plurality of revocation procedures; wherein a revocation procedure in the first set of the plurality of revocation procedures is based on authentication procedures; and wherein the agent is further configured to prevent re-authentication of a revoked network-based service in the plurality of network-based services by deleting an authentication credential stored at the device used for authenticating the device to the revoked network-based service and configured to cause deletion of data associated with previous access to the revoked network-based service. - View Dependent Claims (6, 7, 8, 9, 10, 11, 12, 13, 14)
-
Specification