System and method for securing wireless data
First Claim
1. A method for handling secure data stored on a device, wherein the device is configurable to communicate over a data channel with an external security information source associated with a user of the device, said method comprising:
- receiving at the device, from a rules database, secure data for a specific recipient, the secure data having been encrypted at the rules database using an encryption key, wherein recipient user identification information associated with the specific recipient is stored on an external security information source, and the rules database contains a copy of the recipient user identification information;
upon receiving a request to access the secure data on the device, obtaining external user identification information from the external security information source, wherein the external security information source has a location proximate to the device;
obtaining at the device, a public key for the secure data from the rules database, wherein the public key is generated based on the copy of the recipient user identification information and the encryption key;
generating a decryption key at the device using the public key and the external user identification information;
decrypting at the device, the secure data using the decryption key; and
wherein the secure data is accessible when the external user identification information matches the recipient user identification information.
5 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for operation upon a data processing device for handling secure data stored on the device. The device is configurable to communicate over a data channel with an external security information source. User identification information is received from the external security information source which identifies a user of the device. The device, based upon the received user identification information, determines whether the secure data stored on the device is to be accessed by a user of the device.
14 Citations
20 Claims
-
1. A method for handling secure data stored on a device, wherein the device is configurable to communicate over a data channel with an external security information source associated with a user of the device, said method comprising:
-
receiving at the device, from a rules database, secure data for a specific recipient, the secure data having been encrypted at the rules database using an encryption key, wherein recipient user identification information associated with the specific recipient is stored on an external security information source, and the rules database contains a copy of the recipient user identification information; upon receiving a request to access the secure data on the device, obtaining external user identification information from the external security information source, wherein the external security information source has a location proximate to the device; obtaining at the device, a public key for the secure data from the rules database, wherein the public key is generated based on the copy of the recipient user identification information and the encryption key; generating a decryption key at the device using the public key and the external user identification information; decrypting at the device, the secure data using the decryption key; and wherein the secure data is accessible when the external user identification information matches the recipient user identification information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 15)
-
-
14. A device configurable to communicate over a data channel with an external security information source, the device comprising:
-
a processor; instructions configured to operate on the processor and to receive at the device, from a rules database, secure data for a specific recipient, the secure data having been encrypted at the rules database using an encryption key, wherein recipient user identification information associated with the specific recipient is stored on an external security information source, and the rules database contains a copy of the recipient user identification information; instructions configured to operate on the processor and to obtain, upon receiving a request to access the secure data on the device, external user identification information at the device from the external security information source, wherein the external security information source has a location proximate to the device; instructions configured to operate on the processor and to obtain at the device, a public key for the secure data from the rules database, wherein the public key is generated based on the copy of the recipient user identification information and the encryption key; instructions configured to operate on the processor and to generate a decryption key at the device using the public key and the external user identification information; and instructions configured to operate on the processor and to decrypt at the device, the secure data using the decryption key, wherein the secure data is accessible when the external user identification information matches the recipient user identification information. - View Dependent Claims (16)
-
-
17. A system for handling secure data sent to a device, said system comprising:
-
an external security information source configured to provide user identification information to a device over an external data channel when the external security information source has a location proximate to the device, wherein the user identification information is associated with a specific user; and a rules database configured to encrypt secure data for a specific recipient using an encryption key and send the secure data to the device, wherein the rules database contains a copy of recipient user identification information associated with the specific recipient; wherein the rules database is configured to generate a public key for the secure data based on the copy of the recipient user identification information and the encryption key, and to send the public key to the device; the device configured, upon receiving a request to access the secure data, to obtain external user identification information from the external security information source and to generate a decryption key for accessing the secure data, the decryption key based on the public key and the received external user identification information; and wherein the secure data is accessible using the decryption key when the external user identification information matches the recipient user identification information. - View Dependent Claims (18, 19, 20)
-
Specification