User associated geo-location based reauthorization to protect confidential information

US 8,856,916 B1
Filed: 10/05/2012
Issued: 10/07/2014
Est. Priority Date: 10/05/2012
Status: Active Grant

First Claim

Patent Images

1. A computer implemented method for blocking unauthorized access to confidential information stored on a specific user'"'"'s mobile computing device, even to a party that has physical control of the mobile computing device and enters any user identifiers and passwords associated with accessing the confidential information, the method comprising:

generating a trigger indicating to prevent access only to the confidential information in response to receiving user-entered input indicating to execute a confidential information protection process;

receiving, by the mobile computing device, the trigger indicating to prevent access to the confidential information on the mobile computing device;

responsive to receiving the trigger, preventing access to the confidential information on the mobile computing device by any party, until a successful reauthorization by the specific user from an authorized, geo-location associated with the specific user has occurred;

responsive to receiving a directive from a user indicating to initiate a reauthorization attempt, attempting to reauthorize to access the confidential information on the mobile computing device, the attempt to reauthorize only being successful responsive to a current geo-location of the mobile computing device at a time of the attempt to reauthorize being an authorized geo-location associated with the specific user; and

only in response to the attempt to reauthorize being successful, re-allowing access to the confidential information on the mobile computing device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In response to a trigger indicating to prevent access to confidential information on a specific user'"'"'s mobile device, access is prevented to all parties, until a successful reauthorization occurs. Preventing access can comprise storing encrypted confidential information and removing the decryption key. In order to subsequently access the confidential information, a reauthorization attempt is made. The current geo-location of the mobile device at the time of the attempt is compared to at least one authorized geo-location associated with the specific user. In response to a) the password and user identifier being correct and to b) the current geo-location of the mobile computing device being an authorized geo-location associated with the specific user, the attempt to reauthorize is successful, whereas otherwise the attempt is unsuccessful. Only in response to a successful attempt is access to the confidential information re-allowed.

29 Citations

View as Search Results

20 Claims

1. A computer implemented method for blocking unauthorized access to confidential information stored on a specific user'"'"'s mobile computing device, even to a party that has physical control of the mobile computing device and enters any user identifiers and passwords associated with accessing the confidential information, the method comprising:
- generating a trigger indicating to prevent access only to the confidential information in response to receiving user-entered input indicating to execute a confidential information protection process;
  
  receiving, by the mobile computing device, the trigger indicating to prevent access to the confidential information on the mobile computing device;
  
  responsive to receiving the trigger, preventing access to the confidential information on the mobile computing device by any party, until a successful reauthorization by the specific user from an authorized, geo-location associated with the specific user has occurred;
  
  responsive to receiving a directive from a user indicating to initiate a reauthorization attempt, attempting to reauthorize to access the confidential information on the mobile computing device, the attempt to reauthorize only being successful responsive to a current geo-location of the mobile computing device at a time of the attempt to reauthorize being an authorized geo-location associated with the specific user; and
  
  only in response to the attempt to reauthorize being successful, re-allowing access to the confidential information on the mobile computing device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The method of claim 1 wherein:
    - the confidential information further comprises encrypted confidential information; and
      
      whereinpreventing access to the confidential information on the mobile computing device by any party further comprises;
      
      removing a key required to decrypt the encrypted confidential information.
  - 3. The method of claim 2 wherein removing the key required to decrypt the encrypted confidential information further comprises:
    - physically removing the key required to decrypt the confidential information from the mobile computing device.
  - 4. The method of claim 2 wherein removing the key required to decrypt the encrypted confidential information further comprises:
    - programmatically making the key required to decrypt the confidential information inaccessible.
  - 5. The method of claim 2 wherein re-allowing access to the confidential information on the mobile computing device only in response to the attempt to reauthorize being successful further comprises:
    - providing the key required to decrypt the encrypted confidential information, responsive to the current geo-location of the mobile computing device at the time of the attempt to reauthorize being an authorized geo-location associated with the specific user.
  - 6. The method of claim 5 wherein providing the key required to decrypt the encrypted confidential information further comprises:
    - receiving, by the mobile computing device, a transmission of the key required to decrypt the confidential information from a remote computer.
  - 7. The method of claim 5 wherein providing the key required to decrypt the encrypted confidential information further comprises:
    - programmatically making the key required to decrypt the confidential information accessible locally on the mobile computing device.
  - 8. The method of claim 1 wherein preventing access to confidential information on the mobile computing device by any party further comprises:
    - programmatically preventing any party from reading confidential information on the mobile computing device.
  - 9. The method of claim 1 wherein preventing access to confidential information on the mobile computing device by any party further comprises:
    - programmatically preventing any party from executing confidential information on the mobile computing device.
  - 10. The method of claim 1 wherein attempting to reauthorize to access the confidential information on the mobile computing device further comprises:
    - determining the current geo-location of the mobile computing device at the time of the attempt to reauthorize;
      
      transmitting a reauthorization request to a remote computer, the re-authorization request comprising an identifier of the specific user, an associated password and the current geo-location of the mobile computing device at the time of the attempt to reauthorize; and
      
      in response to a) the password and user identifier being correct and to b) the current geo-location of the mobile computing device at the time of the attempt to reauthorize being an authorized geo-location associated with the specific user, receiving an indication from the remote computer that the attempt to reauthorize is successful.
  - 11. The method of claim 1 wherein attempting to reauthorize to access the confidential information on the mobile computing device further comprises:
    - determining the current geo-location of the mobile computing device at the time of the attempt to reauthorize;
      
      transmitting a reauthorization request to a remote computer, the re-authorization request comprising an identifier of the specific user, an associated password and the current geo-location of the mobile computing device at the time of the attempt to reauthorize; and
      
      in response to the current geo-location of the mobile computing device at the time of the attempt to reauthorize not being an authorized geo-location associated with the specific user, receiving an indication from the remote computer that the attempt to reauthorize is not successful.
  - 12. The method of claim 1 wherein attempting to reauthorize to access the confidential information on the mobile computing device further comprises:
    - determining the current geo-location of the mobile computing device at the time of the attempt to reauthorize;
      
      comparing the current geo-location of the mobile computing device at the time of the attempt to reauthorize to at least one authorized geo-location associated with the specific user; and
      
      in response to a) the password and user identifier being correct and to b) the current geo-location of the mobile computing device at the time of the attempt to reauthorize being an authorized geo-location associated with the specific user, adjudicating the attempt to reauthorize as successful.
  - 13. The method of claim 1 wherein attempting to reauthorize to access the confidential information on the mobile computing device further comprises:
    - determining the current geo-location of the mobile computing device at the time of the attempt to reauthorize;
      
      comparing the current geo-location of the mobile computing device at the time of the attempt to reauthorize to at least one authorized geo-location associated with the specific user; and
      
      in response to the current geo-location of the mobile computing device at the time of the attempt to reauthorize not being an authorized geo-location associated with the specific user, adjudicating the attempt to reauthorize as unsuccessful.
  - 14. The method of claim 1 further comprising:
    - generating the trigger indicating to prevent access to the confidential information automatically, in response to determining that the mobile computing device is located within a specific proximity to an insecure location.
  - 15. The method of claim 1 wherein:
    - an authorized geo-location associated with the specific user further comprises a geo-location to which the specific user has access but that is not publically accessible, and at which it has been pre-determined that the specific user is permitted to reauthorize and thus access otherwise un-accessible confidential information on the mobile computing device.
  - 16. The method of claim 1 wherein:
    - at least one authorized geo-location associated with the specific user consists of at least one geo-location from a group of geo-locations consisting of;
      
      a home of the specific user, an office of the specific user, a specific field office at which the specific user is scheduled to work during a specific business trip and a specific hotel at which the specific user is scheduled to stay during a specific trip.
  - 17. The method of claim 1 further comprising:
    - responsive to a change concerning the specific user, performing at least one step concerning at least one authorized geo-location associated with the specific user from a group of steps consisting of;
      
      adding at least one authorized geo-location associated with the specific user, editing at least one authorized geo-location associated with the specific user and deleting at least one authorized geo-location associated with the specific user.
  - 18. The method of claim 1 wherein preventing access to the confidential information on the mobile computing device by any party further comprises:
    - encrypting the confidential information on the mobile computing device; and
      
      removing a key required to decrypt the encrypted confidential information.

19. At least one non-transitory computer readable-storage medium for blocking unauthorized access to confidential information stored on a specific user'"'"'s mobile computing device, even to a party that has physical control of the mobile computing device and enters any user identifiers and passwords associated with accessing the confidential information, the at least one non-transitory computer readable-storage medium storing computer executable instructions that, when loaded into computer memory and executed by at least one processor of a computing device, cause the computing device to perform the following steps:
- generating a trigger indicating to prevent access only to the confidential information in response to receiving user-entered input indicating to execute a confidential information protection process;
  
  receiving, by the mobile computing device, the trigger indicating to prevent access to the confidential information on the mobile computing device;
  
  responsive to receiving the trigger, preventing access to the confidential information on the mobile computing device by any party, until a successful reauthorization by the specific user from an authorized, geo-location associated with the specific user has occurred;
  
  responsive to receiving a directive from a user indicating to initiate a reauthorization attempt, attempting to reauthorize to access the confidential information on the mobile computing device, the attempt to reauthorize only being successful responsive to a current geo-location of the mobile computing device at a time of the attempt to reauthorize being an authorized geo-location associated with the specific user; and
  
  only in response to the attempt to reauthorize being successful, re-allowing access to the confidential information on the mobile computing device.

20. A computer system for blocking unauthorized access to confidential information stored on a specific user'"'"'s mobile computing device, even to a party that has physical control of the mobile computing device and enters any user identifiers and passwords associated with accessing the confidential information, the computer system comprising:
- system memory;
  
  a trigger generating module residing in the computer memory, the trigger generating module being programmed to generate a trigger indicating to prevent access only to the confidential information in response to receiving user-entered input indicating to execute a confidential information protection process;
  
  a trigger receiving module residing in the computer memory, the trigger receiving module being programmed to receive the trigger indicating to prevent access to the confidential information on the mobile computing device;
  
  an access preventing module residing in the computer memory, the access preventing module being programmed to prevent access to the confidential information on the mobile computing device by any party until a successful reauthorization by the specific user from an authorized, geo-location associated with the specific user has occurred;
  
  a reauthorization attempting module residing in the computer memory, the reauthorization attempting module being programmed, responsive to receiving a directive from a user indicating to initiate a reauthorization attempt, to attempt to reauthorize to access the confidential information on the mobile computing device, the attempt to reauthorize only being successful responsive to a current geo-location of the mobile computing device at a time of the attempt to reauthorize being an authorized geo-location associated with the specific user; and
  
  an access re-allowing module residing in the computer memory, the access re-allowing module being programmed to re-allow access to the confidential information on the mobile computing device, only in response to the attempt to reauthorize being successful.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Symantec Corporation (NortonLifeLock Inc.)
Inventors
Sobel, William E.
Primary Examiner(s)
POWERS, WILLIAM S

Application Number

US13/646,586
Time in Patent Office

732 Days
Field of Search

726/17, 726/26
US Class Current

726/17
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04W 12/06   Authentication

H04W 12/126   Anti-theft arrangements, e....

H04W 12/30   Security of mobile devices;...

H04W 12/61   Time-dependent

H04W 12/64   using geofenced areas

H04W 4/021   Services related to particu...

User associated geo-location based reauthorization to protect confidential information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

User associated geo-location based reauthorization to protect confidential information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links