Data protection for keychain syncing
First Claim
1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for:
- receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the keychain data comprising at least one of a password to access a website and a password to access an application;
determining whether a set of conditions defined for the protection domain is satisfied in order for the received keychain data to become accessible to the device, the set of conditions comprising whether the device is in one of a plurality of operational states comprising locked and unlocked states; and
allowing, when the set of conditions is determined as satisfied, access to the received keychain data to process the received keychain data and synchronize the keychain stored on the device with the keychains stored in the set of other devices.
1 Assignment
0 Petitions
Accused Products
Abstract
Some embodiments provide a program that provides data protection for a device when synchronizing a set of keychains stored on the device with a set of other devices. The program receives keychain data for synchronizing the set of keychains stored on the device with the set of other devices. The keychain data is specified as belonging to a protection domain. The program determines whether a set of conditions defined for the protection domain is satisfied. When the set of conditions is determined as satisfied, the program allows access to the keychain data in order to process the keychain data and synchronize the set of keychains stored on the device with the set of other devices.
-
Citations
26 Claims
-
1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the keychain data comprising at least one of a password to access a website and a password to access an application; determining whether a set of conditions defined for the protection domain is satisfied in order for the received keychain data to become accessible to the device, the set of conditions comprising whether the device is in one of a plurality of operational states comprising locked and unlocked states; and allowing, when the set of conditions is determined as satisfied, access to the received keychain data to process the received keychain data and synchronize the keychain stored on the device with the keychains stored in the set of other devices. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing data protection for a device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the method comprising:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the keychain data comprising at least one of a password to access a website and a password to access an application; determining, by the device, whether a set of conditions defined for the protection domain is satisfied in order for the received keychain data to become accessible to the device, the set of conditions comprising whether the device is in one of first and second operational states, wherein the first operation state is different than the second operational state; and when the set of conditions is determined as satisfied, allowing access to the received keychain data in order to process the keychain data and synchronize the keychain stored on the device with the keychains stored in the set of other devices. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a set of keychains stored on the device with a set of keychains stored in a set of other devices, each keychain comprising a set of keychain items, the program comprising sets of instructions for:
-
receiving keychain data for synchronizing a plurality of keychain items in the set of keychains stored on the device with a plurality of keychain items in set the of keychains stored in the set of other devices, each keychain item specified as belonging to a particular protection domain of a plurality of different protection domains, the keychain data comprising at least one of a password to access a website and a password to access an application; determining whether a set of conditions defined for the particular protection domain of each keychain item in the plurality of keychain items is satisfied in order for the keychain item belonging to the particular protection domain to become accessible to the device, the set of conditions comprising whether the device is in one of a plurality of operational states comprising locked and unlocked states; and allowing, when the set of conditions for each keychain item in the plurality of keychain items is determined as satisfied, access to the received keychain data in order to process the received keychain data and synchronize the plurality of keychain items in the set of keychains stored on the device with the plurality of keychain items in the set of keychains stored in the set of other devices. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain; determining whether a set of conditions defined for the protection domain is satisfied in order for the received keychain data to become accessible to the device, the set of conditions comprising whether the device is in one of a plurality of operational states comprising a locked state, an unlocked state, the device being in the locked state but has been in the unlocked state at least once since a last time the device has been booted, a particular application being present in the device, and a first authentication input received from a user of the device to unlock the device and a second authentication input received from the user after the device is unlocked; and allowing, when the set of conditions is determined as satisfied, access to the keychain data to process the received keychain data and synchronize the keychain stored on the device with the keychains stored in the set of other devices.
-
-
22. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a custom defined protection domain; providing a software development kit (SDK) for defining different sets of conditions for protection domains for applications developed to run on the device; determining whether a set of conditions defined for the protection domain is satisfied in order for the received keychain data to become accessible to the device, the set of conditions comprising whether the device is in one of a plurality of operational states comprising locked and unlocked states; and allowing, when the set of conditions is determined as satisfied, access to the received keychain data to process the received keychain data and synchronize the keychain stored on the device with the keychains stored in the set of other devices. - View Dependent Claims (23, 24, 25)
-
-
26. A method for providing data protection for a device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the method comprising:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain; determining, by the device, whether a set of conditions defined for the protection domain is satisfied in order for the received keychain data to become accessible to the device, the set of conditions comprising whether the device is in one of first and second operational states, wherein the first operation state is different than the second operational state, wherein the first and second operational states of the device comprise the device being in a locked state, the device being in an unlocked state, the device being in the locked state but has been in the unlocked state at least once since a last time the device has been booted, a particular application being present in the device, and a first authentication input received from a user of the device to unlock the device and a second authentication input received from the user after the device is unlocked; and when the set of conditions is determined as satisfied, allowing access to the received keychain data in order to process the keychain data and synchronize the keychain stored on the device with the keychains stored in the set of other devices.
-
Specification