Sealing secret data with a policy that includes a sensor-based constraint
First Claim
Patent Images
1. A method executed at a mobile computing device, the method comprising:
- at a processor on a mobile computing device;
receiving, from an application executing on the mobile computing device, a request to access secret data retained on computer-readable storage of the mobile computing device;
responsive to receiving the request, retrieving an encrypted policy from the computer-readable storage on the mobile computing device and decrypting the encrypted policy, the policy comprising a sensor-based constraint, the sensor-based constraint tied to a sensor on the mobile computing device, the policy defines a value from the sensor that satisfies the sensor-based constraint;
responsive to retrieving and decrypting the encrypted policy, requesting a sensor reading from the sensor on the mobile computing device;
receiving the sensor reading;
determining whether the policy is satisfied based upon a comparison between the value defined in the policy and the sensor reading from the sensor; and
when and only when the policy is satisfied, providing the application with the secret data.
2 Assignments
0 Petitions
Accused Products
Abstract
Technologies pertaining to limiting access to secret data through utilization of sensor-based constraints are described herein. A sensor-based constraint is a constraint that can only be satisfied by predefined readings that may be output by at least one sensor on a mobile computing device. If the sensor on the mobile computing device outputs a reading that satisfies the sensor-based constraint, secret data is provided to a requesting application. Otherwise, the requesting application is prevented from accessing the secret data.
-
Citations
20 Claims
-
1. A method executed at a mobile computing device, the method comprising:
at a processor on a mobile computing device; receiving, from an application executing on the mobile computing device, a request to access secret data retained on computer-readable storage of the mobile computing device; responsive to receiving the request, retrieving an encrypted policy from the computer-readable storage on the mobile computing device and decrypting the encrypted policy, the policy comprising a sensor-based constraint, the sensor-based constraint tied to a sensor on the mobile computing device, the policy defines a value from the sensor that satisfies the sensor-based constraint; responsive to retrieving and decrypting the encrypted policy, requesting a sensor reading from the sensor on the mobile computing device; receiving the sensor reading; determining whether the policy is satisfied based upon a comparison between the value defined in the policy and the sensor reading from the sensor; and when and only when the policy is satisfied, providing the application with the secret data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
12. A computing device, comprising:
-
a processor; and computer-readable storage that stores instructions that, when executed by the processor, cause the processor to perform acts comprising; receiving, from an application executing on the computing device, a request to unseal secret data from a policy, the policy encrypted and stored in the computer-readable storage, the policy comprises a sensor-based constraint that is tied to a sensor on the computing device, the policy defining a sensor value that satisfies the sensor-based constraint, the sensor-based constraint satisfiable only by data output by the sensor; responsive to receiving the request, decrypting the policy; responsive to decrypting the policy, identifying the sensor that is tied to the sensor-based constraint; responsive to identifying the sensor, retrieving a sensor reading from the sensor; and unsealing the secret data from the policy and outputting the secret data to the application when and only when the sensor reading from the sensor corresponds to the sensor value and satisfies the sensor-based constraint. - View Dependent Claims (13, 14, 15, 16, 17, 18)
-
-
19. A computer-readable medium comprising instructions that, when executed by a processor, cause the processor to perform acts comprising:
-
receiving a request to transmit a text message by way of a text messaging application installed on a mobile computing device; responsive to receiving the request, retrieving a policy retained in computer-readable storage on the mobile computing device, the policy defines whether transmittal of text messages is authorized, the policy comprising a sensor-based constraint that is tied to a sensor on the mobile computing device, the policy defines a value that satisfies the sensor-based constraint; retrieving a sensor reading from the sensor on the mobile computing device; determining whether the sensor-based constraint has been satisfied based upon a comparison between the value defined in the policy and the sensor reading from the sensor; and when and only when the sensor-based constraint is satisfied, transmitting the text message. - View Dependent Claims (20)
-
Specification