Trusted content distribution system

US 9,432,333 B2
Filed: 03/24/2011
Issued: 08/30/2016
Est. Priority Date: 03/24/2010
Status: Active Grant

First Claim

Patent Images

1. A method for providing for a user a secure connection between a first electronic device and a second electronic device over a communication network that may be insecure and that connects the first and second electronic devices, the secure connection being used for exchanging data while executing an application, comprising the steps of:

providing a first electronic device that comprises;

memory, storing user identification information;

a human machine interface associated with the first electronic device; and

at least one communication port;

said first electronic device being a zero client,providing a second electronic device configured to store, control,and execute all applications running while the first and second electronic devices are connected, and storage of all data used with the applications, and administrating the secure connection;

providing a third electronic device comprising;

memory, storing user identification information; and

an initialization module;

connecting the first electronic device with the third electronic device via the communication port;

initializing and managing by said third electronic device operation of the first electronic device for setting-up a secure connection over said communication network with the second electronic device by a trusted boot process that boots an operating system in a random access memory of the first electronic device;

managing every interface of the first electronic device and the secure connection from the second electronic device, the managing comprising administrating the secure connection by the second electronic device by receiving over the secured connection the user identification information and based thereon authenticate the user, the administrating including allowing or denying access to data and/or applications stored on the second electronic device based on the security settings of the authenticated user, andexecuting the application on the second electronic device while exchanging the data over the secure connection for presentation to the user via the human machine interface of the first electronic device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A trusted content distribution system is described comprising a trustworthy enduser device and a network management infrastructure, the enduser device being adapted for communications between the enduser device and the networked infrastructure via a secure tunnel; the end user device comprising a host processor and memory; secure non-volatile memory for storing an operating system, a trusted boot process executed by the host processor to boot the end user device into a known state, means for communicating with a visualization device.

Citations

15 Claims

1. A method for providing for a user a secure connection between a first electronic device and a second electronic device over a communication network that may be insecure and that connects the first and second electronic devices, the secure connection being used for exchanging data while executing an application, comprising the steps of:
- providing a first electronic device that comprises;
  
  memory, storing user identification information;
  
  a human machine interface associated with the first electronic device; and
  
  at least one communication port;
  
  said first electronic device being a zero client,providing a second electronic device configured to store, control,and execute all applications running while the first and second electronic devices are connected, and storage of all data used with the applications, and administrating the secure connection;
  
  providing a third electronic device comprising;
  
  memory, storing user identification information; and
  
  an initialization module;
  
  connecting the first electronic device with the third electronic device via the communication port;
  
  initializing and managing by said third electronic device operation of the first electronic device for setting-up a secure connection over said communication network with the second electronic device by a trusted boot process that boots an operating system in a random access memory of the first electronic device;
  
  managing every interface of the first electronic device and the secure connection from the second electronic device, the managing comprising administrating the secure connection by the second electronic device by receiving over the secured connection the user identification information and based thereon authenticate the user, the administrating including allowing or denying access to data and/or applications stored on the second electronic device based on the security settings of the authenticated user, andexecuting the application on the second electronic device while exchanging the data over the secure connection for presentation to the user via the human machine interface of the first electronic device.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, further comprising executing for a user an application over the secure connection between the first electronic device and the second electronic device overthe communication network, connecting the first and second electronic devices, the secure connection being used for exchanging data while executing the application, the method comprising the step of:
    - establishing the secure connection in accordance with the method of claim 1.
3. The method of claim 1, after establishing the secure connection, further comprising the step of:
- executing the application under the control of the second electronic device while exchanging the content over the secure connection for presentation to the user via the human machine interface of the first electronic device.

4. A trusted content distribution system for providing for a user a secure connection between a first electronic device and a second electronic device over a communication network that connects the first and second electronicdevices, the secure connection being used for exchanging data, said first electronic device comprising:
- memory, storing user identification information;
  
  a human machine interface associated with the first electronic device; and
  
  at least one communication port;
  
  said first electronic device being a zero client,whereby said second electronic device is configured to store and execute all applications running while the first and second electronic devices are connected, store all data used with the applications, and administer the secure connection; and
  
  whereby a third electronic device is used, the third electronic device comprising;
  
  memory, storing user identification information;
  
  and an initialization module;
  
  whereby the at least one communication port is configured to connect the first electronic device with the third electronic device;
  
  the system further comprising;
  
  means for initializing and managing by said third electronic device the operation of the first electronic device for setting-up a secure connection over said communication network with the second electronic device, the means for initializing being a trusted boot process that boots an operating system in a random access memory of the first electronic device;
  
  means for managing every interface of the first electronic device and the secure connection from the second electronic device, the managing comprising administrating the secure connection by the second electronic device by receiving over the secure connection the user identification information and based thereon authenticate the user, the administrating including allowing or denying access to data and/or applications stored on the second electronic device based on the security settings of the authenticated user; and
  
  means for executing the application on the second electronic device while exchanging the data over the secure connection for presentation to the user via the human machine interface of the first electronic device.
- View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 5. The trusted content distribution system of claim 4 wherein the means for managing comprises an appliance box communicating with the first electronic device device over a secure tunnel.
  - 6. The trusted content distribution system of claim 5, wherein the appliance box comprises a proxy component and a management component.
  - 7. The trusted content distribution system of claim 5, wherein the appliance box is provided with any of network connectivity, Support and Maintenance at boot time, and a Web-enabled Management Console.
  - 8. The trusted content distribution system of claim 4, wherein the first electronic device is configured to provide one or more authentication mechanisms to access content that is centralized on the communication network, orwherein the first electronic device is configured to use one or both logical and physical access control.
  - 9. The trusted content distribution system of claim 4 wherein a client operating system runs either natively or virtually on the first electronic device.
  - 10. The trusted content distribution system of claim 4 wherein the first electronic device is configured for Single Sign-On.
  - 11. The trusted content distribution system of claim 4 wherein the first electronic device is configured to use a strong authentication medium.
  - 12. The trusted content distribution system of claim 4, wherein the means for initializing is a trusted boot process that boots an operating system in a random access memory of the first electronic device.
  - 13. The trusted content distribution system of claim 4, wherein the first electronic device is configured to receive over the secure connection the user identification information and based thereon to authenticate the user, the means for managing every interface being configured to allow or deny access to data and/or applications under the control of the second electronic device based on security settings of the authenticated user.
  - 14. The trusted content distribution system of claim 4, wherein the second electronic device is configured to control execution of an application while exchanging content over the secure connection for presentation to the user via the human machine interface of the first electronic device.

15. A bootable user specific electronic device comprising:
- memory, storing user identification information;
  
  a communications port and an initialization module;
  
  the user specific electronic device having means for initializing and managing operation of a further electronic device for setting-up a secure connection over a communication network with a third electronic device for trusted content distribution using a secure connection between the further electronic device and the third electronic device, the secure connection being used for exchanging data, the means for initializing being a trusted boot process that boots an operatingsystem in a random access memory of the first electronic device, said further electronic device being a zero client device and comprising;
  
  a human machine interface associated with the further electronic device;
  
  the communications port being configured to connect the user specific electronic device to the further electronic device, the initialization module being configured to install an operating system on the further electronic device that allows managing of every interface of the further electronic device from the third electronic device via the secure connection, the managing comprising administrating the secure connection by the third electronic device by receiving over the secure connection the user identification information and based thereon authenticate the user, the administrating includes allowing or denying access to data and/or applications stored on the user specific electronic device based on the security settings of the authenticated user, andexecuting the application on the third electronic device while exchanging the data over the secure connection for presentation to the user via the human machine interface of the further electronic device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
E&M Enterprises LLC
Original Assignee
E&M Enterprises LLC
Inventors
Dhaene, Christophe
Primary Examiner(s)
Zecher, Dede
Assistant Examiner(s)
Lakhia, Viral

Application Number

US13/636,825
Publication Number

US 20130074165A1
Time in Patent Office

1,986 Days
Field of Search

726/5, 726/6, 713/156, 713/158, 709220-223
US Class Current

1/1
CPC Class Codes

G06F 21/34   involving the use of extern...

H04L 63/0272   Virtual private networks

H04L 63/0815   providing single-sign-on or...

Trusted content distribution system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted content distribution system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links