Secure application access system

US 9,553,867 B2
Filed: 08/01/2013
Issued: 01/24/2017
Est. Priority Date: 08/01/2013
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining, by a first device, one or more non-empty application programs resident on a second device;

determining whether the second device requires removal of data belonging to one or more application programs of the one or more non-empty application programs;

in response to determining that the second device requires removal of data, synchronizing, by the first device, each application program of the one or more application programs on the second device with an associated null account;

determining whether the second device requires synchronizing of data belonging to one or more application programs resident on at least one server; and

in response to determining that the second device requires synchronizing;

retrieving, by the first device, data associated with each resident application program of the one or more determined resident application programs from the at least one server;

redacting portions of the data associated with one or more resident application programs of the one or more determined resident application programs, by replacing each portion of the data with a network address directed to the first device thereby allowing dynamic control of access to the portion of data; and

synchronizing each resident application program of the one or more determined resident application programs on the second device with the associated data having redacted portions, when the associated data has had portions redacted.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A proxy server receives a synchronization request from an application program resident on a user device. The proxy server determines that the user device requires removal of application program data and synchronizes the application program resident on the user device with a null account that is associated with application program.

Citations

12 Claims

1. A method, comprising:
- determining, by a first device, one or more non-empty application programs resident on a second device;
  
  determining whether the second device requires removal of data belonging to one or more application programs of the one or more non-empty application programs;
  
  in response to determining that the second device requires removal of data, synchronizing, by the first device, each application program of the one or more application programs on the second device with an associated null account;
  
  determining whether the second device requires synchronizing of data belonging to one or more application programs resident on at least one server; and
  
  in response to determining that the second device requires synchronizing;
  
  retrieving, by the first device, data associated with each resident application program of the one or more determined resident application programs from the at least one server;
  
  redacting portions of the data associated with one or more resident application programs of the one or more determined resident application programs, by replacing each portion of the data with a network address directed to the first device thereby allowing dynamic control of access to the portion of data; and
  
  synchronizing each resident application program of the one or more determined resident application programs on the second device with the associated data having redacted portions, when the associated data has had portions redacted.
- View Dependent Claims (2, 3, 4)
- - 2. The method as recited in claim 1, wherein the first device is a proxy server.
  - 3. The method as recited in claim 1, wherein the null account synchronizing step causes data on the second device to be removed.
  - 4. The method as recited in claim 1, wherein at least one of the one or more non-empty application programs resident on the second device is an email application program.

5. An apparatus, comprising:
- a subsystem on a first device, implemented at least partially in hardware, that determines one or more non-empty application programs resident on a second device;
  
  a subsystem, implemented at least partially in hardware, that determines whether the second device requires removal of data belonging to one or more application programs of the one or more non-empty application programs;
  
  a null account synchronizing subsystem on the first device, implemented at least partially in hardware, that, in response to determining that the second device requires removal of data, synchronizes each application program of the one or more application programs on the second device with an associated null account;
  
  a subsystem, implemented at least partially in hardware, that determines whether the second device requires synchronizing of data belonging to one or more application programs resident on at least one server; and
  
  a subsystem on the first device, implemented at least partially in hardware, that, in response to determining that the second device requires synchronizing;
  
  retrieves data associated with each resident application program of the one or more determined resident application programs from the at least one server;
  
  redacts portions of the data associated with one or more resident application programs of the one or more determined resident application programs, by replacing each portion of the data with a network address directed to the first device thereby allowing dynamic control of access to the portion of data; and
  
  synchronizes each resident application program of the one or more determined resident application programs on the second device with the associated data having redacted portions, when the associated data has had portions redacted.
- View Dependent Claims (6, 7, 8)
- - 6. The apparatus as recited in claim 5, wherein the first device is a proxy server.
  - 7. The apparatus as recited in claim 5, wherein the null account synchronizing subsystem causes data on the second device to be removed.
  - 8. The apparatus as recited in claim 5, wherein at least one of the one or more non-empty application programs resident on the second device is an email application program.

9. A non-transitory computer readable medium, comprising software instructions, which when executed by one or more processors cause performance of:
- determining, by a first device, one or more non-empty application programs resident on a second device;
  
  determining whether the second device requires removal of data belonging to one or more application programs of the one or more non-empty application programs;
  
  in response to determining that the second device requires removal of data, synchronizing, by the first device, each application program of the one or more application programs on the second device with an associated null account;
  
  determining whether the second device requires synchronizing of data belonging to one or more application programs resident on at least one server; and
  
  in response to determining that the second device requires synchronizing;
  
  retrieving, by the first device, data associated with each resident application program of the one or more determined resident application programs from the at least one server;
  
  redacting portions of the data associated with one or more resident application programs of the one or more determined resident application programs, by replacing each portion of the data with a network address directed to the first device thereby allowing dynamic control of access to the portion of data; and
  
  synchronizing each resident application program of the one or more determined resident application programs on the second device with the associated data having redacted portions, when the associated data has had portions redacted.
- View Dependent Claims (10, 11, 12)
- - 10. The non-transitory computer readable medium as recited in claim 9, wherein the first device is a proxy server.
  - 11. The non-transitory computer readable medium as recited in claim 9, wherein the null account synchronizing step causes data on the second device to be removed.
  - 12. The non-transitory computer readable medium as recited in claim 9, wherein at least one of the one or more non-empty application programs resident on the second device is an email application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bitglass, Inc. (Francisco Partners Management LLC)
Original Assignee
Bitglass, Inc. (Francisco Partners Management LLC)
Inventors
Kahol, Anurag, Bhattacharjya, Anoop Kumar, Kausik, Balas Natarajan
Primary Examiner(s)
Chacko, Joe

Application Number

US13/957,274
Publication Number

US 20150039677A1
Time in Patent Office

1,272 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/0815   providing single-sign-on or...

H04L 63/0884   by delegation of authentica...

H04L 63/10   for controlling access to d...

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 67/1001   for accessing one among a p...

H04L 67/56   Provisioning of proxy servi...

Secure application access system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Secure application access system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links