Secure garbage collection on a mobile device

US 9,558,113 B2
Filed: 03/23/2016
Issued: 01/31/2017
Est. Priority Date: 03/20/2002
Status: Expired due to Term

First Claim

Patent Images

1. A method for performing secure garbage collection involving unreferenced data objects on a computing device, the method comprising:

receiving information over a network;

creating a first data object corresponding to the received information;

storing the first data object in an addressable storage memory on the computing device;

extracting a second data object from the first data object, wherein the second data object is accessible using a third data object;

unreferencing the third data object;

in response to determining that the third data object has become unreferenced, calling a wipe function to overwrite the addressable storage memory of the computing device where the first, second, and third data objects are stored; and

reclaiming the addressable storage memory where the first, second, and third data objects were stored.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems for performing garbage collection involving sensitive information on a mobile device are described herein. Secure information is received at a mobile device over a wireless network. The sensitive information is extracted from the secure information. A software program operating on the mobile device uses an object to access the sensitive information. Secure garbage collection is performed upon the object after the object becomes unreachable.

57 Citations

20 Claims

1. A method for performing secure garbage collection involving unreferenced data objects on a computing device, the method comprising:
- receiving information over a network;
  
  creating a first data object corresponding to the received information;
  
  storing the first data object in an addressable storage memory on the computing device;
  
  extracting a second data object from the first data object, wherein the second data object is accessible using a third data object;
  
  unreferencing the third data object;
  
  in response to determining that the third data object has become unreferenced, calling a wipe function to overwrite the addressable storage memory of the computing device where the first, second, and third data objects are stored; and
  
  reclaiming the addressable storage memory where the first, second, and third data objects were stored.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the first data object is a secure data object comprising an encrypted message, the second data object is a sensitive data object comprising an unencrypted message of the first data object, and the third data object is a user interface object.
  - 3. The method of claim 2, wherein said extracting further comprises:
    - generating, by a private key, the second data object from the first data object.
  - 4. The method of claim 1, wherein the first, second, and third data objects are indexed inside of storage elements in a reference table in the addressable storage memory.
  - 5. The method of claim 1, wherein said unreferencing is performed in response to receiving a trigger event, the trigger event comprising at least a timeout event, a holster event, a cradle event, a screen lock event, a screen unlock event, an application event, a time zone alteration event, or a communication event.
  - 6. The method of claim 1, wherein the first data object is an S/MIME encrypted message.
  - 7. The method of claim 6, wherein the second data object is an unencrypted version of the S/MIME message.

8. One or more nontransitory computer readable media storing computer executable instructions that, when executed by a processor, cause a computing device to perform secure garbage collection involving unreferenced data objects on the computing device by:
- receiving information over a network;
  
  creating a first data object corresponding to the received information;
  
  storing the first data object in an addressable storage memory on the computing device;
  
  extracting a second data object from the first data object, wherein the second data object is accessible using a third data object;
  
  unreferencing the third data object;
  
  in response to determining that the third data object has become unreferenced, calling a wipe function to overwrite the addressable storage memory of the computing device where the first, second, and third data objects are stored; and
  
  reclaiming the addressable storage memory where the first, second, and third data objects were stored.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The computer readable media of claim 8, wherein the first data object is a secure data object comprising an encrypted message, the second data object is a sensitive data object comprising an unencrypted message of the first data object, and the third data object is a user interface object.
  - 10. The computer readable media of claim 9, wherein said extracting further comprises:
    - generating, by a private key, the second data object from the first data object.
  - 11. The computer readable media of claim 8, wherein the first, second, and third data objects are indexed inside of storage elements in a reference table in the addressable storage memory.
  - 12. The computer readable media of claim 8, wherein said unreferencing is performed in response to receiving a trigger event, the trigger event comprising at least a timeout event, a holster event, a cradle event, a screen lock event, a screen unlock event, an application event, a time zone alteration event, or a communication event.
  - 13. The computer readable media of claim 8, wherein overwriting the unreferenced object includes overwriting the memory location where the unreferenced object is stored with a sequence of bits comprising all zeros, all ones, or random data.
  - 14. The computer readable media of claim 8, wherein the computing device is a wireless two-way communication device.
  - 15. The computer readable media of claim 8, wherein the third data object is a user interface object configured to display the sensitive information.

16. A mobile device, comprising:
- a processor; and
  
  memory storing computer readable instructions that, when executed by the processor, cause the mobile device to perform secure garbage collection by;
  
  receiving, wirelessly, information over a network;
  
  creating a first data object corresponding to the received information;
  
  storing the first data object in an addressable storage memory on the mobile device;
  
  extracting a second data object from the first data object, wherein the second data object is accessible using a third data object;
  
  unreferencing the third data object;
  
  in response to determining that the third data object has become unreferenced, calling a wipe function to overwrite the addressable storage memory of the mobile device where the first, second, and third data objects are stored; and
  
  reclaiming the addressable storage memory where the first, second, and third data objects were stored.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The mobile device of claim 16, wherein the first data object is a secure data object comprising an encrypted message, the second data object is a sensitive data object comprising an unencrypted message of the first data object, and the third data object is a user interface object.
  - 18. The mobile device of claim 17, wherein said extracting further comprises:
    - generating, by a private key, the second data object from the first data object.
  - 19. The mobile device of claim 16, wherein the first, second, and third data objects are indexed inside of storage elements in a reference table in the addressable storage memory.
  - 20. The mobile device of claim 16, wherein said unreferencing is performed in response to receiving a trigger event, the trigger event comprising at least a timeout event, a holster event, a cradle event, a screen lock event, a screen unlock event, an application event, a time zone alteration event, or a communication event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cloud Software Group Switzerland GmbH
Original Assignee
Citrix Systems International GmbH (Cloud Software Group)
Inventors
Little, Herbert Anthony, Adams, Neil Patrick, Janhunen, Stefan E., Dahms, John Fredric Arthur
Primary Examiner(s)
Gergiso, Techane

Application Number

US15/078,435
Publication Number

US 20160203076A1
Time in Patent Office

314 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 12/0253   Garbage collection, i.e. re...

G06F 12/0261   using reference counting

G06F 12/1408   by using cryptography for d...

G06F 16/951   Indexing; Web crawling tech...

G06F 21/62   Protecting access to data v...

G06F 2212/1044   Space efficiency improvement

G06F 2212/1052   Security improvement

G06F 2212/171   Portable consumer electroni...

G06F 2212/402   Encrypted data

G06F 2212/702   Conservative garbage collec...

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 63/0435   wherein the sending and rec...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/00   Cryptographic mechanisms or...

Secure garbage collection on a mobile device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

57 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure garbage collection on a mobile device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links