Application authentication policy for a plurality of computing devices

US 9,590,967 B2
Filed: 09/30/2011
Issued: 03/07/2017
Est. Priority Date: 09/30/2011
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

launching an application authentication policy (AAP) application on a computing device, the computing device comprising at least one hardware processor and a storage to store one or more applications;

enabling the computing device for use as a personal device of a user if the user is authenticated by the AAP application, and otherwise enabling the computing device for use as a non-personal device that provides basic functionality, the computing device being a non-personal computer-(PC)-based computing device;

accessing a remote location comprising a data center having a server and a cloud-based storage using the computing device to obtain a user profile of the user stored in the cloud-based storage comprising a central point for coherency of the user profile, wherein the user profile is accessible via the cloud-based storage to multiple computing devices, at least one of the multiple computing devices being a non-PC-based computing device, wherein the computing device is to access an updated user profile stored in the cloud-based storage responsive to an indication of update availability received in the computing device from the remote location; and

accessing the remote location using the computing device responsive to a user request to identify a plurality of devices on which the user profile is stored, and interacting with the server of the data center to enable the server to remotely access at least one other device of the plurality of devices to cause the user profile stored on the at least one other device to be deleted, wherein the at least one other device from which the user profile is to be deleted comprises at least one other device remotely located from the computing device and the remote location.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system, and computer accessible medium are disclosed for launching an application authentication policy (AAP) application on a computing device, enabling the device for use as a personal device of a user if the user is authenticated by the AAP application, and otherwise enabling the device for use as a non-personal device that provides only basic functionality but protects other users'"'"' personal data and applications.

21 Citations

View as Search Results

14 Claims

1. A method comprising:
- launching an application authentication policy (AAP) application on a computing device, the computing device comprising at least one hardware processor and a storage to store one or more applications;
  
  enabling the computing device for use as a personal device of a user if the user is authenticated by the AAP application, and otherwise enabling the computing device for use as a non-personal device that provides basic functionality, the computing device being a non-personal computer-(PC)-based computing device;
  
  accessing a remote location comprising a data center having a server and a cloud-based storage using the computing device to obtain a user profile of the user stored in the cloud-based storage comprising a central point for coherency of the user profile, wherein the user profile is accessible via the cloud-based storage to multiple computing devices, at least one of the multiple computing devices being a non-PC-based computing device, wherein the computing device is to access an updated user profile stored in the cloud-based storage responsive to an indication of update availability received in the computing device from the remote location; and
  
  accessing the remote location using the computing device responsive to a user request to identify a plurality of devices on which the user profile is stored, and interacting with the server of the data center to enable the server to remotely access at least one other device of the plurality of devices to cause the user profile stored on the at least one other device to be deleted, wherein the at least one other device from which the user profile is to be deleted comprises at least one other device remotely located from the computing device and the remote location.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising determining whether the AAP application is configured for the user, and configuring the AAP application for the user if the user is not configured for the AAP application.
  - 3. The method of claim 1, wherein the personal device usage comprises using a social networking application including personal information of the user obtained from a user profile of the user, the personal information accessible after the user is authenticated for the social networking application.
  - 4. The method of claim 1, wherein the personal device usage comprises performing an electronic commerce transaction using private information of the user obtained from the user profile of the user, the private information accessible after the user is authenticated for the electronic commerce transaction.
  - 5. The method of claim 1, wherein the basic functionality comprises performing web browsing of publicly accessible websites.
  - 6. The method of claim 1, further comprising customizing a first application for execution on the computing device according to the user profile of the user, and customizing the first application for execution on the computing device according to a second user profile of a second user, when the second user has been authenticated by the AAP application.
  - 7. The method of claim 6, further comprising enabling the user to use personal data within the user profile during execution of the first application, and preventing the second user from accessing the personal data within the user profile of the user.

8. At least one non-transitory computer accessible medium including instructions that when executed cause a computing device to:
- authenticate a user on the computing device, via an application authentication profile (AAP) application including a configuration module, a user authentication module, and an application management module, using a security engine of the computing device having a stack including the user authentication module and the application management module of the AAP application;
  
  responsive to the authentication, enable the user to launch a first application subject to the AAP application and to customize the first application for the user based on a user profile of the user;
  
  allow a second user to access basic functionality of the computing device when the second user is not authenticated via the AAP application, wherein the second user is prevented from accessing the first application and the user profile of the user, wherein the user profile is obtained from a storage of a cloud-based location comprising at least one server and at least one cloud-based storage and is locally stored in a secure storage of the computing device; and
  
  access the cloud-based location responsive to a user request to identify at least one computing device on which the user profile is stored to determine whether the user profile is stored on any other computing devices, visualize, via the computing device, the user profile on one or more of the any other computing devices, and send a removal request to the cloud-based location to the at least one server to cause the user profile stored on at least one other computing device to be removed, wherein the at least one other computing device is remotely located from the computing device and is a publicly accessible device.
- View Dependent Claims (9, 10)
- - 9. The at least one non-transitory computer accessible medium of claim 8, further comprising instructions to enable, if the second user is authorized via the AAP application, the second user to launch the first application subject to the AAP application and to customize the first application for the second user based on a second user profile of the second user, and to prevent the second user from accessing personal data of the user for the first application.
  - 10. The at least one non-transitory computer accessible medium of claim 8, further comprising instructions that enable the computing device to update the user profile of the user and to send updated information regarding the user profile to the cloud-based location.

11. A system comprising:
- a hardware processor to execute instructions;
  
  a user interface coupled to the hardware processor, the user interface comprising a touch screen;
  
  a wireless transceiver to transmit and receive information wirelessly, the wireless transceiver comprising a first transceiver to communicate via a wide area wireless network and a second transceiver to communicate via a local area wireless network;
  
  a memory system including a volatile memory and a non-volatile storage medium including instructions that enable the system to allow a user to execute at least one application using personal data of a user profile of the user maintained in a first secure storage of the system responsive to authentication of the user by an application authentication profile (AAP) application, communicate the user profile to a cloud-based location of a data center for secure storage of the user profile at the cloud-based location in a second secure storage, wherein the second secure storage is to store a master version of a user profile for a plurality of users, the cloud-based location further including a third storage to store a master copy of the AAP application, wherein the instructions further enable the system to update the user profile via the AAP application and communicate the update to the user profile to the cloud-based location to maintain the user profile stored at the cloud-based location coherent with the user profile stored in the first secure storage of the system, and if the user is not authenticated by the AAP application, enable the system for basic functionality in which the user is not permitted to execute the at least one application and the user is not permitted to access any user profile, and access the cloud-based location responsive to a user request to identify at least one computing device on which the user profile is stored to determine whether the user profile is stored on any other computing devices, to cause the cloud-based location to remotely access at least one other computing device to cause the user profile stored on the at least one other computing device to be deleted, wherein the at least one other computing device from which the user profile is to be deleted comprises at least one other computing device remotely located from the system and the cloud-based location.
- View Dependent Claims (12, 13, 14)
- - 12. The system of claim 11, further comprising instructions to enable the user to delete the user profile from the first secure storage.
  - 13. The system of claim 11, further comprising instructions to enable the user to create the user profile via the AAP application and to store the user profile in the first secure storage.
  - 14. The system of claim 11, further comprising instructions to enable the system to access an updated user profile stored in the cloud-based location responsive to an indication of update availability received in the system from the cloud-based location.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Bodio, James R., Rich, Stephen E., Prakash, Gyan, Aissi, Selim
Primary Examiner(s)
Tolentino, Roderick

Application Number

US13/995,972
Publication Number

US 20130340034A1
Time in Patent Office

1,985 Days
Field of Search

726 26- 31
US Class Current

1/1
CPC Class Codes

G06F 21/305   by remotely controlling dev...

G06F 21/74   operating in dual or compar...

G06F 2221/2143   Clearing memory, e.g. to pr...

G06F 2221/2149   Restricted operating enviro...

G06F 9/44505   Configuring for program ini...

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

H04N 21/4532   involving end-user characte...

H04N 21/4627   Rights management associate...

H04N 21/4755   for defining user preferenc...

H04N 21/8166   involving executable data, ...

Application authentication policy for a plurality of computing devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

21 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Application authentication policy for a plurality of computing devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others