Data protection for keychain syncing
First Claim
1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for:
- receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the protection domain defining a set of conditions in order for the received keychain data to become accessible to the device, the set of conditions comprising the device being in a locked state after having been in an unlocked state at least once since a last time the device has been booted;
allowing, when the device is in the locked state after having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data to process the received keychain data and to synchronize the keychain stored on the device with the keychains stored in the set of other devices; and
preventing, when the device is in the locked state without having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data.
0 Assignments
0 Petitions
Accused Products
Abstract
Some embodiments provide a program that provides data protection for a device when synchronizing a set of keychains stored on the device with a set of other devices. The program receives keychain data for synchronizing the set of keychains stored on the device with the set of other devices. The keychain data is specified as belonging to a protection domain. The program determines whether a set of conditions defined for the protection domain is satisfied. When the set of conditions is determined as satisfied, the program allows access to the keychain data in order to process the keychain data and synchronize the set of keychains stored on the device with the set of other devices.
93 Citations
20 Claims
-
1. A non-transitory machine-readable medium storing a program which when executed by at least one processing unit of a device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the protection domain defining a set of conditions in order for the received keychain data to become accessible to the device, the set of conditions comprising the device being in a locked state after having been in an unlocked state at least once since a last time the device has been booted; allowing, when the device is in the locked state after having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data to process the received keychain data and to synchronize the keychain stored on the device with the keychains stored in the set of other devices; and preventing, when the device is in the locked state without having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of providing data protection for a device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the method comprising:
-
receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the protection domain defining a set of conditions in order for the received keychain data to become accessible to the device, the set of conditions comprising the device being in a locked state after having been in an unlocked state at least once since a last time the device has been booted; allowing, when the device is in the locked state after having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data to process the received keychain data and to synchronize the keychain stored on the device with the keychains stored in the set of other devices; and preventing, when the device is in the locked state without having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A device comprising:
-
a set of processors; and a non-transitory machine-readable medium storing a program which when executed by at least one of the set of processors of the device provides data protection for the device when synchronizing a keychain stored on the device with keychains stored in a set of other devices, the program comprising sets of instructions for; receiving keychain data for synchronizing the keychain stored on the device with the keychains stored in the set of other devices, the keychain data specified as belonging to a protection domain, the protection domain defining a set of conditions in order for the received keychain data to become accessible to the device, the set of conditions comprising the device being in a locked state after having been in an unlocked state at least once since a last time the device has been booted; allowing, when the device is in the locked state after having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data to process the received keychain data and to synchronize the keychain stored on the device with the keychains stored in the set of other devices; and preventing, when the device is in the locked state without having been in the unlocked state at least once since the last time the device has been booted, access to the received keychain data. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification