Roaming content wipe actions across devices
First Claim
1. A method implemented in a first computing device, the method comprising:
- receiving, from a second computing device, content protected based on a key, the content having been encrypted, and the key being associated with a third computing device that is being managed by a management policy; and
determining whether the first computing device is being managed by the management policy, wherein;
in response to determining that the first computing device is being managed by the management policy the method further includes associating, by the first computing device, the key with the first computing device; and
in response to determining that the first computing device is not being managed by the management policy the method further includes;
maintaining, at the first computing device, the association of the key with the third computing device rather than associating the key with the first computing device; and
using the key associated with the third computing device to retrieve plaintext content from the protected content.
1 Assignment
0 Petitions
Accused Products
Abstract
Content on a device is encrypted and protected based on a data protection key. The protected content can then be copied to cloud storage, and from the cloud storage the protected content can be transferred to various other ones of the user'"'"'s devices. A key used to retrieve plaintext content from the protected content is associated with an identifier of a particular device that provides the key, the device providing the key being the device that generated the key, or another managed device to which the protected content was transferred. A wipe command can similarly be transferred to the various ones of the user'"'"'s devices, causing any keys associated with a particular device to be deleted from each of the various ones of the user'"'"'s devices.
227 Citations
20 Claims
-
1. A method implemented in a first computing device, the method comprising:
-
receiving, from a second computing device, content protected based on a key, the content having been encrypted, and the key being associated with a third computing device that is being managed by a management policy; and determining whether the first computing device is being managed by the management policy, wherein; in response to determining that the first computing device is being managed by the management policy the method further includes associating, by the first computing device, the key with the first computing device; and in response to determining that the first computing device is not being managed by the management policy the method further includes; maintaining, at the first computing device, the association of the key with the third computing device rather than associating the key with the first computing device; and using the key associated with the third computing device to retrieve plaintext content from the protected content. - View Dependent Claims (2, 3, 4, 5, 6, 7, 19)
-
-
8. A first computing device comprising:
-
a content synchronization program configured to receive, from a second computing device, content protected based on a key, the content having been encrypted, and the key being associated with a third computing device that is being managed by a management policy; and a key management module configured to determine whether the first computing device is being managed by the management policy, wherein; in response to determining that the first computing device is being managed by the management policy the key management module is further configured to associate the key with the first computing device; in response to determining that the first computing device is not being managed by the management policy the key management module is further configured to maintain the association of the key with the third computing device rather than associate the key with the first computing device; in response to receiving a wipe command indicating a command to delete the key associated with the third computing device, determine whether the key is associated on the first computing device with multiple computing devices, wherein; in response to determining that the key is associated with only the third computing device, delete the key at the first computing device; in response to determining that the key is associated with multiple computing devices, delete an identifier of the third computing device from the key at the first computing device while maintaining an association of the key with at least one other of the multiple computing devices. - View Dependent Claims (9, 10, 11, 12, 20)
-
-
13. A method implemented in a first computing device, the method comprising:
-
obtaining content at the first computing device, the first computing device being managed by a management policy; protecting the content so that the content is configured to be retrieved based on a key, the protecting including encrypting the content; associating, by the first computing device, the key with an identifier of the first computing device; roaming the encrypted content and the key to a second computing device, the second computing device being an unmanaged device that is not managed by the management policy; associating, by the first computing device, the key with an identifier of a third computing device from which the content is obtained; in response to receiving a management-initiated wipe command indicating a command to delete the key associated with the third computing device; determining whether the key is associated on the first computing device with multiple computing devices; in response to determining that the key is associated with multiple computing devices, deleting an identifier of the third computing device from the key at the first computing device while maintaining an association of the key with at least one other of the multiple computing devices; and subsequently communicating, to the second computing device and in response to receiving the management-initiated wipe command, a wipe command indicating to the second computing device to delete the key. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification