What technology area does this patent fall under?

Primary CPC classification H04L63/0823. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Feb 21 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).

System and method for securing a content creation device connected to a cloud service

US11588809B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11588809-B2
Application number	US-202017016689-A
Country	US
Kind code	B2
Filing date	Sep 10, 2020
Priority date	Sep 10, 2020
Publication date	Feb 21, 2023
Grant date	Feb 21, 2023

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

A certified application is installed onto a content creation device and a mobile certified application is installed onto a mobile device, the applications establish first and second trust relationships with the cloud service. The certified application and mobile certified application establish the third trust relationship via a proximity network. The mobile certified application generates a first ephemeral key pair having a private part. The certified application generates a second ephemeral key pair having a private part. The mobile certified application requests a service from the content creation device involving the transfer of data between the content creation device and the cloud service. The data is protected by at least one of the first and second ephemeral key pairs in response to invocation of the service. The service results in the data being stored at the cloud service and/or rendered at the content creation device.

First claim

Opening claim text (preview).

The invention claimed is: 1. A method comprising: installing a certified application onto a content creation device from a cloud service, the certified application establishing a first trust relationship with the cloud service, wherein the content creation device comprises a multifunction printer; installing a mobile certified application onto a mobile device from the cloud service, the mobile certified application establishing a second trust relationship with the cloud service; coupling the mobile device to the content creation device via a proximity network to establish a third trust relationship via the certified application and mobile certified application, particulars of the third trust relationship being managed by the cloud service wherein the certified application and the mobile certified application can rely on the third trust relationship as being valid for at least a single transaction; generating, via the mobile certified application, a first ephemeral key pair having a private part that is private to the mobile device; generating, via the certified application, a second ephemeral key pair having a private part that is private to the content creation device; and requesting, via the mobile certified application, a service from the content creation device, the service involving transfer of data of a document between the content creation device and the cloud service or transfer of the data of the document between the mobile device and the content creation device, the data being protected by at least one of the first and second ephemeral key pairs in response to invocation of the service, wherein protecting the document involves performing one of: sending a public part of the first ephemeral key pair to the content creation device; or sending a public part of the second ephemeral key pair to the mobile device. 2. The method of claim 1 , wherein the service comprises scanning of the document by the content creation device and the data comprises a digital file of the scanned document, the protecting of the digital file comprising encrypting the digital file using the public part of the first ephemeral key pair before storing the encrypted digital file at the cloud service via the first trust relationship. 3. The method of claim 2 , wherein the public part of the first ephemeral key pair is sent from the mobile certified application to the certified application of the content creation device. 4. The method of claim 2 , wherein the public part of the first ephemeral key pair is sent from the cloud service to the certified application of the content creation device at the request of the mobile certified application. 5. The method of claim 1 , wherein the data comprises an encrypted file stored on the cloud service that is encrypted with the first ephemeral key pair, the service comprising: transferring the encrypted file from the cloud service to the mobile device; decrypting the encrypted file at the mobile device using the first ephemeral key pair to obtain a digital copy of the document; encrypting the digital copy of the document using the public part of the second ephemeral key pair received from the content creation device to create a second encrypted file; decrypting the second encrypted file at the content creation device; and printing the decrypted digital copy of the document at the content creation device. 6. The method of claim 5 , wherein the public part of the second ephemeral key pair is sent from the certified application on the content creation device to the mobile certified application. 7. The method of claim 5 , wherein the encrypted file is transferred from the cloud service to the mobile device via the content creation device. 8. The method of claim 1 , wherein the proximity network comprises a Bluetooth connection. 9. A system comprising: a cloud service configured to provide a data storage service and first and second certified applications, the cloud service operable to establish a peer trust relationship between the first and second certified applications; a content creation device onto which the first certified application is installed, the content creation device comprising a multifunction printer that is network-coupled to the cloud service via a first trust relationship; a mobile device onto which the second certified application is installed, the mobile device being network-coupled to the cloud service via second trust relationship and locally network coupled to the content creation device using the peer trust relationship, particulars of the peer trust relationship being managed by the cloud service wherein the first certified application and the second certified application can rely on the peer trust relationship as being valid for at least a single transaction, the mobile device configured via the second certified application to: generate a first ephemeral key pair comprising a private part that is private to the mobile device; and request a service from the content creation device using the peer trust relationship, the service involving transfer of data of a document between the content creation device and the cloud service or transfer of the data between the mobile device and the content creation device, the data being protected by at least one of the first ephemeral key pair and a second ephemeral key pair of the content creation device in response to invocation of the service, the second ephemeral key pair having a private part that is private to the content creation device, wherein protecting the document involves performing one of: sending a public part of the first ephemeral key pair to the content creation device; or sending a public part of the second ephemeral key pair to the mobile device. 10. The system of claim 9 , wherein the service comprises scanning of the document by the content creation device and the data comprises a digital file of the scanned document, the protecting of the digital file comprising encrypting the digital file using the public part of the first ephemeral key pair before storing the encrypted digital file at the cloud service via the first trust relationship. 11. The system of claim 10 , wherein the public part of the first ephemeral key pair is sent from the mobile certified application to the certified application of the content creation device. 12. The system of claim 10 , wherein the public part of the first ephemeral key pair is sent from the cloud service to the certified application of the content creation device at the request of the mobile certified application. 13. The system of claim 9 , wherein the data comprises an encrypted file stored on the cloud service that is encrypted with the first ephemeral key pair, the service comprising: transferring the encrypted file from the cloud service to the mobile device; decrypting the encrypted file at the mobile device using the first ephemeral key pair to obtain a digital copy of a document; encrypting the digital copy of the document using the public part of the second ephemeral key pair received from the content creation device to create a second encrypted file; decrypting the second encrypted file at the content creation device; and printing the decrypted digital copy of the document at the content creation device. 14. The system of claim 13 , wherein the public part of the second ephemeral key pair is sent from the certified application on the content creation device to the mobile certified application. 15. The system of claim 13 , wherein the encrypted file is transferred from the cloud service to the mobile device via the content creation device. 16. T

Assignees

Palo Alto Res Ct Inc

Inventors

Classifications

H04L63/20
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
G06F3/1222
Increasing security of the print job · CPC title
H04L63/0442
wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for public-key encryption H04L9/30) · CPC title
H04L63/061
for key exchange, e.g. in peer-to-peer networks (cryptographic mechanisms or cryptographic arrangements for key agreement H04L9/0838) · CPC title
H04L63/0823Primary
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title

Patent family

Related publications grouped by family.

View patent family 80470197

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11588809B2 cover?: A certified application is installed onto a content creation device and a mobile certified application is installed onto a mobile device, the applications establish first and second trust relationships with the cloud service. The certified application and mobile certified application establish the third trust relationship via a proximity network. The mobile certified application generates a fir…
Who is the assignee on this patent?: Palo Alto Res Ct Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/0823. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Feb 21 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 10 related publications on this page (citations in our corpus or others sharing the same primary CPC).