Monitoring installed applications on user devices
US-9992025-B2 · Jun 5, 2018 · US
Data security compliance for mobile device applications
US12299164B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12299164-B2 |
| Application number | US-201916439735-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 13, 2019 |
| Priority date | Jun 13, 2019 |
| Publication date | May 13, 2025 |
| Grant date | May 13, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments of the present invention provides methods, computer program products, and a system for maintain application compliance. Embodiments of the present invention identify locations of potentially sensitive data. Embodiments of the present invention identify a set of individuals associated with the potentially sensitive data and determine whether an application can be installed based on content of potentially sensitive data and on elections of respective individuals associated with the potentially sensitive data.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method comprising: identifying locations of potentially sensitive data stored on a user device; identifying a set of individuals associated with the potentially sensitive data; installing an application on the user device; preventing the application from accessing the potentially sensitive data on the user device based on the identified locations of potentially sensitive data, association of the potentially sensitive data with respective individuals, ability of the application to access potentially sensitive data, and a current geographic location of the user device; in response to identifying that the current geographic location of the user device is outside boundaries of a secure geographic location, scanning the user device for potentially sensitive data; in response to confirming that the potentially sensitive data is sensitive data and is not within the boundaries of the secure geographic location, removing the potentially sensitive data currently stored on the user device; scanning a second user device for potentially sensitive data pertaining to a first user; in response to identifying that sensitive data pertaining to the first user is stored on the second user device, transmitting a request to the first user to allow the first user's sensitive data to persist on the second user device; and in response where the first user does not allow the first user's sensitive data to persist on the second user device, deleting the first user's sensitive data from the second user device. 2. The computer-implemented method of claim 1 , further comprising: receiving data; determining whether the received data is sensitive; and in response to determining that the received data is sensitive, processing the received data based on elections of a user. 3. The computer-implemented method of claim 1 , further comprising: in response to receiving a request to add information of a second user to the user device of a first user, identifying that the information requested is sensitive data; generating a notification to the second user associated with the information and transmitting a request to the second user to allow the information to be added to the user device; and preventing addition of the information to the user device based on the second user's response to the request. 4. The-computer-implemented method of claim 1 , further comprising: creating an application approval list for applications accessing the locations of potentially sensitive data specific to a user of the user device; and in response to determining that the application requesting access to potentially sensitive data specific to the user of the user device is not on the application approval list, removing the installed application or removing the sensitive data from the user device. 5. A computer program product comprising: one or more computer readable storage media and program instructions stored on the one or more computer readable storage media, the program instructions comprising: program instructions to identify locations of potentially sensitive data stored on a user device; program instructions to identify a set of individuals associated with the potentially sensitive data; program instructions to install an application on the user device; program instructions to prevent the application from accessing the potentially sensitive data on the user device based on the identified locations of potentially sensitive data, association of the potentially sensitive data with respective individuals, ability of the application to access potentially sensitive data, and a current geographic location of the user device; in response to identifying that the current geographic location of the user device is outside boundaries of a secure geographic location, program instructions to scan the user device for potentially sensitive data; in response to confirming that the potentially sensitive data is sensitive data and is not within the boundaries of the secure geographic location, program instructions to remove the potentially sensitive data currently stored on the user device; in response to identifying that the current geographic location of the user device is outside boundaries of a secure geographic location, scanning the user device for potentially sensitive data; in response to confirming that the potentially sensitive data is sensitive data and is not within the boundaries of the secure geographic location, removing the potentially sensitive data currently stored on the user device; program instructions to scan a second user device for potentially sensitive data pertaining to a first user; in response to identifying that sensitive data pertaining to the first user is stored on the second user device, program instructions to transmit a request to the first user to allow the first user's sensitive data to persist on the second user device; and in response where the first user does not allow the first user's sensitive data to persist on the second user device, program instructions to delete the first user's sensitive data from the second user device. 6. The computer program product of claim 5 , wherein the program instructions stored on the one or more computer readable storage media further comprise: program instructions to receive data; program instructions to determine whether the received data is sensitive; and program instructions to, in response to determining that the received data is sensitive, process the received data based on elections of a user. 7. A computer system comprising: one or more computer processors; one or more computer readable storage media; and program instructions stored on the one or more computer readable storage media for execution by at least one of the one or more processors, the program instructions comprising: program instructions to identify locations of potentially sensitive data stored on a user device; program instructions to identify a set of individuals associated with the potentially sensitive data; program instructions to install an application on the user device; program instructions to prevent an installed application on a user device from accessing potentially sensitive data on the user device based on the identified locations of the potentially sensitive data, association of the potentially sensitive data with respective individuals, ability of the application to access potentially sensitive data, and geographic location of the user device; in response to identifying that the current geographic location of the user device is outside boundaries of a secure geographic location, scanning the user device for potentially sensitive data; in response to confirming that the potentially sensitive data is sensitive data and is not within the boundaries of the secure geographic location, removing the potentially sensitive data currently stored on the user device; scanning a second user device for potentially sensitive data pertaining to a first user; in response to identifying that sensitive data pertaining to the first user is stored on the second user device, transmitting a request to the first user to allow the first user's sensitive data to persist on the second user device; and in response where the first user does not allow the first user's sensitive data to persist on the second user device, deleting the first user's sensitive data from the second user device.
Assignees
Inventors
Classifications
implemented using Network-attached Storage [NAS] architecture (distributed or networked storage systems G06F3/067; protocols for distributed storage of data in a network H04L67/1097) · CPC title
Clustering; Classification · CPC title
Access rights, e.g. capability lists, access control lists, access tables, access matrices · CPC title
- G06F21/6245Primary
Protecting personal data, e.g. for financial or medical purposes · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12299164B2 cover?
- Embodiments of the present invention provides methods, computer program products, and a system for maintain application compliance. Embodiments of the present invention identify locations of potentially sensitive data. Embodiments of the present invention identify a set of individuals associated with the potentially sensitive data and determine whether an application can be installed based on c…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6245. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue May 13 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).