Token-based secure data management
US-9419841-B1 · Aug 16, 2016 · US
Method and system for destroying sensitive enterprise data on portable devices
US2016267284A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016267284-A1 |
| Application number | US-201514645393-A |
| Country | US |
| Kind code | A1 |
| Filing date | Mar 11, 2015 |
| Priority date | Mar 11, 2015 |
| Publication date | Sep 15, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for destroying sensitive enterprise data on portable devices are provided. Such systems and methods may include providing a portable device that includes a security agent for deleting sensitive enterprise data. The security agent on the portable device can be required to regularly be authenticated by a user through an authentication server. The authentication server provides a pre-determined timeframe for which the user would need to re-authenticate. Failure by the user to re-authenticate within the pre-determined timeframe can result in the security agent proceeding with deleting the sensitive enterprise data on the portable device.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for destroying sensitive enterprise data on a portable device, the method comprising: downloading the sensitive enterprise data from an authentication server, the downloaded sensitive enterprise data being associated with a pre-determined authentication timeframe; storing the downloaded sensitive enterprise data into memory; initially authenticating a security agent in the portable device with the authentication server associated with the downloaded sensitive enterprise data, wherein the initial authentication initiates the pre-determined authentication timeframe dictating a next re-authentication to be performed; and triggering destruction of the downloaded sensitive enterprise data when the pre-determined timeframe expires without re-authentication of the security agent with the authentication server. 2 . The method of claim 1 , wherein the pre-determined timeframe is expires corresponds to: measuring an elapsed time from a prior authentication to a current time; and determining that the elapsed time exceeds the predetermined authentication time-frame associated with the downloaded sensitive enterprise data, the predetermined authentication time-frame dictating when a next re-authentication is to be performed. 3 . The method of claim 1 , wherein triggering destruction of the downloaded sensitive enterprise data comprises deleting the downloaded sensitive enterprise data from memory of the portable device. 4 . The method of claim 1 , further comprising encrypting the downloaded sensitive enterprise data prior to triggering destruction. 5 . The method of claim 1 , wherein the pre-determined timeframe is based on at least one factor selected from the group consisting sensitivity level of the downloaded sensitive enterprise data, identity of a user of the portable device, reason for download, ability of the user to re-authenticate, and duration that the downloaded sensitive enterprise data may be used. 6 . The method of claim 1 , further comprising initiating safety protocols when the portable device is detected as having been tampered with, wherein the safety protocols comprise at least one of disabling user access to the portable device, disabling user access to the downloaded sensitive enterprise data, and deleting at least part of the downloaded sensitive enterprise data from the portable device. 7 . The method of claim 1 , further comprising providing a notification regarding a current pre-determined timeframe to a user of the portable device via a display. 8 . A method for securing sensitive enterprise data on a portable device, the method comprising: downloading the sensitive enterprise data from an authentication server, the downloaded sensitive enterprise data being associated with a pre-determined authentication timeframe; storing the downloaded sensitive enterprise data into memory; initially authenticating a security agent in the portable device with the authentication server associated with the downloaded sensitive enterprise data, wherein the initial authentication initiates the pre-determined authentication timeframe dictating a next re-authentication to be performed; and re-authenticating with the authentication server within the pre-determined authentication timeframe; and renewing the pre-determined authentication timeframe dictating a next re-authentication to be performed. 9 . The method of claim 8 , wherein the re-authenticating is performed by a user by: providing re-authentication information into the user portable device, and forwarding the re-authentication information to the authentication server through use of the security agent. 10 . A system for destroying sensitive enterprise data on a portable device, the system comprising: an authentication server; and a portable device, the portable device including a processor and memory, wherein the processor executes instructions stored in memory to: download sensitive enterprise data from the authentication server, the downloaded sensitive enterprise data being associated with a pre-determined authentication timeframe; store the downloaded sensitive enterprise data in memory; initially authenticate a security agent in the portable device with the authentication server associated with the downloaded sensitive enterprise data, wherein the initial authentication initiates the pre-determined authentication timeframe dictating a next re-authentication to be performed, and trigger destruction of the downloaded sensitive enterprise data when the pre-determined timeframe expires without re-authentication by the security agent with the authentication server. 11 . The system of claim 10 , wherein the pre-determined timeframe is expires corresponds to: measuring an elapsed time from a prior authentication to a current time; and determining that the elapsed time exceeds the predetermined authentication time-frame associated with the downloaded sensitive enterprise data, the predetermined authentication time-frame dictating when a next re-authentication is to be performed. 12 . The system of claim 10 , wherein triggering destruction of the downloaded sensitive enterprise data comprises deleting the downloaded sensitive enterprise data from memory of the portable device. 13 . The system of claim 10 , wherein the processor encrypts the downloaded sensitive enterprise data prior to triggering destruction. 14 . The system of claim 10 , wherein the pre-determined timeframe is based on at least one factor selected from the group consisting sensitivity level of the downloaded sensitive enterprise data, identity of a user of the portable device, reason for download, ability of the user to re-authenticate, and duration that the downloaded sensitive enterprise data may be used. 15 . The system of claim 10 , wherein the processor initiates safety protocols when the portable device is detected as having been tampered with, wherein the safety protocols comprise at least one of disabling user access to the portable device, disabling user access to the downloaded sensitive enterprise data, and deleting at least part of the downloaded sensitive enterprise data from the portable device. 16 . The system of claim 10 , wherein the process provides a notification regarding a current pre-determined timeframe to a user of the portable device via a display. 17 . A system for securing sensitive enterprise data on a portable device, the system comprising: an authentication server; and a portable device, the portable device including a processor and memory, wherein the processor executes instructions stored in memory to: download sensitive enterprise data from the authentication server, the downloaded sensitive enterprise data being associated with a pre-determined authentication timeframe; store the downloaded sensitive enterprise data into memory; initially authenticate a security agent in the portable device with the authentication server associated with the downloaded sensitive enterprise data, wherein the initial authentication initiates the pre-determined authentication timeframe dictating a next re-authentication to be performed; and re-authenticate with the authentication server within the pre-determined authentication timeframe; and renew the pre-determined authentication timeframe dictating a next re-authentication to be performed. 18 . The system of claim 17 , wherein the re-authenticating is performed by a user by: providing re-authentication information into the user portable device, and forwarding the re-authen
Assignees
Inventors
Classifications
Recurrent verification · CPC title
Clearing memory, e.g. to prevent the data from being stolen · CPC title
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
- G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Secure or tamper-resistant housings · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016267284A1 cover?
- Systems and methods for destroying sensitive enterprise data on portable devices are provided. Such systems and methods may include providing a portable device that includes a security agent for deleting sensitive enterprise data. The security agent on the portable device can be required to regularly be authenticated by a user through an authentication server. The authentication server provides…
- Who is the assignee on this patent?
- Dell Software Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6218. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Sep 15 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).