Apparatus and method for secure delivery of data from a communication device
US-2017118185-A1 · Apr 27, 2017 · US
Content item encryption on mobile devices
US2016306992A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016306992-A1 |
| Application number | US-201615195330-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jun 28, 2016 |
| Priority date | Feb 9, 2014 |
| Publication date | Oct 20, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Applications are stored on removable storage of a mobile device in an encrypted form to provide isolation and piracy protection. In one implementation, each application is encrypted using its own associated encryption key that is generated based on an identifier of the application and a master key that is associated with a trusted platform module of the mobile device. In another implementation, each application is encrypted using two associated encryption keys. One key is used to encrypt binary data associated with the application such as source code, and the other key is used to encrypt application data such as graphics and configuration files. The encryption keys are each generated using the identifier of the application, the master key, and identifiers of the folders where the corresponding data types are stored on the mobile device. The removable storage includes SD cards formatted using the FAT or exFAT file systems.
First claim
Opening claim text (preview).
What is claimed: 1 . A method comprising: receiving a request to write data to a region of removable storage of a mobile device, wherein the region of removable storage is associated with a content item; determining that the request to write the data is authorized by the mobile device; in response to determining that request to write the data is authorized, determining a key associated with the content item by the mobile device; encrypting the data using the key by the mobile device; and storing the encrypted data in the region of removable storage associated with the content item by the mobile device. 2 . The method of claim 1 , wherein the removable storage comprises a secure digital card. 3 . The method of claim 1 , wherein the content item is one or more of an application, a video content item, or an audio content item. 4 . The method of claim 1 , wherein determining a key associated with the content item comprises determining a master key associated with the mobile device and determining the key associated with the content item based on the master key and an identifier associated with the content item. 5 . The method of claim 4 , wherein the master key is signed by a trusted platform module associated with the mobile device and is stored in a region of non-removable storage associated with the mobile device. 6 . The method of claim 1 , wherein determining a key associated with the content item comprises retrieving the key from a cache associated with the content item using an identifier associated with the content item. 7 . The method of claim 1 , wherein the mobile device comprises at least one of a cell phone or a tablet computer. 8 . A system comprising: removable storage; and a file manager configured to: receive a request to write data to a region of the removable storage of a mobile device, wherein the region of removable storage is associated with a content item; determine that the request to write the data is authorized by the mobile device; in response to determining that request to write the data is authorized, determine a key associated with the content item by the mobile device; encrypt the data using the key by the mobile device; and store the encrypted data in the region of removable storage associated with the content item by the mobile device. 9 . The system of claim 8 , wherein the key is stored in a region of non-removable storage of the mobile device. 10 . The system of claim 8 , wherein the removable storage comprises a secure digital card. 11 . The system of claim 8 , wherein the content item is one or more of an application, a video content item, or an audio content item. 12 . The method of claim 8 , wherein determining a key associated with the content item comprises determining a master key associated with the mobile device and determining the key associated with the content item based on the master key and an identifier associated with the content item. 13 . The method of claim 12 , wherein the master key is signed by a trusted platform module associated with the mobile device and is stored in a region of non-removable storage associated with the mobile device. 14 . The method of claim 8 , wherein determining a key associated with the content item comprises retrieving the key from a cache associated with the content item using an identifier associated with the content item. 15 . The method of claim 8 , wherein the mobile device comprises at least one of a cell phone or a tablet computer. 16 . A system comprising: a trusted platform module adapted to generate a master key; a removable storage; a file manager adapted to: receive a request to install an application in the removable storage; and in response to the request, create a first folder and a second folder associated with the application in the removable storage; and a filter adapted to: generate a first key using the master key, an identifier of the application, and an identifier of the first folder; generate a second key using the master key, the identifier of the application, and an identifier of the second folder; encrypt a first portion of data associated with the application using the first key; encrypt a second portion of data associated with the application using the second key; store the encrypted first portion in the first folder; and store the encrypted second portion in the second folder. 17 . The system of claim 16 , wherein the system further comprises a non-removable storage, and wherein the file manager is further adapted to store the first key and the second key in the non-removable storage. 18 . The system of claim 16 , wherein the filter is further adapted to: retrieve the master key; generate the first key using the master key, the identifier of the application, and the identifier of the first folder; and decrypt the data from the first folder using the generated first key. 19 . The system of claim 16 , wherein the non-removable storage comprises a secure digital card. 20 . The system of claim 16 , further comprising a cache, and wherein the filter is further adapted to store the generated first and second keys in the cache.
Assignees
Inventors
Classifications
- G06F21/10Primary
Protecting distributed programs or content, e.g. vending or licensing of copyrighted material (protection in video systems or pay television H04N7/16) {; Digital rights management [DRM]} · CPC title
- G06F21/6218Primary
to a system of files or objects, e.g. local or distributed file system or database · CPC title
Physics · mapped topic
- G06F21/1011Primary
to devices · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016306992A1 cover?
- Applications are stored on removable storage of a mobile device in an encrypted form to provide isolation and piracy protection. In one implementation, each application is encrypted using its own associated encryption key that is generated based on an identifier of the application and a master key that is associated with a trusted platform module of the mobile device. In another implementation,…
- Who is the assignee on this patent?
- Microsoft Technology Licensing Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/10. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Oct 20 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).