Electronic device for selecting key to be used for encryption on basis of amount of information of data to be encrypted, and operation method of electronic device
US-12126718-B2 · Oct 22, 2024 · US
Systems and methods of using a temporary private key between two devices
US9256722B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9256722-B2 |
| Application number | US-201213554928-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 20, 2012 |
| Priority date | Jul 20, 2012 |
| Publication date | Feb 9, 2016 |
| Grant date | Feb 9, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method executes at a personal user device associated with a user. The method receives a request from a shared user device, the request seeking access to personal information associated with the user. The personal information is stored at a resource server. The method receives access authentication information from the user. The method then sends the access authentication information to an authentication server, and receives an access token. The access token grants access privileges to the personal information. The method sends the access token to the shared user device, thereby permitting an application executing on the shared user device to use the access token for retrieving at least a portion of the personal information. The method detects a physical movement of the personal user device, then sends a message to the authentication server to revoke access privileges associated with the access token.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: at a personal user device with one or more processors and memory storing programs for execution by the one or more processors: receiving a request initiated by a user of the personal user device, wherein the user initiates the request from a shared user device distinct from the personal user device, the personal user device is a mobile device configured for use by one person and associated with the user, the shared user device is usable by two or more people and has a larger display than the personal user device, and the request seeks access to personal information that is associated with the user and stored at a resource server; receiving access authentication information from the user; in response to receiving the access authentication information from the user: sending the access authentication information to an authentication server; receiving an access token from the authentication server, the access token granting access privileges to the personal information associated with the user; sending the access token to the shared user device, thereby permitting an application executing on the shared user device to use the access token for retrieving at least a portion of the personal information; detecting, by the personal user device, a physical movement of the personal user device, the movement meeting predefined motion criteria; and in response to detecting the physical movement, sending, by the personal user device, a message to the authentication server to revoke the granted access privileges associated with the access token. 2. The method of claim 1 , wherein the predefined motion criteria include determining that a distance from a first location of the personal user device to a current location of the person user device exceeds a predefined distance, wherein the first location corresponds to when the access authentication information was received from the user. 3. The method of claim 1 , wherein the predefined motion criteria include having the personal user device move more than a predefined distance from the shared user device. 4. The method of claim 1 , wherein the application executing on the shared user device is not permitted access to the personal information prior to the personal user device sending the access token to the shared user device. 5. The method of claim 1 , wherein the application executing on the shared user device is not permitted access to any additional portion of the personal information after the personal user device sends the message to the authentication server to revoke access privileges associated with the access token. 6. The method of claim 1 , wherein the access privileges associated with the access token permit access to the personal information for a limited period of time, the method further comprising extending the limited period of time based on predefined extension criteria. 7. The method of claim 6 , wherein the predefined extension criteria include determining that the personal user device is within a renewal radius of the shared user device. 8. The method of claim 6 , wherein the predefined extension criteria include determining that the personal user device has not moved more than a predefined renewal distance. 9. A personal user device, comprising: one or more processors; memory; and one or more programs stored in the memory for execution by the one or more processors, the one or more programs comprising executable instructions for: receiving a request initiated by a user of the personal user device, wherein the user initiates the request from a shared user device distinct from the personal user device, the personal user device is a mobile device configured for use by one person and associated with the user, the shared user device is usable by two or more people and has a larger display than the personal user device, and the request seeks access to personal information that is associated with the user and stored at a resource server; receiving access authentication information from the user; in response to receiving the access authentication information from the user: sending the access authentication information to an authentication server; receiving an access token from the authentication server, the access token granting access privileges to the personal information associated with the user; sending the access token to the shared user device, thereby permitting an application executing on the shared user device to use the access token for retrieving at least a portion of the personal information; detecting, by the personal user device, a physical movement of the personal user device, the movement meeting predefined motion criteria; and in response to detecting the physical movement, sending, by the personal user device, a message to the authentication server to revoke the granted access privileges associated with the access token. 10. The personal user device of claim 9 , wherein the predefined motion criteria include determining that a distance from a first location of the personal user device to a current location of the person user device exceeds a predefined distance, wherein the first location corresponds to when the access authentication information was received from the user. 11. The personal user device of claim 9 , wherein the predefined motion criteria include having the personal user device move more than a predefined distance from the shared user device. 12. The personal user device of claim 9 , wherein the application executing on the shared user device is not permitted access to the personal information prior to the personal user device sending the access token to the shared user device. 13. The personal user device of claim 9 , wherein the application executing on the shared user device is not permitted access to any additional portion of the personal information after the personal user device sends the message to the authentication server to revoke access privileges associated with the access token. 14. The personal user device of claim 9 , wherein the access privileges associated with the access token permit access to the personal information for a limited period of time, and wherein the one or more programs further comprise instructions for extending the limited period of time based on predefined extension criteria. 15. The personal user device of claim 14 , wherein the predefined extension criteria include determining that the personal user device is within a renewal radius of the shared user device. 16. The personal user device of claim 14 , wherein the predefined extension criteria include determining that the personal user device has not moved more than a predefined renewal distance. 17. A non-transitory computer readable storage medium storing one or more programs configured for execution by a personal user device having one or more processors and memory storing one or more programs for execution by the one or more processors, the one or more programs comprising executable instructions for: receiving a request initiated by a user of the personal user device, wherein the user initiates the request from a shared user device distinct from the personal user device, the personal user device is a mobile device configured for use by one person and associated with the user, the shared user device is usable by two or more people and has a larger display than the personal user device, and the request seeks access to personal information that is associated with the user and stored at a resource server; receiving access authentication information from
Assignees
Inventors
Classifications
when the policy decisions are valid for a limited amount of time · CPC title
- G06F21/33Primary
using certificates · CPC title
wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals · CPC title
Entity profiles · CPC title
- H04L63/0853Primary
using an additional device, e.g. smartcard, SIM or a different communication terminal (cryptographic mechanisms or cryptographic arrangements for entity authentication involving additional secure or trusted devices H04L9/3234) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9256722B2 cover?
- A method executes at a personal user device associated with a user. The method receives a request from a shared user device, the request seeking access to personal information associated with the user. The personal information is stored at a resource server. The method receives access authentication information from the user. The method then sends the access authentication information to an aut…
- Who is the assignee on this patent?
- Saxman Paul, Vogel J Leslie, Google Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/33. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 09 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).