[go: up one dir, main page]

GB2462442A - A remote server centrally controls access to data stored in a data container in an encrypted form - Google Patents

A remote server centrally controls access to data stored in a data container in an encrypted form Download PDF

Info

Publication number
GB2462442A
GB2462442A GB0814371A GB0814371A GB2462442A GB 2462442 A GB2462442 A GB 2462442A GB 0814371 A GB0814371 A GB 0814371A GB 0814371 A GB0814371 A GB 0814371A GB 2462442 A GB2462442 A GB 2462442A
Authority
GB
United Kingdom
Prior art keywords
data
centrally
encryption system
data container
strong encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0814371A
Other versions
GB0814371D0 (en
Inventor
Richard Zybert
Eric Genevier
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZYBERT COMPUTING Ltd
Original Assignee
ZYBERT COMPUTING Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZYBERT COMPUTING Ltd filed Critical ZYBERT COMPUTING Ltd
Priority to GB0814371A priority Critical patent/GB2462442A/en
Publication of GB0814371D0 publication Critical patent/GB0814371D0/en
Publication of GB2462442A publication Critical patent/GB2462442A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

Disclosed is a method providing secure storage and transportation of secret, confidential or private data. The data is stored in encrypted form on a portable data container 5 such as a removable USB flash drive or an optical disk. Access to decryption keys is controlled by a central system regardless of the whereabouts of the data container, thus protecting secure information if the actual data containers are lost or stolen. The central system preferably comprises an authentication server 10 which sends decryption keys to a user's application 6 upon authentication of the user 1. The system avoids delays and bandwidth issues associated with 'Host-Based' systems as only keys and authentication information are transmitted via potentially slow links and large volumes of data are kept fully encrypted on the data container.

Description

Title: Centrally-Controlled Strong Encryption system
Background
This invention relates to secure storage and transportation of secret and confidential data.
Protection of confidential, secret and personal data is critical to the operation of computer-based systems. Advancements in networking infrastructure and changes in working practices make it essential to access the data either remotely or outside the controlled environment.
Standard encryption practices do not protect managers from losing control over files once the data leave the controlled environment. Stolen computers and media carrying sensitive information may be subjected to attempts to break the encryption systems over a prolonged period, increasing the chances of obtaining unauthorized access to data that may become harmful or outright dangerous as well as unlawful.
More secure, "Host-Based" systems are based on secure, encrypted data remaining on the server while the authorized user can access the data through a secure remote connection.
However, the increase in the necessary volume of the transmitted data makes these systems very inefficient, slow and increasingly cumbersome. Central data storage also has the disadvantage that once unauthorized access is achieved, all the data becomes accessible which means that these systems represent particularly alluring targets for attack.
The data security is frequently compromised by the use of encryption keys that are too short or easy to break. The rapid proliferation of inexpensive computing power employed to break encryption keys requires the use of long and complex keys, making the system inconvenient and tedious to use. This often is the cause of users breaking the prescribed rules, leading to loss of confidential, secret or commercially critical data.
There is a clear need for a system which would allow administrators to control access to data even when the data containers are misplaced, stolen or lost.
Statement of invention
To overcome this, the present invention proposes a Centrally-Controlled Strong Encryption system (referred to hereafter as the CCSE system).
In contrast to previous methods, the CCSE system addresses the situation where there is a need to access data in remote locations outside prescribed procedures, but access to data needs to be controlled. It also implies that once the authorization has been obtained, access to data should be possible via standard and commonly used applications.
The CCSE system provides flexibility of implementation on several levels. The modular design of secure access from remote and uncontrollable locations becomes possible and manageable.
1. Encrypted data containers are kept wherever they need to be accessed, independently of the storage mechanism. Typical examples are computer disks, optical disks, removable USB or Firewire storage etc. Forthcoming different types or mechanisms for storage can use the same principle of the CCSE system.
2. Keys are randomly generated and sufficiently long to make the breaking of the encryption code impracticable.
3. The keys, when enabled, can be accessed and used by the authorized users every time the container with the encrypted data is opened. However, the decrypted data are only opened temporarily and subsequent access requires new authentication for an access to obtain the key for the decryption. Therefore, if the data container is ost or stolen, the corresponding key can be disabled making it practically impossible to decrypt the information. The strength of the encryption is not pre-determined and can be adapted with changing technology.
4. As the encryption is at the container' level, the applications used to read/write data files do not need to be aware of encryption.
5. The contents -potentially large volumes of data to be read/written -are not transmitted and as such do not depend on the form of communication between the server and the user in contrast to the "Host-Based" system described above in the background section. Only the encryption keys reside on the centrally-controlled server but the server itself contains no data for decryption or information about the location of the data.
6. The CCSE system does not rely on any sing'e and particular type of computer technology involved in data security and as such can be used in unlimited applications using either freely available Open Source type solutions to individual tasks or proprietary hardware/software solutions. It allows the freedom to develop specific applications at the stage of the implementation of the CCSE system.
7. The CCSE can be utilized in corporate as well as personal environments, where different implementation rules need to be adopted but the choice does not require any changes to the concept of the CCSE.
Preferably, the implementation of the system should include the following: 1. Secure connection to the server, which holds the encryption keys 2. Enhanced security of the server itself 3. Audit system to allow connection monitoring 4. Enhanced authentication system, for instance including biometrics, one-time passwords or third party authentication Advantages 1. The CCSE system protects sensitive data from unauthorised access more securely than the prior art because the keys required for access are not stored outside of the central control 2. The system allows for transportation of very strongly encrypted data but the access to encryption keys is controlled by the central system regardless of the whereabouts of the managed data, thus protecting secure information if the actual data containers are lost or stolen 3. Storing keys on the central system allows the use of very strong, long and random cryptographic keys that would be impractical were they to be provided by a user. The use of very strong encryption makes it impracticable to break the code if access to the keys is denied 4. Ease and speed of use for authorized users means the users are less likely to contravene the prescribed security rules.
5. The system avoids delays and bandwidth issues associated with Host-Based' systems as only keys and authentication information are transmitted via potentially slow links and large volumes of data are kept fully encrypted on any type of medium.
6. The Centrally-Controlled Encryption System is flexible, modular and designed to absorb different implementations with changing needs and technology Examples and explanation of drawings Example of the invention will now be described by referring to the accompanying drawings: Figure 1 shows a typical example of the CCSE system The user 1 in Figure 1 is in possession of a strongly encrypted data container 5. The user 1 then connects via any kind of available Internet communication 7 to a central secure server 10 and the authentication process 8 starts. Authorization for an access can now be established. It is be possible to limit the access, for example access may be restricted to some part of the data or the type of actions allowed to be performed on the data could be restricted. The dedicated administration application 6 on the users computer obtains the necessary keys 9 from the server and temporarily decrypts 4 the data container 5 in the user's possession, giving access to the data 3 as predetermined by the administration. The type of access and restrictions of use as well as logging of access can be controlled by the administration tools. All keys kept on the server are additionally encrypted and the authentication process can require additional information, e.g. biometrics, passwords etc. No information regarding the data -including the address where the data are actually stored -is kept on the server that contains the encryption keys, rendering breaking into the central key storage useless by itself. The server may apply penalties on repeated failed authentication and/or time-lock" procedures" or other controls, which restrict access to the keys. In some applications the server may be able to additionally detect unusual usage patterns to provide more protection of stored keys.
Figure 2 shows an example of a managed system for corporate users. The data storage and user access are identical to those in Figure 1, however the appointed administrator 11 manages the keys, permissions and user access, and determines which, if any, of the keys may be shared or should be disabled or modified. The Administration is performed via an independent secure connection 12.
Figure 3 shows an example of a public service designed for individual usage. There is no administrator; new users create accounts by registering 13 through an Internet service 14 to a dedicated registration server 15.

Claims (14)

  1. Claims 1. Centrally-Controlled Strong Encryption system where locally kept data in a container are encrypted and where user's access to the data container is centrally controlled by a remote secure server.
  2. 2. Centrally-Controlled Strong Encryption system in Claim 1 in which the data container is a disk file.
  3. 3. Centrally-Controlled Strong Encryption system in Claim 1 in which the data container is a hardware or firmware device.
  4. 4. Centrally-Controlled Strong Encryption system in Claim 1 in which the data container is a computer program.
  5. 5. Centrally-Controlled Strong Encryption system in Claim 1 in which the data container is a combination of files and programs or hardware or firmware devices.
  6. 6. Centrally-Controlled Strong Encryption system in Claim 1 in which the data container is is a distributed storage system comprising multiple files and/or programs and/or hardware or firmware devices on a single or multiple computers.
  7. 7. Centrally-Controlled Strong Encryption system in Claim 1 in which the encryption is provided by a dedicated hardware device.
  8. 8. Centrally-Controlled Strong Encryption system in Claim 1 in which the remote server provides authentication services.
  9. 9. Centraily-Controlled Strong Encryption system in Claim 1 in which the remote server provides authorization services
  10. 10. Centraly-ControUed Strong Encryption system in Claim 1 in which the remote server provides encryption services.
  11. 11.Centrally-Controlled Strong Encryption system in Claim 1 in which access to the contents of the data container is limited depending on time, date, location or software used.
  12. 12.Centrally-Controlled Strong Encryption system in Claim 1 in which access to the contents of the data container is unrestricted once the access to the data container is granted.
  13. 13.Centrally-Controlled Strong Encryption system as in Claim 1 in which access to the remote server is through any secure access connection technology.
  14. 14. Centrally-Controlled Strong Encryption system as in Claim 1 in which the user is replaced by a computer program or a hardware or firmware device.
GB0814371A 2008-08-06 2008-08-06 A remote server centrally controls access to data stored in a data container in an encrypted form Withdrawn GB2462442A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0814371A GB2462442A (en) 2008-08-06 2008-08-06 A remote server centrally controls access to data stored in a data container in an encrypted form

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0814371A GB2462442A (en) 2008-08-06 2008-08-06 A remote server centrally controls access to data stored in a data container in an encrypted form

Publications (2)

Publication Number Publication Date
GB0814371D0 GB0814371D0 (en) 2008-09-10
GB2462442A true GB2462442A (en) 2010-02-10

Family

ID=39767595

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0814371A Withdrawn GB2462442A (en) 2008-08-06 2008-08-06 A remote server centrally controls access to data stored in a data container in an encrypted form

Country Status (1)

Country Link
GB (1) GB2462442A (en)

Cited By (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012035451A1 (en) * 2010-09-16 2012-03-22 International Business Machines Corporation Method, secure device, system and computer program product for securely managing files
WO2014062420A1 (en) * 2012-10-16 2014-04-24 Citrix Systems, Inc. Controlling mobile device access to secure data
US8719898B1 (en) 2012-10-15 2014-05-06 Citrix Systems, Inc. Configuring and providing profiles that manage execution of mobile applications
US8769063B2 (en) 2011-10-11 2014-07-01 Citrix Systems, Inc. Policy-based application management
US8799994B2 (en) 2011-10-11 2014-08-05 Citrix Systems, Inc. Policy-based application management
US8806570B2 (en) 2011-10-11 2014-08-12 Citrix Systems, Inc. Policy-based application management
US8813179B1 (en) 2013-03-29 2014-08-19 Citrix Systems, Inc. Providing mobile device management functionalities
US8850049B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing mobile device management functionalities for a managed browser
US8850010B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing a managed browser
US8849978B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing an enterprise application store
US8869235B2 (en) 2011-10-11 2014-10-21 Citrix Systems, Inc. Secure mobile browser for protecting enterprise data
US8910264B2 (en) 2013-03-29 2014-12-09 Citrix Systems, Inc. Providing mobile device management functionalities
US8910239B2 (en) 2012-10-15 2014-12-09 Citrix Systems, Inc. Providing virtualized private network tunnels
US8914845B2 (en) 2012-10-15 2014-12-16 Citrix Systems, Inc. Providing virtualized private network tunnels
US9053340B2 (en) 2012-10-12 2015-06-09 Citrix Systems, Inc. Enterprise application store for an orchestration framework for connected devices
US9152815B2 (en) 2010-10-29 2015-10-06 International Business Machines Corporation Method, secure device, system and computer program product for securely managing user access to a file system
US9215225B2 (en) 2013-03-29 2015-12-15 Citrix Systems, Inc. Mobile device locking with context
US9280377B2 (en) 2013-03-29 2016-03-08 Citrix Systems, Inc. Application with multiple operation modes
US9449353B2 (en) 2014-11-10 2016-09-20 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms
US9516022B2 (en) 2012-10-14 2016-12-06 Getgo, Inc. Automated meeting room
US9606774B2 (en) 2012-10-16 2017-03-28 Citrix Systems, Inc. Wrapping an application with field-programmable business logic
US9971585B2 (en) 2012-10-16 2018-05-15 Citrix Systems, Inc. Wrapping unmanaged applications on a mobile device
US9985850B2 (en) 2013-03-29 2018-05-29 Citrix Systems, Inc. Providing mobile device management functionalities
US10284627B2 (en) 2013-03-29 2019-05-07 Citrix Systems, Inc. Data management for an application with multiple operation modes
US10908896B2 (en) 2012-10-16 2021-02-02 Citrix Systems, Inc. Application wrapping for application management framework

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040167858A1 (en) * 1995-10-13 2004-08-26 Erickson John S. System and method for managing copyrighted electronic media
US20050120210A1 (en) * 2003-11-03 2005-06-02 Hassan Behbehani Method to minimize software piracy and enhance security in processes related with many industries
US20060106729A1 (en) * 2004-10-25 2006-05-18 Roberts Henry J Jr Method and apparatus for restricting use of a computer program
WO2006119641A2 (en) * 2005-05-13 2006-11-16 Cryptomill Content cryptographic firewall system
US7178169B1 (en) * 2000-09-01 2007-02-13 Zoran Corporation Method and apparatus for securing transfer of and access to digital content
GB2443708A (en) * 2006-11-13 2008-05-14 Sony Comp Entertainment Europe DRM system which limits the duration of access to media data stored on an entertainment device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040167858A1 (en) * 1995-10-13 2004-08-26 Erickson John S. System and method for managing copyrighted electronic media
US7178169B1 (en) * 2000-09-01 2007-02-13 Zoran Corporation Method and apparatus for securing transfer of and access to digital content
US20050120210A1 (en) * 2003-11-03 2005-06-02 Hassan Behbehani Method to minimize software piracy and enhance security in processes related with many industries
US20060106729A1 (en) * 2004-10-25 2006-05-18 Roberts Henry J Jr Method and apparatus for restricting use of a computer program
WO2006119641A2 (en) * 2005-05-13 2006-11-16 Cryptomill Content cryptographic firewall system
GB2443708A (en) * 2006-11-13 2008-05-14 Sony Comp Entertainment Europe DRM system which limits the duration of access to media data stored on an entertainment device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Ironkey Enterprise data sheet, 29 May 2008, downloaded from https://learn.ironkey.com/docs/datasheets/IronKey-Enterprise-data-sheet.pdf on 4 December 2008. *
SanDisk, "Central Management and Control (CMC) for Cruzer Enterprise USB Flash Drives", 7 April 2008. Downloaded from http://www.sandisk.com/Assets/File/OEM/EnterpriseSolutions/CMC_US_WEB.pdf on 4 December 2008. *

Cited By (86)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9811646B2 (en) 2010-09-16 2017-11-07 International Business Machines Corporation Method, secure device, system and computer program product for securely managing files
CN103080946A (en) * 2010-09-16 2013-05-01 国际商业机器公司 Method, secure device, system and computer program product for securely managing files
WO2012035451A1 (en) * 2010-09-16 2012-03-22 International Business Machines Corporation Method, secure device, system and computer program product for securely managing files
CN103080946B (en) * 2010-09-16 2016-10-12 国际商业机器公司 For managing the method for file, safety equipment, system and computer program safely
US9152815B2 (en) 2010-10-29 2015-10-06 International Business Machines Corporation Method, secure device, system and computer program product for securely managing user access to a file system
US9760729B2 (en) 2010-10-29 2017-09-12 International Business Machines Corporation Method, secure device, system and computer program product for securely managing user access to a file system
US8886925B2 (en) 2011-10-11 2014-11-11 Citrix Systems, Inc. Protecting enterprise data through policy-based encryption of message attachments
US8769063B2 (en) 2011-10-11 2014-07-01 Citrix Systems, Inc. Policy-based application management
US10063595B1 (en) 2011-10-11 2018-08-28 Citrix Systems, Inc. Secure execution of enterprise applications on mobile devices
US10044757B2 (en) 2011-10-11 2018-08-07 Citrix Systems, Inc. Secure execution of enterprise applications on mobile devices
US9143529B2 (en) 2011-10-11 2015-09-22 Citrix Systems, Inc. Modifying pre-existing mobile applications to implement enterprise security policies
US8806570B2 (en) 2011-10-11 2014-08-12 Citrix Systems, Inc. Policy-based application management
US8799994B2 (en) 2011-10-11 2014-08-05 Citrix Systems, Inc. Policy-based application management
US8869235B2 (en) 2011-10-11 2014-10-21 Citrix Systems, Inc. Secure mobile browser for protecting enterprise data
US8881229B2 (en) 2011-10-11 2014-11-04 Citrix Systems, Inc. Policy-based application management
US9529996B2 (en) 2011-10-11 2016-12-27 Citrix Systems, Inc. Controlling mobile device access to enterprise resources
US9143530B2 (en) 2011-10-11 2015-09-22 Citrix Systems, Inc. Secure container for protecting enterprise data on a mobile device
US9521147B2 (en) 2011-10-11 2016-12-13 Citrix Systems, Inc. Policy based application management
US9137262B2 (en) 2011-10-11 2015-09-15 Citrix Systems, Inc. Providing secure mobile device access to enterprise resources using application tunnels
US10402546B1 (en) 2011-10-11 2019-09-03 Citrix Systems, Inc. Secure execution of enterprise applications on mobile devices
US11134104B2 (en) 2011-10-11 2021-09-28 Citrix Systems, Inc. Secure execution of enterprise applications on mobile devices
US9183380B2 (en) 2011-10-11 2015-11-10 Citrix Systems, Inc. Secure execution of enterprise applications on mobile devices
US10469534B2 (en) 2011-10-11 2019-11-05 Citrix Systems, Inc. Secure execution of enterprise applications on mobile devices
US9378359B2 (en) 2011-10-11 2016-06-28 Citrix Systems, Inc. Gateway for controlling mobile device access to enterprise resources
US9286471B2 (en) 2011-10-11 2016-03-15 Citrix Systems, Inc. Rules based detection and correction of problems on mobile devices of enterprise users
US9213850B2 (en) 2011-10-11 2015-12-15 Citrix Systems, Inc. Policy-based application management
US9111105B2 (en) 2011-10-11 2015-08-18 Citrix Systems, Inc. Policy-based application management
US9043480B2 (en) 2011-10-11 2015-05-26 Citrix Systems, Inc. Policy-based application management
US9053340B2 (en) 2012-10-12 2015-06-09 Citrix Systems, Inc. Enterprise application store for an orchestration framework for connected devices
US9189645B2 (en) 2012-10-12 2015-11-17 Citrix Systems, Inc. Sharing content across applications and devices having multiple operation modes in an orchestration framework for connected devices
US9386120B2 (en) 2012-10-12 2016-07-05 Citrix Systems, Inc. Single sign-on access in an orchestration framework for connected devices
US9392077B2 (en) 2012-10-12 2016-07-12 Citrix Systems, Inc. Coordinating a computing activity across applications and devices having multiple operation modes in an orchestration framework for connected devices
US9854063B2 (en) 2012-10-12 2017-12-26 Citrix Systems, Inc. Enterprise application store for an orchestration framework for connected devices
US9516022B2 (en) 2012-10-14 2016-12-06 Getgo, Inc. Automated meeting room
US8910239B2 (en) 2012-10-15 2014-12-09 Citrix Systems, Inc. Providing virtualized private network tunnels
US9973489B2 (en) 2012-10-15 2018-05-15 Citrix Systems, Inc. Providing virtualized private network tunnels
US9521117B2 (en) 2012-10-15 2016-12-13 Citrix Systems, Inc. Providing virtualized private network tunnels
US9467474B2 (en) 2012-10-15 2016-10-11 Citrix Systems, Inc. Conjuring and providing profiles that manage execution of mobile applications
US9654508B2 (en) 2012-10-15 2017-05-16 Citrix Systems, Inc. Configuring and providing profiles that manage execution of mobile applications
US8719898B1 (en) 2012-10-15 2014-05-06 Citrix Systems, Inc. Configuring and providing profiles that manage execution of mobile applications
US8904477B2 (en) 2012-10-15 2014-12-02 Citrix Systems, Inc. Configuring and providing profiles that manage execution of mobile applications
US8914845B2 (en) 2012-10-15 2014-12-16 Citrix Systems, Inc. Providing virtualized private network tunnels
US8931078B2 (en) 2012-10-15 2015-01-06 Citrix Systems, Inc. Providing virtualized private network tunnels
US8887230B2 (en) 2012-10-15 2014-11-11 Citrix Systems, Inc. Configuring and providing profiles that manage execution of mobile applications
CN104903910B (en) * 2012-10-16 2018-03-16 思杰系统有限公司 Control mobile device access to secure data
US9971585B2 (en) 2012-10-16 2018-05-15 Citrix Systems, Inc. Wrapping unmanaged applications on a mobile device
CN104903910A (en) * 2012-10-16 2015-09-09 思杰系统有限公司 Controlling access to secure data by a mobile device
US8959579B2 (en) 2012-10-16 2015-02-17 Citrix Systems, Inc. Controlling mobile device access to secure data
US9858428B2 (en) 2012-10-16 2018-01-02 Citrix Systems, Inc. Controlling mobile device access to secure data
US10545748B2 (en) 2012-10-16 2020-01-28 Citrix Systems, Inc. Wrapping unmanaged applications on a mobile device
US9606774B2 (en) 2012-10-16 2017-03-28 Citrix Systems, Inc. Wrapping an application with field-programmable business logic
US10908896B2 (en) 2012-10-16 2021-02-02 Citrix Systems, Inc. Application wrapping for application management framework
US9602474B2 (en) 2012-10-16 2017-03-21 Citrix Systems, Inc. Controlling mobile device access to secure data
WO2014062420A1 (en) * 2012-10-16 2014-04-24 Citrix Systems, Inc. Controlling mobile device access to secure data
US8910264B2 (en) 2013-03-29 2014-12-09 Citrix Systems, Inc. Providing mobile device management functionalities
US9280377B2 (en) 2013-03-29 2016-03-08 Citrix Systems, Inc. Application with multiple operation modes
US8881228B2 (en) 2013-03-29 2014-11-04 Citrix Systems, Inc. Providing a managed browser
US8898732B2 (en) 2013-03-29 2014-11-25 Citrix Systems, Inc. Providing a managed browser
US9455886B2 (en) 2013-03-29 2016-09-27 Citrix Systems, Inc. Providing mobile device management functionalities
US9158895B2 (en) 2013-03-29 2015-10-13 Citrix Systems, Inc. Providing a managed browser
US10965734B2 (en) 2013-03-29 2021-03-30 Citrix Systems, Inc. Data management for an application with multiple operation modes
US8849979B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing mobile device management functionalities
US8850050B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing a managed browser
US8849978B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing an enterprise application store
US9413736B2 (en) 2013-03-29 2016-08-09 Citrix Systems, Inc. Providing an enterprise application store
US9369449B2 (en) 2013-03-29 2016-06-14 Citrix Systems, Inc. Providing an enterprise application store
US9112853B2 (en) 2013-03-29 2015-08-18 Citrix Systems, Inc. Providing a managed browser
US9948657B2 (en) 2013-03-29 2018-04-17 Citrix Systems, Inc. Providing an enterprise application store
US9355223B2 (en) 2013-03-29 2016-05-31 Citrix Systems, Inc. Providing a managed browser
US8893221B2 (en) 2013-03-29 2014-11-18 Citrix Systems, Inc. Providing a managed browser
US9985850B2 (en) 2013-03-29 2018-05-29 Citrix Systems, Inc. Providing mobile device management functionalities
US10701082B2 (en) 2013-03-29 2020-06-30 Citrix Systems, Inc. Application with multiple operation modes
US8850010B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing a managed browser
US8850049B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing mobile device management functionalities for a managed browser
US10097584B2 (en) 2013-03-29 2018-10-09 Citrix Systems, Inc. Providing a managed browser
US8996709B2 (en) 2013-03-29 2015-03-31 Citrix Systems, Inc. Providing a managed browser
US10476885B2 (en) 2013-03-29 2019-11-12 Citrix Systems, Inc. Application with multiple operation modes
US10284627B2 (en) 2013-03-29 2019-05-07 Citrix Systems, Inc. Data management for an application with multiple operation modes
US8813179B1 (en) 2013-03-29 2014-08-19 Citrix Systems, Inc. Providing mobile device management functionalities
US9215225B2 (en) 2013-03-29 2015-12-15 Citrix Systems, Inc. Mobile device locking with context
US10235505B2 (en) 2014-11-10 2019-03-19 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms
US10229253B2 (en) 2014-11-10 2019-03-12 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms
US10002238B2 (en) 2014-11-10 2018-06-19 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms
US9922177B2 (en) 2014-11-10 2018-03-20 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms
US9449353B2 (en) 2014-11-10 2016-09-20 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms
US9626491B2 (en) 2014-11-10 2017-04-18 International Business Machines Corporation Enabling enforcement of licensing terms in distributing content in containers by including a key in the container containing the pertinent licensing terms

Also Published As

Publication number Publication date
GB0814371D0 (en) 2008-09-10

Similar Documents

Publication Publication Date Title
GB2462442A (en) A remote server centrally controls access to data stored in a data container in an encrypted form
US8782403B1 (en) Method and apparatus for securing confidential data for a user in a computer
US7802109B2 (en) Trusted system for file distribution
CN101953111A (en) Systems and methods for securing data
WO2002073861A3 (en) Method and apparatus for cryptographic key storage wherein key servers are authenticated by possession and secure distribution of stored keys
CN103003822A (en) Domain authentication control over platform resources
KR20080071528A (en) Method and system for storage data encryption and data access
AU2006337160A1 (en) Administration of data encryption in enterprise computer systems
AU2020316082A1 (en) Enhanced secure encryption and decryption system
US7412603B2 (en) Methods and systems for enabling secure storage of sensitive data
CN101341490B (en) Method for control access of file system, related system, SIM card and computer program product used therein
Omar New insights into database security: An effective and integrated approach for applying access control mechanisms and cryptographic concepts in Microsoft Access environments
US8738531B1 (en) Cryptographic distributed storage system and method
US20100088770A1 (en) Device and method for disjointed computing
US11750374B2 (en) System and method for forensic access control
US8095966B1 (en) Methods and apparatus for password management
US11811751B2 (en) Exclusive self-escrow method and apparatus
Albaroodi et al. Ethereum-inspired access management account control for a secured decentralized cloud storage
JP2012124787A (en) Access management system
KR20240066716A (en) Method for managing content decryption key and apparatus for same
Chang et al. Enterprise digital rights management system based on smart card
Hingmire et al. USB Fort Knox: Building a Robust Defense Against Data Breaches
Scarfone The true story of data-at-rest encryption & the cloud
CN116127501A (en) User private data protection method, system and medium based on user private container
Claycomb et al. An Enhanced Approach to using Virtual Directories for Protecting Sensitive Information.

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)