中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

6 records (took 0.02 seconds)

    INTELLIGENT DELETION OF REVOKED DATA
    1.
    发明申请
    INTELLIGENT DELETION OF REVOKED DATA 审中-公开
    智能删除恢复数据

    公开(公告)号:WO2017003891A1

    公开(公告)日:2017-01-05

    申请号:PCT/US2016/039468

    申请日:2016-06-27

    Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

    Inventor: ADAM, Preston Derek TERAN, Adrian F. MEHTA, Yogesh A. SPAITH, John C. MAY, Steve Roger

    IPC: G06Q10/10 G06F21/62

    CPC classification number: H04L9/3268 G06F21/6218 G06F2221/2143 G06Q10/10 H04L63/0823

    Abstract: A program on a device communicates with services of an organization and obtains data associated with the organization (also referred to as organization data). The organization data is optionally encrypted using one or more encryption keys, in which case the program has access to one or more decryption keys allowing the organization data to be decrypted and used at the device. Situations can arise in which the organization data stored on the device is to no longer be accessible to a user and/or the device, which is also referred to as the data being revoked. In response to organization data being revoked at the device, various techniques are used to intelligently delete the data, which refers to determining, based on the revocation that occurred and the nature of the data on the device, which data on the device is to be deleted from the device.

    Abstract translation: 设备上的程序与组织的服务通信并获得与组织相关联的数据(也称为组织数据)。 可以使用一个或多个加密密钥来选择性地加密组织数据,在这种情况下,程序可以访问一个或多个解密密钥,允许组织数据在设备处被解密和使用。 可能出现这样的情况,其中存储在设备上的组织数据不再被用户和/或设备访问,这也被称为被撤销的数据。 响应于在设备上被撤销的组织数据,使用各种技术来智能地删除数据,其涉及基于所发生的撤销以及设备上的数据的性质来确定该设备上的哪些数据 从设备中删除。

    PASSIVE ENCRYPTION OF ORGANIZATION DATA
    3.
    发明申请
    PASSIVE ENCRYPTION OF ORGANIZATION DATA 审中-公开
    被动加密组织数据

    公开(公告)号:WO2017062236A1

    公开(公告)日:2017-04-13

    申请号:PCT/US2016/054036

    申请日:2016-09-28

    Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

    Inventor: SEMENKO, Alex M. ADAM, Preston Derek BASMOV, Innokentiy ACHARYA, Narendra S. NOVOTNEY, Peter J. BHAGURKAR, Salil Arun MEHTA, Yogesh A.

    IPC: G06F21/62 G06F21/60

    CPC classification number: H04L63/1408 G06F21/602 G06F21/6209 G06F21/6218 G06F2221/2107 H04L63/107

    Abstract: A data protection policy is implemented on a computing device, the data protection policy indicating how organization data on the computing device is to be protected. Protection of the organization data includes encrypting the organization data, and allowing the organization data to be decrypted only by particular programs and/or under particular circumstances (as indicated by the data protection policy). When implementing a data protection policy, files already stored on the computing device are encrypted using a passive encryption technique. The passive encryption technique can include one or more of an encrypt on close technique, an encrypt on open technique, an encrypt without exclusive access technique, and an encrypt location technique.

    Abstract translation: 在计算设备上实现数据保护策略,该数据保护策略指示如何保护计算设备上的组织数据。 对组织数据的保护包括加密组织数据,并允许组织数据仅由特定程序和/或在特定情况下(如数据保护策略所指示)进行解密。 在实施数据保护策略时,已经存储在计算设备上的文件使用被动加密技术进行加密。 被动加密技术可以包括关闭技术的加密,开放技术的加密,无独占访问技术的加密以及加密定位技术中的一个或多个。

    DELEGATING SECURITY POLICY MANAGEMENT AUTHORITY TO MANAGED ACCOUNTS
    4.
    发明申请
    DELEGATING SECURITY POLICY MANAGEMENT AUTHORITY TO MANAGED ACCOUNTS 审中-公开

    公开(公告)号:WO2018160504A1

    公开(公告)日:2018-09-07

    申请号:PCT/US2018/019799

    申请日:2018-02-27

    Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

    Inventor: ADAM, Preston Derek BARHUDARIAN, Violet Anna ACHARYA, Narendra S. JUNE, Richard LAHIRI, Shayak WU, Qiongzhi

    IPC: G06F21/62

    Abstract: A system may delegate authority to manage aspects of a security policy developed by administrative personnel to standard users (e.g. non-administrative personnel) corresponding to managed accounts within an administrative hierarchy. An exemplary security policy may include application management settings that allow or deny individual applications with access to various enterprise resources. The system may expose one or more user interfaces to standard users of an enterprise network to enable these standard users to modify the security policy being deployed for their managed account and/or to at least temporarily exempt a particular application from the enterprise's security policy. For example, upon a standard user attempting to access enterprise data with a particular application that is not permitted such access, the system may enable this standard user to change the security policy as applied to her device or to simply exempt the particular application from the security policy.

    ROAMING CONTENT WIPE ACTIONS ACROSS DEVICES
    5.
    发明申请
    ROAMING CONTENT WIPE ACTIONS ACROSS DEVICES 审中-公开
    漂移内容的WIPE操作

    公开(公告)号:WO2016073397A1

    公开(公告)日:2016-05-12

    申请号:PCT/US2015/058707

    申请日:2015-11-03

    Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

    Inventor: MEHTA, Yogesh A. URECHE, Octavian T. ADAM, Preston Derek ACHARYA, Narendra S.

    IPC: H04L29/06

    CPC classification number: H04L63/06 G06F21/6209 H04L63/0428 H04L63/20 H04L67/1097

    Abstract: Content on a device is encrypted and protected based on a data protection key. The protected content can then be copied to cloud storage, and from the cloud storage the protected content can be transferred to various other ones of the user's devices. A key used to retrieve plaintext content from the protected content is associated with an identifier of a particular device that provides the key, the device providing the key being the device that generated the key, or another managed device to which the protected content was transferred. A wipe command can similarly be transferred to the various ones of the user's devices, causing any keys associated with a particular device to be deleted from each of the various ones of the user's devices.

    Abstract translation: 基于数据保护密钥对设备上的内容进行加密和保护。 然后,受保护的内容可以被复制到云存储,并且从云存储可以将受保护的内容传送到用户设备中的其他各种设备。 用于从受保护的内容中检索明文内容的密钥与提供密钥的特定设备的标识符相关联,提供密钥的设备是生成密钥的设备或被保护的内容被传送到的另一被管理设备。 擦除命令可以类似地被传送到用户设备中的各个设备,导致与特定设备相关联的任何密钥从用户设备的各个设备中删除。

    PRESERVING DATA PROTECTION WITH POLICY
    6.
    发明申请
    PRESERVING DATA PROTECTION WITH POLICY 审中-公开
    保留数据保护政策

    公开(公告)号:WO2016040204A2

    公开(公告)日:2016-03-17

    申请号:PCT/US2015/048750

    申请日:2015-09-07

    Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

    Inventor: ADAM, Preston Derek ACHARYA, Narendra S. BASMOV, Innokentiy URECHE, Octavian T. MEHTA, Yogesh A. SEMENKO, Alex M.

    IPC: H04L29/06

    CPC classification number: H04L63/0853 G06F21/602 G06F21/6281 G06F2221/2107 H04L63/20

    Abstract: Data files are encrypted based on a key associated with an entity that sets a data protection policy controlling access to the data files. The data protection policy identifies various restrictions on how the plaintext data of the encrypted data in the data files can be used. The data files have corresponding metadata identifying the entity that sets the data protection policy, and processes that are running instances of applications that are allowed to access the plaintext data are also associated with the identifier of the entity. These identifiers of the entity, as well as the data protection policy, are used by an operating system of a computing device to protect the data in accordance with the data protection policy, including having the protection be transferred to other devices with the protected data, or preventing the protected data from being transferred to other devices.

    Abstract translation: 数据文件基于与实体设置的密钥进行加密,该实体设置控制对数据文件的访问的数据保护策略。 数据保护策略确定了如何使用数据文件中加密数据的明文数据的各种限制。 数据文件具有标识设置数据保护策略的实体的相应元数据,并且正在运行允许访问明文数据的应用程序实例的进程也与实体的标识符相关联。 实体的这些标识符以及数据保护策略被计算设备的操作系统使用以根据数据保护策略来保护数据,包括将保护传送到具有受保护数据的其他设备, 或防止受保护的数据被传送到其他设备。

Patent Agency Ranking