`US 20030182435Al
`
`(19) United States
`(12) Patent Application Publication
`Redlich et al.
`
`(10) Pub. No.: US 2003/0182435 Al
`Sep. 25, 2003
`( 43) Pub. Date:
`
`(54) DATA SECURITY SYSTEM AND METHOD
`FOR PORTABLE DEVICE
`
`(75)
`
`Inventors: Ron M. Redlich, Miami Beach, FL
`(US); Martin A. Nemzow, Miami
`Beach, FL (US)
`
`Correspondence Address:
`ROBERT C. KAIN, JR.
`750 SOUTHEAST THIRD AVENUE
`SUITE 100
`FT LAUDERDALE, FL 333161153
`
`(73)
`
`Assignee: Digital Doors, Inc.
`
`(21)
`
`Appl. No.:
`
`10/390,807
`
`(22) Filed:
`
`Mar. 19, 2003
`
`on Aug. 2, 2002. Provisional application No. 60/400,
`406, filed on Aug. 2, 2002. Provisional application
`No. 60/400,407, filed on Aug. 2, 2002. Provisional
`application No. 60/260,398, filed on Jan. 9, 2001.
`Provisional application No. 60/287,813, filed on May
`2, 2001. Provisional application No. 60/267,944, filed
`on Feb. 12, 2001. Provisional application No. 60/247,
`242, filed on Nov. 13, 2000. Provisional application
`No. 60/247,232, filed on Nov. 13, 2000.
`
`Publication Classification
`
`Int. Cl.7 .......................... G06F 15/16; G06F 11/30;
`H04L 9/32; G06F 12/14
`U.S. Cl. ............................................ 709/229; 713/200
`
`ABSTRACT
`
`(51)
`
`(52)
`
`(57)
`
`Related U.S. Application Data
`
`(63) Continuation-in-part of application No. 10/277,196,
`filed on Dec. 31, 2002.
`Continuation-in-part of application No. 10/115,192,
`filed on Apr. 2, 2002.
`Continuation-in-part of application No. 10/155,525,
`filed on May 23, 2002.
`Continuation-in-part of application No. 10/008,209,
`filed on Dec. 6, 2001.
`Continuation-in-part of application No. 10/008,218,
`filed on Dec. 6, 2001.
`Continuation-in-part of application No. 09/916,397,
`filed on Jul. 27, 2001.
`
`(60) Provisional application No. 60/400,062, filed on Aug.
`2, 2002. Provisional application No. 60/400,112, filed
`
`The method, used with a portable computing device, secures
`security sensitive words, icons, etc. by determining device
`location within or without a predetermined region and then
`extracting the security data from the file, text, data object or
`whatever. The extracted data is separated from the remainder
`data and stored either on media in a local drive or remotely,
`typically via wireless network, to a remote store. Encryption
`is used to further enhance security levels. Extraction may be
`automatic, when the portable device is beyond a predeter(cid:173)
`mined territory, or triggered by an event, such a "save
`document" or a time-out routine. Reconstruction of the data
`is permitted only in the presence of a predetermined security
`clearance and within certain geographic territories. A com(cid:173)
`puter readable medium containing programming instruc(cid:173)
`tions carrying out the methodology for securing data is also
`described herein. An information processing system for
`securing data is also described.
`
`N - - - -~ 257
`STOREFlLTER("'IBEENCR\PT)
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 001
`
`
`
`'"""'
`>
`Ul
`~
`N
`'"""' 00
`0
`@
`
`0
`N
`'JJ.
`d
`
`0
`N
`
`'"""' 0 ....,
`~ ....
`'JJ. =(cid:173)~
`0 8
`
`N
`~Ul
`N
`~ '?
`'JJ.
`
`.... 0 =
`~ ....
`O' -....
`~
`.... 0 =
`~ ....
`~ "Cl -....
`~ .... ~ = ....
`
`I")
`
`I")
`
`""C
`
`130 I RECONSTRUCT i 132 I RECONSTRUCT
`
`VISUAL
`
`I ;:__j
`
`ELECTRONIC
`
`-... .......
`
`COMP. STORE
`
`8-EXT
`
`COMP. STORE
`
`A-COM
`
`110
`
`108
`
`CONFIRM 113
`
`110
`
`8--EXT
`
`STORAGE
`COMPUTER
`
`128
`
`FIG. 1 B
`
`RECONSTRUCT H CLEARANCE
`
`PROTOCOL
`
`SECURl1Y
`
`REQ.
`
`120
`
`---------------------+----·------------------~12
`
`--•~;
`
`e,__,l ,-
`
`7
`
`PLACEHtLDERS
`
`CONFIRM 111
`
`108 ~-----,
`
`J
`
`A-COM
`
`STORAGE
`COMPUTER
`
`COMMON ~15
`
`TEXT
`
`\
`
`FILTER 102
`
`104
`
`DATA
`
`126
`/
`
`• I CLEARANCE i----,-,l &
`
`LOC.
`
`124
`
`106
`
`118
`
`L_______,(
`
`EXTRACTED
`
`TEXT ~e
`
`. F -H MAP
`
`122
`
`FIG. 1 A
`
`100
`
`PLAINTEXT t--V
`SOURCE
`
`DOC
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 002
`
`
`
`Patent Application Publication Sep. 2S, 2003 Sheet 2 of 20
`
`US 2003/018243S Al
`
`142
`
`164
`
`166
`
`168
`
`140
`
`---- 167
`
`163
`
`161
`
`------
`
`146
`
`ROUTER
`
`SERVER
`
`- - - -
`----
`----
`
`145
`
`PC-3--
`
`FIG. 2
`
`159
`
`SECURITY
`
`MAP
`
`158
`
`COMP. STORAGE
`I-EXT
`
`156
`
`162
`
`. FLOPPY
`
`CO-R-W
`160
`
`171
`
`169
`
`HARD
`DR.
`
`VID.
`80
`
`R
`A
`M
`
`CPU
`
`165
`
`152
`
`SERVER
`(ASP)
`
`COMP.
`STORAGE
`I-COM
`
`154
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 003
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 3 of 20
`
`US 2003/0182435 Al
`
`SEC.
`LEVEL C
`
`SEC.
`LEVEL D
`
`206
`~,.______._ __ --, 214 ~--'-----,
`STORE DATA
`STORE
`220
`AT DIFFERENT
`COM-DATA
`AT DIFFERENT
`LOCATIONS
`21 6 .___-,---,--,¢==.=~/
`LOCATION IN HARD
`DRIVE THAN
`EXT-DATA
`
`218
`
`222
`
`ONLY VISUAL
`PRESENTATION OF
`PLAINTEXT
`ENABLED
`
`228
`
`226
`
`PARSE EXT-DATA
`PER SECURl1Y CLEARANCE
`
`REPEAT PROCESS A, B
`OR C WITH ONLY PORTIONS
`OF EXT-DATA PRESENTED
`TO USER BASED ON
`SEC. CLEARANCE
`
`RECONSTRUCT
`
`SEC.
`LEVEL A
`
`202
`
`ELECTRONIC
`INTEGRATION
`OF
`PLAINTEXT
`E.G. MERGE
`
`. NO IMPOSED
`PROCESS
`CONTROLS
`
`204
`
`FIG. 3
`
`SEC.
`LEVEL B
`
`206
`IN
`MAP STORED
`COMP. MEM.
`
`208
`INTERLEAVE EXT(cid:173)
`DATA WITH COM-DATA
`IN VIDEO BO.
`MEMORY
`
`210
`
`212
`
`LIMITS IMPOSED
`ON PROCESSING,
`EDIT & STORAGE
`
`169
`-COM 1
`- - EXT 1
`-
`COM 2
`- - EXT 2
`
`FIG. 3A
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 004
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 4 of 20
`
`US 2003/0182435 Al
`
`FIG. 4
`
`SECURllY PROGRAM
`
`230~------"----~
`
`232 . . . . . . - - - - - - -~ - - - - - - - - - ,
`DESIGNATE LEVELS OF SECURl1Y (# OF LEVELS)
`
`234 , - - - - - - - - - ' - - - - - - - - - - ,
`DEFINE SECURllY LEVEL PARAMETERS
`
`236 , - - - - - - - - - - - - ' - - - - - - - - - - - - - ,
`DESIGNATE LOC. OF FILTER, COMMON STORE, EXTRACT STORE (MULTIPLE STORES)
`
`238 . . - - - - - - - - - - - ' - - - - - - - - - ,
`ENCRYPTION ON/OFF AND DEGREE PER LEVEL
`
`240 , - - - - - - - - - - ' - - - - - - - - - ,
`DEFINE FILTER (MAYBE RETRIEVE PREVIOUS FILTER)
`
`242 . . - - - - - - - - - - ' - - - - - - - - - ,
`INPUT DOC OR DATA INTO FILTER
`
`246 ..------------'---------,
`EXTRACT SECURllY CONCERN DATA (EXT. DATA)
`
`248 , - - - - - - - - - - ' - - - - - - - - - ,
`STORE EXT DATA
`(MAYBE ENCRYPT)
`
`250 ~--------1---------,
`ERROR CHECK
`
`252 ~---'------,
`STORE COMMON DATA
`254 ~_.....__ _ _,
`ERROR CHECK
`
`25
`
`N ~ - - - - - - - - , 257
`STORE FILTER (MAYBE ENCRYPT)
`
`258 --'---~
`STORE MAP
`260 _ _.____
`END
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 005
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 5 of 20
`
`US 2003/0182435 Al
`
`RECONSTRUCT PROCESS
`. - - - - - - -L - - - - - - , 302
`REQUEST TO RECONSTRUCT
`
`QUERY LOCAL MAP & SECURITY SYS.
`
`304
`
`FIG. 5
`
`LOG ATTEMPT
`309
`
`313
`
`321
`REPEAT
`
`BAR
`323
`
`308
`
`307
`RELEASE RECON REQUEST TO COMMON STORAGE.
`A-COM
`
`310
`
`312
`
`314
`
`LOG USER, t, DATA
`
`DOWNLOAD COM-DATA
`
`QUERY REMOTE MAP & SEC. SYS.
`
`ERROR
`317
`y
`318 REL KEYS & REL RECON REQUEST
`TO REMOTE STORE EXT DATA
`
`320
`
`LOG USER, t, DATA
`
`322
`
`DOWNLOAD EXT-DATA
`324 ~ - - - - -L - - - - - - ,
`ERROR ROUTINE, MATCH CHECK
`
`DELETE FILES
`329
`
`328 PROCEED TO DISPLAY OR
`INTEGRATE DOC
`PER SECURITY CLEARANCE
`330 ___ ___,_ ___ __
`END OR RE-ENCODE
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 006
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 6 of 20
`
`US 2003/0182435 Al
`
`~
`
`~
`O:'.'.
`D
`::3
`I-w z
`
`.......
`v
`
`___.
`--'
`V
`
`CJ'\
`
`u
`0....
`
`CD
`
`u
`0....
`
`r---
`
`u
`0....
`
`\0 . u ~
`
`~
`
`CD
`C) v
`
`u
`
`w
`O:'.'.
`□ (Y)
`I-
`C/)
`
`~
`Q:'.
`D
`:3
`I-w
`z
`C/) z
`□ ........
`I-
`
`<I: u ........ z
`
`:::J
`::E:
`::E:
`D u
`
`w
`O:'.'.
`Dru
`I-
`C/)
`
`O:'.'. w ,r.
`>O....
`Q:'. C/)
`w~
`C/)
`
`w
`O:'.'. o .....
`
`I-
`C/)
`
`(\J
`l{)
`'¢
`
`L[)
`
`u
`0..
`
`\.0
`
`u
`0...
`
`u
`0..
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 007
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 7 of 20
`
`US 2003/0182435 Al
`
`FIG. 7o..
`
`MULTIPLE LA YER SECURITY PROGRAM
`
`420
`
`INITIALIZE
`
`422
`
`DESIGN A TE MULTIPLE LEVELS OF SECURITY (DESIGN A TE
`WORDS PER LEVEL) AND DEFINE ENCRYPTION
`FOR EACH LEVEL
`
`424
`
`ENABLE SECURITY PROGRAM WITH MULTIPLE FILTERS,
`ENCRYPT LEVELS, STORAGE LEVELS
`
`425
`
`INQUIRY TO RECONSTRUCT
`
`ASSESS SECURITY CLEARANCE LEVEL FOR INQUIRY
`
`TO FIG. 7(.\(CONT.)
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 008
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 8 of 20
`
`US 2003/0182435 Al
`
`ADD
`PLACEHOLDER
`SUBSTITUTIONS
`
`429
`
`N
`
`FIG. 7Q,(CONT.)
`
`428
`
`430
`
`y
`
`RECONSTRUCT PER CLEARANCE LEVEL
`
`432
`
`DISPLAY NORMAL,SPLIT VIDEO MEMORY,
`OVERLAID DISPLAY SCREENS
`
`MONITOR AND LOG LOCATION OF INQUIRY,
`USER, TIME,D A Y ,DA TE,CLEARANCE LEVEL,MOD IFICA TION
`LOG,ETC.
`
`434
`
`ENABLE SECURITY PROGRAM,FIL TER,EXTRACT
`ENCODE,DISPERSE & STORE
`
`436
`
`440
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 009
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 9 of 20
`
`US 2003/0182435 Al
`
`100
`
`801
`
`SECURITY
`
`SEC.
`803 CLEARANCE
`PROCESS
`
`Ql
`
`USERl
`
`DATAl
`
`n'l
`'<"-
`
`USER2
`
`DATA2
`
`3
`
`USER3
`
`DATA3
`
`-
`
`I
`
`)
`I
`Jl <,
`
`/"')
`'v'
`
`SL 1
`
`/
`
`~
`
`FIG. 7b
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 010
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 10 of 20
`
`US 2003/0182435 Al
`
`FIG. 8
`
`ADAPTIVE SECURJTY PROGRAM
`
`SENSE ALL INTRUSIONS AND
`ATTEMPTS (HACK ATTEMPTS I SUCCESSES)
`
`ASSESS NETWORK PERFORMANCE: ADJUST STORAGE
`LOCATION, ENCRYPTION LEVELS, MAP STORAGE
`
`460
`
`462
`
`THREAT;
`ATTACK
`
`N
`
`464
`
`y
`
`466
`
`ASSIGN A TT ACK LEVEL
`(HACK WARNING)
`
`N
`
`468
`
`._____.-TO FIG 8 (CONT.)
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 011
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 11 of 20
`
`US 2003/0182435 Al
`
`FIG. 8 (CONT.)
`
`470
`
`472
`
`474
`
`476
`
`478
`
`ASSIGN SECURITY LEVEL & IMPLEMENT
`SECURITY PROGRAM
`
`N
`
`REASSIGN
`SEC.LEVEL
`
`473
`
`COMMONPATH
`
`CLEAR
`
`y
`
`MAINTAIN
`SEC. PGM.
`
`N
`
`y
`
`RECONSTRUCT PERMITTED
`OR AUTO RECONSTRUCT
`
`480
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 012
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 12 of 20
`
`US 2003/0182435 Al
`
`MULTIPLE ENCRYPTION PROGRAM
`
`FIG. 9
`
`INITIALIZE AND SET-UP ESC. SYS., SEC. LEVELS, FILTERS,
`ETC. WITH DIFFERENT TYPES OF ENCRYPTION
`
`FILTER SOURCE DOC. OR DATA OBJECT
`
`ENCRYPT EXT. DATA PER SEC. LEVELS
`
`PUBLISH, DISTRIBUTE, STORE MULTIPLE LEVEL (ML) ENCRYPTED
`DOC.OR DAT A OBJECT WITH OR WITIIOUT PLACEHOLDERS
`
`516
`
`RETRIVE ML ENCRIPTED DOC. OR OBJ.
`
`520
`
`RETRIVE CIPHER KEY PER SEC. LEVEL
`(MANUAL OR AUTOMATIC)
`
`522
`
`DECRYPT PER SEC.LEVEL
`
`RVW, DISPLAY, STORE,COMMENTON,RE-ENCRYPT,
`REPUBLISH DOC. OR DATA OBJECT
`
`524
`
`END OR CONTINUE
`WITH OTHER PGM.
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 013
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 13 of 20
`
`US 2003/0182435 Al
`
`FIG. 10
`
`550
`
`OBTAIN DOC.
`100
`
`STORE
`
`PARSE
`
`552
`
`556
`
`DSl
`
`DS2
`
`DS3
`
`560
`...__r--
`
`STORE
`MAP
`
`MAP
`1 - - - - - - - STORAGE 558
`I
`
`/
`
`/
`
`RECONSTRUCT
`
`DECODE&
`GATHER
`
`562
`
`564
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 014
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 14 of 20
`
`US 2003/0182435 Al
`
`-MAIL SECURITY SYSTEM
`
`FIG.I IA
`
`SYSTEM ON
`
`FILTER SET
`
`COMPOSE E-MAIL
`
`603
`
`SECURITY CHECK
`
`HIGHLIGHT SEC. WORDS ETC.
`
`USER SELECTS
`SECURITY WORDS,CHARACTERS,
`ICONS
`
`602
`
`604
`
`606
`
`608
`
`610
`
`612
`
`614
`
`616
`
`618
`
`620
`
`/
`622
`
`CREA TE SECOND
`EMAIL WITH
`SEC. DATA
`
`ATTACH SEC. DATA
`TO REMAINDER
`
`623
`
`EMBED SEC. DATA
`IN·ENCRYPTED
`FORMAT
`END OF REM.
`DATA IN THE
`
`ADD HYPERLINK TO
`REMAINDER DATA EMAIL
`-LINK TO SECURE ASP
`
`SEND TO AD'EE
`
`SEND REMAINDER DATA
`EMAIL TO ADDRESSEE
`
`AD'EEOPENS
`A TTAClllvIENT
`
`625
`
`627
`
`ADDRESSEE RECIEVES
`REM,E MAIL,LINKS TO
`SECURE ASP
`
`6 6
`
`SYSTEM DECRYPTS
`SEC. DATA
`ATTACHMENT
`
`629
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 015
`
`
`
`Patent Application Publication Sep. 2S, 2003 Sheet 1S of 20
`
`US 2003/018243S Al
`
`FIG.11B
`
`11-B
`
`SYSTEM INTERPOLATES
`SEC. DATA INTO
`REMAINDER DATA
`(COMPILES PLAIN TEXT)
`
`,_ _ 631
`
`AD'EE CLEARS
`SECURITY AT ASP
`
`628
`
`SECURE ASP OBTAINS
`MAP FOR EACH SECURE
`DATA E-MAIL,OBTAINS
`SECURE DA TA E-MAIL
`DECRYPTS
`
`SECURE ASP
`DOWNLOAD SECURE
`DATA EMAIL TOAD'EE
`
`AD'EE SYSTEM
`COMPILES PLAIN TEXT
`
`630
`
`632
`
`634
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 016
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 16 of 20
`
`US 2003/0182435 Al
`
`FIG.12A
`
`SYSTEM ON
`
`FILTER SET
`
`USER INPUTS DATA
`INTO "OPEN FIELD"
`OF HTML DISPLAY PAGE
`
`702
`
`USER SELECTS
`"SECURE NOW" MODULE
`
`704
`
`SYSTEM SCANS OPEN
`FIELD DATA,LOCA TES
`SEC. DATA,EXTRACTS SEC. DATA
`
`~
`706
`
`ADD PLACEHOLDERS AND
`HYPERLINK TO SRCURE ASP
`
`708
`
`USER SELECTS "SEND"
`ON HTML DISPLAY DISPLAY PAGE ~
`
`WEB SERVER CGI RECIEVES ~
`DATA FIELDS,IDS PLACEHOLDERS
`712
`AND HYPERLINK
`
`WEB SERVER GOES TO SECURE
`ASP,CLEARS SECURITY,OBTAINS
`SECURITY DATA
`
`714
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 017
`
`
`
`Patent Application l'ublication Sep. 25, 2003 Sheet 17 of 20
`
`US 2003/0182435 Al
`
`FIG.12B
`
`12-A
`
`WEB SERVER RECONSTRUCTS
`OPEN FIELD DATA
`
`WEB SERVER PROCESSES
`DATA AS NECESSARY
`
`718
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 018
`
`
`
`Patent Application Publication Sep. 2S, 2003 Sheet 18 of 20
`
`US 2003/018243S Al
`
`REVENUE SYSTEM
`
`FIG.13
`
`730
`
`750
`
`y
`
`-----1 RECONSTRUCT REQUEST
`
`DISPLAY AD 1
`(APPLN. SERVER)
`
`732
`
`PASSWORD
`CLEARANCE
`
`734
`
`y
`
`36
`
`INPUT-PROCESS j
`DOC.
`t
`j DISPLAY AD 2 f" 738
`t
`USEREXITS h
`
`740
`
`N
`
`,---,,D"I"c,iSPrrrlA,A~yTAAiDF) 11 I
`
`-757
`/ VENDOR
`~ SITE
`--...__
`-
`
`REFERRAL
`FEE
`
`PASSWORD
`CLEARANCE
`
`756
`
`RECONSTRUCT
`SEQUENCE
`
`758
`
`CHARGE
`USER
`ACCT.
`
`N
`
`759
`
`END/RETURN TO
`PGM.
`
`747
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 019
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 19 of 20
`
`US 2003/0182435 Al
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 020
`
`
`
`Patent Application Publication Sep. 25, 2003 Sheet 20 of 20
`
`US 2003/0182435 Al
`
`03D
`
`€,-PJ or /r-1'9,J yu('qf,£
`/-ICTIO//'fc
`..eocAho:.... cl<l+fl
`o !,l,,,;,J cvrre..,f
`
`6lJf/J1N T7cRr;?,:rolli'j-' L/t"UT.J
`
`t<='O~
`
`833
`
`Sec.. Lev,€ L.
`
`SL 2-_, SL 3./
`
`/Zeco,.;,srrz_~ tT ~t)'
`4,,/(,;.,, 1,;.,-/-J
`
`Sec'-Jre /:ct.
`AJA1",...J
`
`8 ti o
`
`;Ts t!ower S4l.c.
`~/9 r,9,,.,cc
`/I vr11C11 t{.e
`fE,..,.-,/o r7 ?
`c,,,,/4 1i.J
`U~r /<e;vnl ?
`£eco,v,Skucf oN£y
`0,'I(,~ /,;.,;.,ts
`
`s-rolt.£
`SL2-, SL 3.1
`St._1.f
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 021
`
`
`
`US 2003/0182435 Al
`
`Sep.25,2003
`
`1
`
`DATA SECURITY SYSTEM AND METHOD FOR
`PORTABLE DEVICE
`
`[0001] This is a continuation-in-part of patent application
`Ser. No. 10/277,196 filed on Jan. 2, 2003 and patent appli(cid:173)
`cation Ser. No. 10/115,192 filed on May 23, 2002 and Ser.
`No. 10/155,525 filed on May 23, 2002, and is a regular
`patent application claiming the benefit of provisional patent
`applications 60/400,062 filed on Aug. 2, 2002, 60/400,112
`filed on Aug. 2, 2002, 60/400,406 filed on Aug. 2, 2002, and
`60/400,407 filed on Aug. 2, 2002, and is a continuation-in(cid:173)
`part of patent application Ser. No. 10/008,209 filed on Dec.
`6, 2001 and Ser. No. 10/008,218 filed on Dec. 6, 2001, and
`is a continuation-in-part of patent application Ser. No.
`09/916,397 filed Jul. 27, 2001 which is a regular patent
`application is based upon provisional patent application No.
`60/260,398, filed Jun. 5, 2001; application No. 60/287,813,
`filed on May, 2, 2001; application No. 60/267,944, filed Feb.
`12, 2001; application No. 60/247,242, filed Nov. 13, 2000
`and application No. 60/247,232, filed Nov. 13, 2000.
`
`[0002] The present invention relates to a data security
`system and method and, more specifically, to a process,
`program and system which operates to secure files and data
`objects in portable computing devices. The invention
`extracts, disperses, via a controlled release of data segments
`to storage locations, and permits reconstruction utilizing
`security protocols to provide a security system for data.
`Scrubbing security icons from maps, credit card data or
`financial data from text, a data object or data stream is also
`discussed herein.
`
`BACKGROUND OF THE INVENTION
`
`[0003] The extensive use of computers and the continued
`expansion of telecommunications networks, particularly the
`Internet, enable businesses, governments and individuals to
`create documents (whether text, images, data streams or a
`combination thereof, sometimes identified as "data objects")
`and distribute those documents widely to others. Although
`the production, distribution and publication of documents is
`generally beneficial to society, there is a need to limit the
`distribution and publication of security sensitive words,
`characters or icons. Concerns regarding the privacy of
`certain data (for example, an individual's social security
`number, credit history, medical history, business trade
`secrets and financial data) is an important issue in society. In
`another words, individuals and businesses have a greater
`concern regarding maintaining the secrecy of certain infor(cid:173)
`mation in view of the increasing ease of distribution of
`documents through computer networks and the Internet.
`
`[0004] U.S. Pat. No. 6,055,544 to DeRose et al. discloses
`the generation of chunks of a long document for an elec(cid:173)
`tronic book system. DeRose '544 discloses solutions avail(cid:173)
`able to book publishers to publish books in electronic format
`on the worldwide web. One of the problems is that the books
`are published as small document fragments rather than
`publishing an entire book which, due to the formatting,
`protocol and command structure on the Internet, downloads
`an entire book to the user. The problem involved with
`publishing small documents is that there is no relationship to
`other portions of the book. See col. 3, lines 51-55 and col.
`4, lines 3-5. One methodology to solve the problem involves
`inserting hypertext links in the book. This places a large
`burden on the book publisher. Col. 4, lines 19-21. Accord-
`
`ingly, it is an object of DeRose '544 to provide a mechanism
`for accessing only a portion of a large, electronically pub(cid:173)
`lished document and automatically determining what por(cid:173)
`tion of the document to download to the user based upon
`user selections that is, previous portions and subsequent
`portions of the document are downloaded with the selected
`portion, without maintaining separate data files for each
`portion of the document. Col. 4, lines 34-39. In other words,
`if a person wanted to access chapter 4 of a text, the system
`in DeRose '544 would display chapter 4, chapter 3 (the
`preceding chapter) and chapter 5 (the subsequent chapter).
`This publishing of portions of the document utilizes a subset
`of marked up elements established as being significant and
`a second subset of elements being less significant. For
`example, "Title elements" define a table of contents. A first
`representation of the document structure defined by all of the
`marked up elements maybe used in combination with a
`second representation of the document structure defined
`only by the significant elements to control selection of
`portions of the documents such that previous and subsequent
`portions may be selected and rendered in a consistent and
`intuitive manner." Col. 4, lines 38-55. A computer system
`stores a first representation of the hierarchy of all elements
`in the electronic document. As example, this may be each
`chapter in its entirety. The computer also stores a second
`representation of the hierarchy of only significant elements
`in the electronic document. As an example, this may be a
`listing of each chapter without the text associated with the
`chapter. In response to request for a portion of the document,
`the computer system selects the portion defined by the
`significant element in
`the second representation. For
`example, if the user requested chapter 4, the entirety of
`chapter 4 would be downloaded from the web server to the
`client computer. In addition to rendering or publishing the
`selected chapter, the computer system looks to the relation(cid:173)
`ship of the elements in the first representation of the hier(cid:173)
`archy (the list of all chapters) and downloads from the web
`server the adjacent chapters. In this example, this would
`involve downloading chapters 3 and chapter 5. In a further
`embodiment, the computer system selects only a leaf ele(cid:173)
`ment of the second representation as a significant element
`during the download. See the Summary of the Invention, col.
`4, line 40 through col. 6, line 14.
`[0005] U.S. Pat. No. 5,832,212 to Cragun et al. discloses
`a censoring browser method for viewing downloaded and
`downloading Internet documents. The abstract describes the
`system as including a user profile including user selected
`censoring parameters. Data packet contents are received
`from the Internet and the packets are compared with the user
`selected censoring parameters. Responsive to the compari(cid:173)
`son, the received data packet contents are processed and
`selectively displayed. The user selected censoring param(cid:173)
`eters include censored words and word fragments, and user
`selected categories. Compared word and word fragments
`can be removed and selectively replaced with predefined
`characters or acceptable substitute words. Tallies of weights
`for user selected categories are accumulated and compared
`with used selected threshold values. A predefined message
`can be displayed responsive to an accumulated tally exceed(cid:173)
`ing a user selected threshold value without displaying the
`received data packet contents.
`[0006] U.S. Pat. No. 6,094,483 to Fridrich discloses an
`encryption methodology hiding data and messages in
`images. In one application of the system in Fridrich '483, a
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 022
`
`
`
`US 2003/0182435 Al
`
`Sep.25,2003
`
`2
`
`method is disclosed of embedding a secret digital square
`image with 256 gray levels within an image carrier. The
`secret image is first encrypted using a chaotic Baker map.
`The resulting image is a random collection of pixels with
`randomly distributed gray levels without any spatial corre(cid:173)
`lations. The carrier image is twice the size (height and width
`or 2nx2 m) the secret image with 256 gray levels. The carrier
`image is modified according to a mathematical formula.
`
`[0007] U.S. Pat. No. 5,485,474 to Rabin discloses a
`scheme for information dispersal and reconstruction. Infor(cid:173)
`mation to be transmitted or stored is represented as N
`elements of a field or a computational structure. These N
`characters of information are grouped into a set of n pieces,
`each containing m characters. col. 1, lines 37-46. The system
`is used for fault tolerance storage in a partitioned or distrib(cid:173)
`uted memory system. Information is disbursed into n pieces
`so that any m pieces suffice for reconstruction. The pieces
`are stored in different parts of the memory storage medium.
`A fairly complex mathematical algorithm is utilized to
`provide reconstruction of the information utilizing no fewer
`than m pieces.
`
`[0008] U.S. Pat. No. 6,192,472 Bl to Garay et al. discloses
`a method and apparatus for the secure distributed storage
`and retrieval of information. Garay' 472 identifies the prob(cid:173)
`lem as how to store information in view of random hardware
`or telecommunications failures. Col. 1, lines 17-20. The
`initial solution is to replicate the stored data in multiple
`locations. Col. 1, lines 28-31. Another solution is to disburse
`the information utilizing in Information Disbursal Algorithm
`(IDA). The basic approach taking in IDA is to distribute the
`information F being stored among n active processors in
`such a way that the retrieval of F is possible even in the
`presence of up to t failed (inactive) processors. Col. 1, lines
`40-44. Another issue is the utilization of cryptographic tools.
`With the use of tools called distributed fingerprints (hashes),
`the stored data is distributed using the fingerprints and
`coding functions to determine errors. In this way, the correct
`processors are able to reconstruct the fingerprint using the
`code's decoding function, check whether the pieces of the
`file F were correctly returned, and finally reconstruct F from
`the correct pieces using the IDA algorithm. Col. 2, lines
`50-59. Garay '472 also discloses the use of Secure Storage
`and Retrieval of Information (SSRI) with the added require(cid:173)
`ment of confidentiality of information. Col. 3, line 56. With
`this added requirement, any collision of up to t processors
`( except ones including the rightful owner of the information)
`should not be able to learn anything about the information.
`Confidentiality of information is easily achieved by encryp(cid:173)
`tion. Col. 3, lines 56-61. The issue involves encryption key
`management, that is, the safe deposit of cryptographic keys.
`Garay '472 discloses confidentiality protocol utilizing dis(cid:173)
`tributed key management features. This mechanism allows
`the user to keep his or her decryption key shared among
`several n servers in such a way that when the user wants to
`decrypt a given encrypted text, the user would have to
`interact with a single server (the gateway) to obtain the
`matching plaintext while none of the servers (including the
`gateway) gets any information about the plaintext. Col. 4,
`lines 5-14.
`
`[0009] U.S. Pat. No. 5,996,011 to Humes discloses a
`system and a method for filtering data received over the
`Internet by a client computer. The system restricts access to
`objectionable or target data received by a client computer
`
`over an Internet by a web server by filtering objectionable
`data from the data received. The Humes '011 system filters
`the data "on the fly." Further, the Humes '011 system can be
`applied to process any type of target data from the data
`received and displayed to the user. Col. 2, lines 32-44. If the
`web page requested by the user contains only a minimum
`amount of objectionable or target data, the user receives only
`a portion of the filtered web page for viewing. Hume '011
`also provides that if the web page contains a large amount
`of objectionable material, the system blocks the entire
`display of the web page on the user's computer monitor. Col.
`2, lines 56-62. Hume '011 provides three levels of filtering.
`At the first level, if the domain name contains objectionable
`words or material, the initial download from the domain is
`blocked. At the second level, the text in the download is
`filtered and objectionable words are replaced with a prede(cid:173)
`termined icon, for example, "---". Col. 3, lines 32-35. The
`filter uses a dictionary. Col. 3, lines 45-48. The filtered out
`words are counted. If the final score of "filtered out" material
`exceeds a predetermined threshold, the entire page is
`blocked from the user's view. Col. 4, lines 2-4.
`
`[0010] U.S. Pat. No. 5,905,980 to Masuichi, et al., dis(cid:173)
`closes a document processing apparatus for processing vari(cid:173)
`ous types of documents, a word extracting apparatus for
`extracting a word from a text item including plural words, a
`word extracting method used in the document processing
`apparatus, and a storage medium for storing a word extract(cid:173)
`ing program. Extracted words are associated with other
`words via an algorithm. The extracted words and associated
`words are used as a search index for the document.
`
`[0011] U.S. Pat. No. 5,996,011 to Humes discloses a
`computer based system and method for filtering data
`received by a computer system, and in particular, for filter(cid:173)
`ing text data from World Wide Web pages received by a
`computer connected to the Internet, for purposes of restrict(cid:173)
`ing access to objectionable web sites.
`
`[0012] U.S. Pat. No. 6,148,342 to Ho discloses a system
`for managing sensitive data. The system prevents a system
`administrator from accessing sensitive data by storing data
`and identifier information on different computer systems.
`Each query from a user's terminal is encrypted using two
`codes, the first code readable only by an identifier database
`and a second code readable only by a data access database.
`The data is routed from the user's source terminal to the
`identifier database at the first computer. The first computer/
`identifier database first verifies the user's ID and the security
`clearance for the requested information and substitutes a
`second internal ID to the data packet/query. The modified
`query is then presented to the data access database (the
`second computer) and, subject to a second security clear(cid:173)
`ance, the response to the data query is sent back to the user's
`source terminal.
`
`[0013] A publication entitled "Element-Wise XML
`Encryption" by H. Maruyama T. Imamura, published by
`IBM Research, Tokyo Research Laboratory, Apr. 20, 2000
`discloses a protocol or process wherein certain parts of an
`XML document are encrypted and the balance of the plain(cid:173)
`text is not encrypted. The protocol is useful in three party
`transactions, for example, when a buyer sends an order in an
`XML document to a merchant which contains the buyer's
`credit card information. The credit card information is sent
`to a credit company and the merchant does not need to know
`
`MOBILEIRON, INC. - EXHIBIT 1011
`Page 023
`
`
`
`US 2003/0182435 Al
`
`Sep.25,2003
`
`3
`
`the credit number as long as he obtains clearance or autho(cid:173)
`rization from the credit card company. Another instance is an
`access control policy which requires a certain part of an
`XML document to be readable only by a privileged user (for
`example, a manager could access the salary field in an
`employee records but others could only access name, phone
`and office fields). The Imamura article discusses encryption
`protocol, the delivery of keys and the utilization of com(cid:173)
`pression. The article does not discuss separate storage of the
`critical data apart from the plaintext of the XML document.
`[0014] The Ingrain ilO0 Content Security Appliance prod(cid:173)
`uct brochure, available in June, 2001, discloses a system
`coupled to multiple web servers (computers) to accelerate
`secured transactions between multiple client computers
`(over the Internet) and prevents Secure Sockets Layer SSL
`performance bottlenecks by performing high-performance
`SSL handshakes and encrypting all data sent to back end
`servers using long-lived SSL session.
`[0015] An article entitled "Survivable Information Storage
`Systems" by J. Wylie M. Bigrigg, J. Strunk, G. Ganger, H.
`Kiliccote, and P. Khosla, published August, 2000 in COM(cid:173)
`PUTER, pp. 61-67, discloses a PASIS architecture which
`combines decentralized storage system technologies, data
`redundancy and encoding and dynamic self-maintenance to
`create survivable information storage. The Bigrigg article
`states that to achieve survivability, storage systems must be
`decentralized and must spread information among indepen(cid:173)
`dent storage nodes. The decentralized storage systems par(cid:173)
`tition information among nodes using data distribution and
`redundancy schemes commonly associated with disc array
`system such as RAID (redundancy array of independent
`discs) insuring scalable performance for tolerance. P. 61.
`Thresholding schemes-also known as secret sharing
`schemes or information disbursal protocols-offer an alter(cid:173)
`native to these approaches which provide both information
`confidentiality and availability. These schemes and codes,
`replicate, and divide information to multiple pieces or shares
`that can be stored at different storage nodes. The system can
`only reconstruct the information when enough shares are
`available. P. 62. The PASIS architecture combines decen(cid:173)
`tralized storage systems, data redundancy and encoding and
`dynamic self-maintenance to achieve survivable information
`storage. The PASIS system uses threshold schemes to spread
`information across a decentralized collection of storage
`nodes. Client-side agents communicate with the collection
`of storage node to read and write information, hiding decen(cid:173)
`tralization from the client system. P. 62. The device main(cid:173)
`tains unscrubable audit logs-that is, they cannot be erased
`by client-side intruders-security personal can use the logs
`to partially identify the propagation of intruder-tainted infor(cid:173)
`mation around the system. P. 63. The article states that, as
`with any distributed storage system, PASIS requires a
`mechanism that translates object names-for example file
`names-to storage locations. A directory service maps the
`names of information objects stored in a PASIS system to
`the names of the shares that comprised