Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Method and Apparatus for Building and Maintaining a Secure Block of Information which Follows a User's Interaction with a Computing Environment

IP.com Disclosure Number: IPCOM000132105D
Original Publication Date: 2005-Dec-01
Included in the Prior Art Database: 2005-Dec-01
Document File: 2 page(s) / 28K

Publishing Venue

IBM

Abstract

Increasingly users have to interact with multiple computing devices on an everyday basis. Even though the systems are all (or mostly) connected or connectable to one another, the devices typically have all sorts of "point-to-point" mechanisms for replicating information between them. Many of these mechanisms are tied to the applications used rather than the user that is using them. This article proposes a solution, termed "Shadow Vault", for people who want to be in control of "their information" - but still have access to this information from whereever they might be working. Like a "shadow", the "Shadow Vault" keeps a set of information "close to" (on the device on which the user is interacting at the moment) the user. When the user moves to a different device - their data (in the "Shadow Vault") moves with them.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 1 of 2

Method and Apparatus for Building and Maintaining a Secure Block of Information which Follows a User's Interaction with a Computing Environment

People nowadays have to interact with multiple computing devices on an everyday basis. In many cases, the "connecting entity" between these different devices is the person themselves. Even though the systems are all (or mostly) connected or connectable to one another, the devices typically have all sorts of "point-to-point" mechanisms for replicating information between them. Many of these mechanisms are tied to the applications used rather than the user that is using them. A solution is needed to improve user experience and take user mobility into account.

Solution

A "Shadow Vault" is a solution for people who want to be in control of "their information" - but still have access to this information from whereever they might be working. Like a "shadow", the "Shadow Vault" keeps a set of information "close to" (on the device on which the user is interacting at the moment) the user. When the user moves to a different device - their data (in the "Shadow Vault") moves with them. Users may be simultaneously using multiple devices (e.g. TiVo + Notebook Computer + cell phone is a common combination). To cover these cases, the "Shadow Vault" can be present on multiple devices simultaneously. Updates to the information on one device are reflected in the "Shadow Vault" on all other devices that are simultaneously holding the information.

Important to the concept of the "Shadow Vault" is the notion of data DELETION from systems on which the vault is held. By deleting the data (either explicitly as the user moves from system to system, or using the "lifespan" feature where the information expires and is deleted) the "Shadow Vault" moves with the user and is not merely "replicated around".

The "Shadow Vault" is always encrypted - both in memory and on persistent storage elements such as memory sticks, SIM cards, smart cards, and disk-based storage devices. Furthermore, "system identity" can be tied to a system's TCPA device configuration - if a system is configured to be using a TCPA device. Use of such devices can provide a hardware-protected level of security in identifying, setting up, and maintaining the "cluster" of devices configured to be able to use/hold the "Shadow Vault".

Following are some use models, mechanics, and algorithms:

Create a "Shadow Vault" that "follows me around wherever I go (whatever device I am using). Once the user is identified to the device, the device communicates with other devices in the cluster to est...