Browse Prior Art Database

A method/system to enable data privacy protection with mobile device

IP.com Disclosure Number: IPCOM000198081D
Publication Date: 2010-Jul-26
Document File: 2 page(s) / 182K

Publishing Venue

The IP.com Prior Art Database

Abstract

Data security and privacy are very important for nowadays online hosting applications, especially in the SaaS era. But the client-side PC is still not secure enough. Phishing, wireless sidejacking, and trojan can steal user account info or tamper the transaction. The information leakage could happen in the scenarios include but not limited to the follows: Read Bank account, share content to friends… Mobile workers - share critical business data to colleagues Distributed healthcare – clinic doctor views patients’ profiles locally Outsourcing – sensitive data might be read by call center agents Web2.0 mashup services

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 55% of the total text.

Page 1 of 2

A method/system to enable data privacy protection with mobile device

Our invention includes the following steps:
Step0: Phone initialization, Distribute decryption function and user key KeyU into mobile device
Step1: Rule Definition, Application owner decides which data field to be obscured
Step2: Masking, Before distribution to client-side, the value of the data field is encrypted w/ random

KeyA
Step3: Key chain management, KeyA is encrypted by KeyU and sent to user's mobile device through

telco-network (another channel, SMS, etc)

Step4: Downloading, The webpage w/ encrypted data and necessary JS is downloaded into Browser. Step5: QR rendering, (

is provided in a way the mobile device can recognize (e.g. QR

code), shown by the JS
Step6: Phone capturing, The mobile device captures the QR-code picture of encrypted data
Step7: Mashup displaying, The mobile device retrieves KeyA to decrypt the Value w/ and merge the

foreground and background to show on in the phone screen

Value)KeyA

Our approach

Step 4

Step 4

Application Server

Step1

Step1

(Value)KeyA

•The webpage w/ encrypted data and necessary JS is downloaded into Browser.

•(Value)KeyA is provided in a way the mobile device can recognize (e.g. QR code)

Cipher text

•The webpage w/ encrypted data and necessary JS is downloaded into Browser.

•(Value)KeyA is provided in a way the mobile device can recognize (e.g. QR code)

Application owner decides which data field to be obscured

Application owner decides

which data field to...