{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-9853954","patent":{"patent_number":"US-9853954","title":"Protecting sensitive information using an untrusted device","assignee":null,"inventors":[],"filing_date":"2014-11-10T00:00:00.000Z","publication_date":"2017-12-26T00:00:00.000Z","cpc_codes":["H04L","G06F","H04L","H04L","H04L","H04L","H04L","H04L","H04L","H04L"],"num_claims":12,"abstract":"The invention relates to information processing field, and discloses a method for protecting sensitive information, comprising: determining that the sensitive information is required by a server; transmitting first information to a trusted device connected to the untrusted device, where the first information enables the sensitive information to be transmitted from the trusted device to the server, wherein the sensitive information is input on the trusted device; receiving second information transmitted by the trusted device, the second information is generated based on the first information and includes the sensitive information encrypted with a first secret key, wherein the first secret key meets one of the following: the untrusted device does not know the first secret key; the untrusted device knows the first secret key but is unable to use the first secret key to decrypt the encrypted sensitive information; forwarding the second information to the server."},"analysis":{"summary":"The Protecting Sensitive Information Using an Untrusted Device patent addresses the critical challenge of securing sensitive data on devices that are not fully trusted, such as personal smartphones or public computers. The core innovation lies in employing a trusted device to encrypt sensitive information before it is transmitted to or accessed by the untrusted device. This approach effectively isolates the sensitive data, preventing unauthorized access even if the untrusted device is compromised. The problem being solved is the increasing vulnerability of sensitive data in environments where users rely on devices that may not have adequate security measures. \n\nThe key technical approach involves determining when sensitive information is required by a server, then transmitting instructions to a trusted device connected to the untrusted device. The trusted device, which could be a hardware security module (HSM) or a secure enclave, encrypts the sensitive information using a secret key. Critically, this key is either unknown to the untrusted device or cannot be used by it to decrypt the data. The encrypted data is then forwarded to the server, ensuring confidentiality. \n\nThe business value of this technology is significant. It enables organizations to confidently allow employees to use their own devices (BYOD) without compromising data security. This can lead to increased productivity, reduced IT costs, and improved compliance with data protection regulations. The market opportunity is vast, encompassing any organization that handles sensitive data, including healthcare providers, financial institutions, and government agencies. The ability to securely access sensitive information from any device opens up new possibilities for remote work, mobile payments, and other innovative applications. \n\nThis technology provides a robust and cost-effective solution for protecting sensitive data in an increasingly interconnected world. Its potential to mitigate data breaches and enhance data security makes it a valuable asset for any organization seeking to maintain a strong security posture.","layman_explanation":"Protecting Sensitive Information Using an Untrusted Device addresses a common problem in today's digital world: how to securely access sensitive information when using devices that may not be secure, like personal smartphones or public computers. The invention ensures that even if the device is compromised, your data remains safe. \n\nThink of it like this: imagine you need to share a confidential document with a colleague, but you only have access to a public computer at a coffee shop. This public computer is the untrusted device. To protect the document, you use a special encryption tool on your secure laptop (the trusted device) to scramble the document into an unreadable format. You then send this scrambled version to the public computer, and your colleague can only unscramble it using a special key that only you and they possess. \n\nThe real-world impact is significant. Companies can allow employees to use their own devices for work without worrying about data breaches. Healthcare providers can securely access patient records from anywhere. Financial institutions can protect sensitive customer data during mobile transactions. The value lies in increased security, reduced risk, and greater flexibility. \n\nLooking ahead, this technology could be integrated into various applications, from mobile banking to cloud storage. As more and more people rely on untrusted devices for accessing sensitive information, solutions like this will become increasingly important.","technical_analysis":"Protecting Sensitive Information Using an Untrusted Device introduces a layered security architecture to mitigate the risks associated with using untrusted devices for accessing sensitive data. The architecture comprises three primary components: the server requesting sensitive information, the untrusted device initiating the request, and the trusted device responsible for encryption and secure transmission. The core technical concept revolves around offloading the encryption process to a trusted device, ensuring that the untrusted device never has direct access to the unencrypted data. \n\nThe implementation details involve establishing a secure communication channel between the untrusted device and the trusted device. This channel is used to transmit instructions from the untrusted device to the trusted device, indicating that sensitive information is required. The trusted device then retrieves the sensitive information, encrypts it using a secret key, and transmits the encrypted data back to the untrusted device. The untrusted device forwards the encrypted data to the server. The choice of encryption algorithm and key management strategy is crucial for the overall security of the system. Advanced encryption standards (AES) or RSA can be employed, along with robust key management protocols to prevent unauthorized access to the encryption keys. \n\nOne of the key performance considerations is the latency introduced by the encryption process. The trusted device must be capable of performing encryption operations quickly and efficiently to minimize the impact on user experience. Hardware security modules (HSMs) can be used to accelerate encryption operations and provide a secure environment for key storage. The integration patterns for this technology will vary depending on the specific use case. In a mobile environment, the trusted device could be a secure enclave within the mobile device or a separate hardware token. In a cloud environment, the trusted device could be a virtual HSM running within the cloud infrastructure. \n\nCode-level implications involve implementing secure communication protocols between the untrusted device and the trusted device. This can be achieved using TLS/SSL or other secure transport protocols. The code must also be designed to handle potential errors and exceptions gracefully, ensuring that sensitive data is not exposed in the event of a failure. Performance characteristics can be optimized by using asynchronous communication patterns and caching frequently accessed data. The system must also be designed to scale to handle a large number of concurrent users and devices.","business_analysis":"The Protecting Sensitive Information Using an Untrusted Device patent presents a significant business opportunity in the rapidly growing market for data security solutions. The increasing prevalence of remote work, BYOD policies, and mobile devices has created a critical need for solutions that can protect sensitive data on devices that are not fully trusted. This technology addresses this need by providing a robust and cost-effective way to secure data on untrusted devices. The market opportunity size is substantial, encompassing a wide range of industries, including healthcare, finance, government, and education. \n\nThe competitive advantages of this technology include its layered security architecture, its ability to isolate sensitive data from untrusted devices, and its compatibility with existing IT infrastructure. Unlike traditional security solutions that focus on securing the device itself, this technology focuses on securing the data, regardless of the device used to access it. This provides a more robust and flexible approach to data security. The revenue potential for this technology is significant. Potential revenue streams include licensing fees, subscription fees, and professional services. The business model could involve licensing the technology to software vendors, offering it as a managed security service, or integrating it into existing security products. \n\nThe strategic positioning of this technology is strong. It aligns with the growing trend towards zero-trust security models, which assume that no device or user can be trusted by default. This technology provides a key building block for implementing a zero-trust architecture. The ROI projections for this technology are attractive. By reducing the risk of data breaches and improving compliance with data protection regulations, this technology can generate significant cost savings for organizations. The improved security posture can also enhance customer trust and confidence, leading to increased revenue and market share. \n\nThis technology has the potential to disrupt the data security market by providing a more effective and efficient way to protect sensitive data on untrusted devices. Its innovative approach and strong business value proposition make it an attractive investment opportunity.","faqs":null,"topics":["data security","untrusted devices","encryption","trusted device","patent","protecting","sensitive","information"],"tech_cluster":null},"seo":{"title":"Protecting Sensitive Information Using an Untrusted Device - Secure Data","description":"Discover how Protecting Sensitive Information Using an Untrusted Device ensures data security on untrusted devices. Learn about encryption and trusted device technology.","keywords":["data security","untrusted devices","encryption","trusted device","patent","patent US-9853954","mobile security","remote work security"]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-9853954","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-9853954","citation_suggestion":"Patentable. \"Protecting sensitive information using an untrusted device\" (US-9853954). https://patentable.app/patents/US-9853954","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-9853954","json":"https://patentable.app/api/llm-context/US-9853954","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-30T10:29:44.641Z"}