Data protection for organizations on computing devices

Assignee

• MICROSOFT TECHNOLOGY LICENSING, LLC · US

Inventors

• Preston Derek Adam · Woodinville, US
• Peter Novotney · Seattle, US
• Nathan J. Ide · Bothell, US
• Innokentiy Basmov · Redmond, US
• Narendra S. Acharya · Kirkland, US
• Octavian T. Ureche · Renton, US
• Saurav Sinha · Kirkland, US
• Gopinathan Kannan · Redmond, US
• Christopher R. Macaulay · Seattle, US
• Michael Grass · Hanstedt, DE

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2143
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

An application on a device can communicate with organization services. The application accesses a protection system on the device, which encrypts data obtained by the application from an organization service using an encryption key, and includes with the data an indication of a decryption key usable to decrypt the encrypted data. The protection system maintains a record of the encryption and decryption keys associated with the organization. The data can be stored in various locations on at least the device, and can be read by various applications on at least the device. If the organization determines that data of the organization stored on a device is to no longer be accessible on the device (e.g., is to be revoked from the device), a command is communicated to the device to revoke data associated with the organization. In response to this command, the protection system deletes the decryption key.