Method, device, terminal and program for controlling activation of a terminal

Abstract

A method for activating a first terminal from a second terminal, the first terminal and the second terminal being connected via a communication network. The method includes associating the first terminal with the second terminal, detecting an action on an input peripheral device associated with the second terminal, and transmitting a notification to the first terminal, the notification having at least one command suitable for authorizing unlocking of the first terminal.

Claims

1. A method for activating a first terminal from a second terminal, the first terminal and the second terminal being associated and connected via a communication network, the method being comprising the following acts performed by the second terminal: detecting an action on an input peripheral device associated with the second terminal, in a predefined rectangular zone on a screen of the second terminal having at least one side contiguous with an edge of the screen of the second terminal, wherein the action moves a pointer, and at least one dimension of the predefined rectangular zone is determined according to a speed of movement of the pointer; and transmitting a notification to the first terminal, the notification comprising at least one command suitable for unlocking the first terminal.

2. The method according to claim 1, further comprising associating the first terminal with the second terminal by exchanging at least one encryption key between the first and second terminals, the notification transmitted to the first terminal comprising at least one datum encrypted using the encryption key.

3. The method according to claim 1, wherein the input peripheral device is a pointing peripheral device.

4. The method according to claim 1, wherein the second terminal is also configured to transmit to the first terminal interactions detected on input peripheral devices when the pointer reaches said edge of the screen of the second terminal.

5. A device for activating a terminal, the terminal being connected to and associated with the device via a communication network, the device comprising: a processor; and a non-transitory computer-readable medium comprising instructions stored thereon which when executed by the processor configure the device to perform acts comprising: detecting an action on an input peripheral device associated with the device, in a predefined rectangular zone on a screen of the device having at least one side contiguous with an edge of the screen of the device, wherein the action moves a pointer, and at least one dimension of the predefined rectangular zone is determined according to a speed of movement of the pointer; and transmitting a notification to the terminal, the notification comprising at least one command suitable for authorizing unlocking of the terminal.

6. The device according to claim 5, wherein the device is implemented in a terminal that is distinct from the terminal that is connected to the device over the communication network.

7. A non-transitory computer-readable medium comprising a computer program stored thereon and comprising instructions execution of a method for activating a first terminal from a second terminal, when the instructions are executed by a processor of the second terminal, the first terminal and the second terminal being associated and connected via a communication network, the instructions configuring the second terminal to perform acts comprising: detecting an action on an input peripheral device associated with the second terminal, in a predefined rectangular zone on a screen of the second terminal having at least one side contiguous with an edge of the screen of the second terminal, wherein the action moves a pointer, and at least one dimension of the predefined rectangular zone is determined according to a speed of movement of the pointer; and transmitting a notification to the first terminal, the notification comprising at least one command suitable for unlocking the first terminal.

Description

BRIEF DESCRIPTION OF THE FIGURES

(1) Other features and advantages will become apparent on reading preferred embodiments described with reference to the figures in which:

(2) FIG. 1 represents an architecture suitable for implementing the method according to a particular embodiment,

(3) FIG. 2 illustrates the steps of the activation method according to a particular embodiment,

(4) FIG. 3 represents a terminal on which a virtual screen is configured, and

(5) FIG. 4 represents the architecture of a device suitable for implementing the method.

DETAILED DESCRIPTION

(6) FIG. 1 represents a local area network 102 to which are connected a portable computer 100 and a mobile terminal 101. The local area network is for example a wireless network of WiFi type comprising a WiFi router 103. Any other network architecture allowing the terminals 100 and 101 to communicate with one another can however be used to implement the method. For example, the network 102 can correspond to an ad hoc WiFi or Bluetooth connection between the terminals 100 and 101. The terminals 100 and 101 can also communicate via a cellular data connection of the terminal 101, by a wired connection or by any other known communication means.

(7) The terminal 101 can be a mobile terminal, a tablet, a personal computer, a television or any other terminal suitable for being controlled by input peripheral devices of the terminal 100. The terminal 101 can also comprise a touch screen.

(8) The computer 100 comprises at least one pointing device, for example a mouse 107 or a touch surface 106 allowing the user to move a pointer 104 on the screen in order to point to a particular zone on the screen.

(9) In particular, a user can use one of the pointing devices to move the pointer in a predefined zone 105. In FIG. 1, the predefined zone 105 is represented in the bottom right of the screen of the computer 100, but any other location of the predefined zone can be envisaged. Furthermore, the predefined zone can have a form, dimensions or proportions different from those represented in FIG. 1.

(10) FIG. 2 illustrates the steps of the activation method according to a particular embodiment.

(11) In a first step 200, the terminal 100 detects the terminal 101. The terminal 100 can detect the terminal 101 in several ways. For example, the terminal 101 can regularly broadcast an announcement message indicating its availability for an association. On reception of such an announcement message, the computer 100 can then present to the user an interface prompting him or her to associate the duly detected terminal. Obviously, several terminals 101 can be detected by the computer 100. The terminal 101 can for example broadcast the announcement message in accordance with the Bluetooth standard or via a WiFi network, by using for example the Apple Bonjour protocol or the UPnP standard (RFC6970 IETF Universal Plug and Play). Any technology allowing the discovery of a terminal by another terminal in order to exchange messages is suitable for implementing the invention.

(12) As a variant, the step of detection of the terminal 101 by the terminal 100 can comprise the explicit designation of the terminal 101, for example by means of an IP address of the terminal 101, of an SIP URI (RFC3261 IETF Session Initiation Protocol) or of a telephone number associated with the terminal.

(13) The detection of the terminal 101 by the terminal 100 can also be performed through a wired connection between the terminal 101 and the computer 100, for example by a USB connection of the terminal 101 to the computer 100.

(14) In a second step 201, the terminal 101 is associated with the terminal 100. For that, the terminal 100 generates a private key/public key pair. Such a private key/public key pair allows an asymmetrical encryption of a communication between the terminal 100 and the terminal 101: the public key PUK allows any terminal which has it to encrypt data which will only be able to be decrypted by a terminal holding the private key PRK. In this way, the computer 100 transmits an encryption key allowing the terminal 101 to send encrypted data that only the computer 100 which holds the corresponding private key will be able to decrypt.

(15) According to a first embodiment, the terminal 101 uses the public key received to encrypt a symmetrical encryption key SK specific to the terminal 101 and transmit it to the terminal 100.

(16) The terminals 100 and 101 thus have one and the same symmetrical encryption key SK making it possible to encrypt and decrypt messages that they exchange, this key having been exchanged securely by virtue of the public key transmitted by the terminal 100. The symmetrical encryption offers the advantage of being less costly than an asymmetrical encryption, and allows a saving of resources on the terminals.

(17) The confidentiality of the exchanges between the terminals 100 and 101 is thus guaranteed. Such an arrangement also allows the terminal 100, respectively 101, to authenticate the messages received from the terminal 101, respectively 100, because only they hold the key SK that makes it possible to encrypt/decrypt the messages.

(18) According to a particular embodiment, the method comprises a step of transmission, in a message encrypted using the symmetrical key SK by the terminal 101 intended for the terminal 100, of a code that makes it possible to unlock the terminal 101. The terminal 101 uses the public key received to encrypt an activation code suitable for authorizing the unlocking of the terminal 101.

(19) According to a particular embodiment, the code allowing the unlocking is associated on the terminal 101 with at least one validity criterion.

(20) The validity criterion is, for example, a time band allowing the unlocking of the terminal 101 only during a determined time period.

(21) The validity criterion can also correspond to a maximum number of unlockings authorized with the code. For example, the validity criterion can be configured so as to authorize only a single unlocking of the terminal 101 by the terminal 100, so that a second use of one and the same code to unlock the terminal results in a refusal to unlock the terminal.

(22) The validity criterion can also be a datum that makes it possible to identify one or more terminals authorized to use the code. It is thus possible to limit the use of a particular code to a particular terminal.

(23) The validity criterion can also be an IP address of a terminal authorized to use the code, a range of IP addresses corresponding to a computer network such as the network 102, from which the use of the code to unlock the terminal 101 is possible.

(24) In the step 202, the terminal 100 detects an action of the user on an input peripheral device 107 or 106 associated with the terminal 100. The computer 100 detects, for example, a particular movement of the pointer 104 by means of the mouse 107 or of the touch surface 106.

(25) The detected movement can be particular in that the movement of the pointer 104 on the screen of the terminal 100 describes a particular pattern. For example, an action can be detected when the movement of the pointer 104 corresponds to a circle, a rectangle, a broken line or any other geometrical pattern. The detection of the pattern is performed in a known manner from a history of the positions occupied by the pointer over a predetermined time period, and/or by the closing of a geometrical form by a returning of the pointer to an initial position. According to a particular embodiment, the action is detected when the pointer is moved successively from one corner of the screen to another corner of the screen of the computer 100, for example from the top right corner of the screen to the bottom right corner of the screen.

(26) According to a particular embodiment, the terminal 100 detects an action when the pointer 104 is moved into a particular zone of the screen, for example into the zone 105 represented in FIG. 1. The zone 105 is for example a rectangular zone with a height substantially equal to the height of the screen of the terminal 101 and positioned in such a way that at least one side of the rectangular zone corresponds to an edge of the screen. In this way, when the terminal 101 is positioned to the right of the screen as in FIG. 1, by using for example a suitable support, the screen of the terminal 101 is located in the extension of the detection zone 105. The detection zone can be positioned differently depending on whether the terminal 101 is positioned on the right, on the left, above or below the screen of the terminal 100. Such an arrangement is advantageous in as much as the keyboard sharing software generally triggers the transfer of the keyboard and mouse commands from a first terminal to an associated second terminal when the mouse pointer reaches a predefined edge of the screen of the first terminal: the side of the detection zone 105 thus corresponds to the edge of the screen configured to trigger a transfer of the mouse/keyboard interactions to the terminal 101. In this way, the pointer 104 is detected in the zone 105 before reaching the right edge of the screen of the computer 100 of FIG. 1.

(27) According to a particular embodiment, the width of the detection zone 105 is modified according to the speed of movement of the pointer 104 on the screen of the terminal 101. The width of the zone 105 is then determined by a time T needed for the pointer 104 to horizontally cover the zone 105. For that, the computer 100 measures the speed of movement of the pointer and determines the width of the zone 105 so that the movement of the pointer 104 from one side to the other of the zone 105 at the measured speed corresponds to the time T. For example, if the width of the zone 105 is configured with a time T equal to 20 milliseconds and the computer 100 observes that the pointer covers 5 centimeters in 10 milliseconds, a zone 10 centimeters wide will be defined.

(28) According to a particular embodiment, the time T is determined according to the time needed to unlock the terminal 101. In this way, between the moment when the pointer 104 enters into the zone 105 from the left and the moment when the pointer 104 reaches the right edge of the screen of the computer 100, the terminal 101 has been able to be unlocked.

(29) Obviously, in the description relating to the detection zone 105 above, the terms width and height of the zone can be reversed depending on the relative position of the terminal in relation to the screen. Thus, when the terminal is positioned above or below the screen of the terminal 100, the detection zone 105 has a width substantially equal to the width of the screen of the terminal 101.

(30) When an action is detected in the step 202, the computer 100 implements a step 203 of transmission of a notification to the terminal 101, the notification comprising at least one command suitable for unlocking the first terminal. The notification is for example a message encrypted using the encryption key SK exchanged in the association step 201. The notification can also be a message of push notification type, the sending of which is triggered by the computer 100.

(31) Such a notification comprises an unlock command such as an unlock code transmitted to the computer 100 by the terminal 101 in the association step.

(32) On reception of such a notification, the terminal 101 decrypts the message and checks the validity of the unlock code. If the unlock code is valid, that is to say if it bears out the criteria described previously, the terminal 101 is unlocked and a confirmation message is sent to the computer 100.

(33) The computer 100 receives the unlock confirmation in a step 204 during which a virtual screen 300 contiguous to the detection zone 105 is configured on the computer 100, as represented in FIG. 3. The virtual screen 300 has dimensions substantially equal to the dimensions of the screen of the terminal 100. When the pointer 104 reaches the right edge of the detection zone 105, the movement of the pointer is extended to the screen of the terminal 101 so as to reflect, on the screen of the terminal 101, the movements of the pointing device associated with the terminal 100. For that, the terminal 100 regularly transmits to the terminal 101 the coordinates of the pointer 104 as well as other interactions of the user with the pointing device, for example information according to which the user has pressed on a button of the mouse 107. Such a configuration of a virtual screen to extend the movements of a pointer to the screen of a terminal distinct from the terminal to which the pointing device is linked is known to the person skilled in the art, so it will not be detailed here in more detail.

(34) The activation method thus makes it possible to perform an unlocking of the terminal 101 from a pointing peripheral device associated with the computer 100. In this way, the user does not have to perform any manipulation on the terminal to perform the unlocking. The use of a detection zone such as the zone 105 described previously makes it possible to anticipate the arrival of the pointer in the virtual screen zone. Thus, the terminal 101 can be unlocked before the pointer reaches the configured virtual screen. In this way, the user does not wait for the unlocking to continue a movement of the pointer to the virtual screen corresponding to the screen of the terminal, and the user experience is enhanced thereby.

(35) FIG. 4 represents the hardware architecture of a device 400 suitable for implementing the activation method according to a particular embodiment.

(36) The device 400 comprises a storage space 401, for example a memory MEM, a processing unit 402 equipped for example with a processor PROC. The processing unit can be driven by a program 403, for example a computer program PGR, implementing the allocation method as described above with reference to FIG. 2, and in particular the steps of association of the device with a terminal, of detection of an action on an input peripheral device associated with the device, and of transmission of a notification to the terminal, the notification comprising at least one command suitable for unlocking the terminal. According to a particular embodiment, the computer program PGR is configured to implement the method according to the different embodiments or features described previously.

(37) On initialization, the instructions of the computer program 403 are for example loaded into a RAM (Random Access Memory in English) memory before being executed by the processor of the processing unit 402. The processor of the processing unit 402 implements the steps of the activation method according to the instructions of the computer program 403.

(38) For that, the device 400 comprises a module 404 for associating the device with a terminal. Such a module can comprise means for detecting a terminal and for memorizing an association of the device with the terminal. The detection means are for example implemented by a computer program comprising instructions suitable for execution by the processor PROC of the device 400 and configured to receive, from a communication interface of the device, an announcement or discovery message broadcast by a terminal. The association module also comprises means for generating a private key/public key pair suitable for encrypting a communication with a detected terminal and for receiving, securely from the terminal, an authentication element allowing the terminal to be unlocked by the device. The association means comprise computer program instructions configured to generate a pair of private/public keys, for example by implementing an algorithm of RSA type, the instructions being suitable for execution by a processor such as the processor PROC. The association module further comprises a memory, for example a database, suitable for memorizing the keys generated in association with an identifier of the detected terminal.

(39) The device 400 also comprises a module 405 for detecting an action on an input peripheral device 406 associated with the device. Such a module is for example implemented by computer program instructions configured to detect interactions of a user on an input peripheral device associated with the device and suitable for execution by the processor PROC of the device. For example, the instructions are configured to obtain coordinates of a pointer of a mouse connected to a screen of the device, and determine, from the coordinates obtained, that a particular action has been performed by checking that the coordinates obtained correspond to a predetermined movement whose characteristics are memorized beforehand in a memory of the device. The input peripheral device 406 is for example a computer mouse, a touch surface, a keyboard or any other device allowing a user to interact with the device.

(40) According to a particular embodiment, the detection module is suitable for detecting the movement of a pointer associated with the pointing device 406 in a particular zone of a screen 408 of the device. For that, the detection module comprises computer program instructions configured to obtain coordinates on the screen 408 of a pointer associated with the input peripheral device 406 and compare these coordinates with the coordinates of a defined zone on the screen of the device. The instructions are also configured so that, when the comparison indicates that the pointer is moving or is situated within the zone defined on the screen, the detection module commands the communication module 407 the transmission of a notification suitable for unlocking the terminal.

(41) Optionally, the device can comprise a module for determining at least one dimension of the detection zone according to the speed of movement of the pointing device. For that, the determination module can comprise a memory in which are memorized instructions configured to compute a speed of movement of a pointer on a screen of the device, for example by obtaining, at regular intervals, the position of the pointer. The instructions are also configured to define a dimension of the detection zone in correlation with the determined speed, such that the greater the measured speed, the greater the size of the detection zone.

(42) The device 400 further comprises a communication module 407 configured to transmit a notification to the first terminal, the notification comprising at least one authentication datum suitable for unlocking the first terminal. The communication module is for example an Ethernet, WiFi or Bluetooth network interface, a cellular network interface or even a serial communication link such as a USB cable. The communication module is for example driven by computer program instructions suitable for generating a message comprising an encrypted element generated by the association module 404, and suitable for authorizing the unlocking of the terminal associated with the device when the terminal receives the message comprising such an encrypted element.

(43) According to a particular embodiment, the device is incorporated in a personal computer, a mobile terminal or a tablet.