System and method for providing network security to mobile devices
DCFirst Claim
Patent Images
1. A system, comprising:
- a mobile device including at least one mobile device processor, mobile device memory and a mobile device data port, the mobile device memory having data transfer code and a data transfer policy thereon,the data transfer code being configured to disable all data transfer via resident devices resident on the mobile device, when the mobile device is outside of any of one or more trusted networks and when a trusted security device is not coupled to the mobile device data port of the mobile device,the data transfer code being configured to determine whether the mobile device is on any of the one or more trusted networks by searching for a predetermined network device on the one or more trusted networks,the data transfer code being configured to enable data transfer via at least one of the resident devices, when the mobile device is outside of any of the one or more trusted networks and only if the trusted security device is coupled to the mobile device data port of the mobile device,the data transfer policy including information for identifying the one or more trusted networks, andthe mobile device including a redirector executable by the at least one mobile device processor to redirect particular incoming data from the mobile device to a particular trusted security device; and
the particular trusted security device including at least one security device processor, security device memory and a security device data port, the security device data port configured to couple to the mobile device data port, the at least one security device processor being different than the at least one mobile device processor, the security device memory including security code and a security policy thereon,the security code configured to receive the particular incoming data before the at least one mobile device processor processes the particular incoming data,the security code configured to evaluate the particular incoming data for malware to implement the security policy as it relates to the particular incoming data; and
the security code configured to prevent at least a portion of the particular incoming data from being processed by the at least one mobile device processor or configured to modify at least a portion of the particular incoming data before being processed by the at least one mobile device processor.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.
189 Citations
14 Claims
-
1. A system, comprising:
-
a mobile device including at least one mobile device processor, mobile device memory and a mobile device data port, the mobile device memory having data transfer code and a data transfer policy thereon, the data transfer code being configured to disable all data transfer via resident devices resident on the mobile device, when the mobile device is outside of any of one or more trusted networks and when a trusted security device is not coupled to the mobile device data port of the mobile device, the data transfer code being configured to determine whether the mobile device is on any of the one or more trusted networks by searching for a predetermined network device on the one or more trusted networks, the data transfer code being configured to enable data transfer via at least one of the resident devices, when the mobile device is outside of any of the one or more trusted networks and only if the trusted security device is coupled to the mobile device data port of the mobile device, the data transfer policy including information for identifying the one or more trusted networks, and the mobile device including a redirector executable by the at least one mobile device processor to redirect particular incoming data from the mobile device to a particular trusted security device; and the particular trusted security device including at least one security device processor, security device memory and a security device data port, the security device data port configured to couple to the mobile device data port, the at least one security device processor being different than the at least one mobile device processor, the security device memory including security code and a security policy thereon, the security code configured to receive the particular incoming data before the at least one mobile device processor processes the particular incoming data, the security code configured to evaluate the particular incoming data for malware to implement the security policy as it relates to the particular incoming data; and the security code configured to prevent at least a portion of the particular incoming data from being processed by the at least one mobile device processor or configured to modify at least a portion of the particular incoming data before being processed by the at least one mobile device processor. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A security method, comprising:
-
determining whether a mobile device is on any of one or more trusted networks by searching for a predetermined network device on the one or more trusted networks; disabling all data transfer via resident devices resident on the mobile device, when the mobile device is outside of any of the one or more trusted networks and when a trusted security device is not coupled to a mobile device data port of the mobile device, the mobile device including at least one mobile device processor, mobile device memory and the mobile device data port, the mobile device memory having data transfer code and a data transfer policy thereon, the data transfer policy including information for identifying the one or more trusted networks; enabling data transfer via at least one of the resident devices resident on the mobile device, when the mobile device is outside of any of the one or more trusted networks and only if the trusted security device is coupled to the mobile device data port of the mobile device; using the at least one mobile device processor to execute a redirector on the mobile device to redirect particular incoming data from the mobile device to a particular trusted security device; receiving the particular incoming data by the particular trusted security device before the at least one mobile device processor processes the particular incoming data, the particular trusted security device including at least one security device processor, security device memory and a security device data port, the security device data port configured to couple to the mobile device data port, the at least one security device processor being different than the at least one mobile device processor, the security device memory including security code and a security policy thereon; using the security code to evaluate the particular incoming data for malware to implement the security policy as it relates to the particular incoming data; and preventing at least a portion of the particular incoming data from being processed by the at least one mobile device processor, or modifying at least a portion of the particular incoming data before being processed by the at least one mobile device processor. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification