Method and system for responding to an unauthorized action on a mobile communications device
First Claim
Patent Images
1. A method comprising:
- determining, by an autonomous security component of a mobile communications device, that the mobile communications device is in a first state, the first state being an indication that an unauthorized action has been attempted on the mobile communications device, wherein the autonomous security component is preloaded on a system partition of an internal memory of a mobile communications device where an operating system is stored, wherein the autonomous security component is configured to persist after a factory reset of the mobile communications device, and wherein the autonomous security component is separate from the operating system;
in response to the determination that the mobile communications device is in the first state, initiating and causing, by the autonomous security component, a destruction of a cryptographic key of a bootloader from a key store on the mobile communications device;
upon initiating and causing the destruction of the cryptographic key of the bootloader, initiating, by the autonomous security component, a boot sequence at the mobile communications device; and
during the boot sequence at the mobile communications device after the destruction of the cryptographic key, booting the mobile communications device into a kernel that restricts operation of the mobile communications device so that the mobile communications device can only communicate with a single server;
(i) to report at least one of;
a mobile communications device location, or mobile communications device contextual information; and
(ii) to receive a re-enablement cryptographic key from the single server.
9 Assignments
0 Petitions
Accused Products
Abstract
In a method and system for responding to an unauthorized action on a mobile communications device, a cryptographic key is destroyed. The destruction of the cryptographic key is followed by initiating a boot sequence at the mobile communications device where the device is booted into a kernel that restricts operation of the mobile communications device to communications with a server.
24 Citations
20 Claims
-
1. A method comprising:
-
determining, by an autonomous security component of a mobile communications device, that the mobile communications device is in a first state, the first state being an indication that an unauthorized action has been attempted on the mobile communications device, wherein the autonomous security component is preloaded on a system partition of an internal memory of a mobile communications device where an operating system is stored, wherein the autonomous security component is configured to persist after a factory reset of the mobile communications device, and wherein the autonomous security component is separate from the operating system; in response to the determination that the mobile communications device is in the first state, initiating and causing, by the autonomous security component, a destruction of a cryptographic key of a bootloader from a key store on the mobile communications device; upon initiating and causing the destruction of the cryptographic key of the bootloader, initiating, by the autonomous security component, a boot sequence at the mobile communications device; and during the boot sequence at the mobile communications device after the destruction of the cryptographic key, booting the mobile communications device into a kernel that restricts operation of the mobile communications device so that the mobile communications device can only communicate with a single server; (i) to report at least one of;
a mobile communications device location, or mobile communications device contextual information; and(ii) to receive a re-enablement cryptographic key from the single server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
determining, by an autonomous security component of a mobile communications device, that an unauthorized action has been attempted on the mobile communications device, wherein the autonomous security component is preloaded on a system partition of an internal memory of a mobile communications device where an operating system is stored, wherein the autonomous security component is configured to persist after a factory reset of the mobile communications device, and wherein the autonomous security component is separate from the operating system; when the determination is that an unauthorized action has been attempted on the mobile communications device, receiving, from a single server and at the autonomous security component, a first cryptographic key; encrypting, by the autonomous security component, device storage contents with the first cryptographic key; after encrypting the device storage contents, initiating and causing, by the autonomous security component, a destruction of a second cryptographic key from a key store on the mobile communications device, the second cryptographic key being a cryptographic key of a bootloader; upon initiating and causing the destruction of the second cryptographic key, initiating, by the autonomous security component, a boot sequence at the mobile communications device; and during the boot sequence at the mobile communications device after the destruction of the second cryptographic key, booting the mobile communications device into a kernel that restricts operation of the mobile communications device so that the mobile communications device can only communicate with the single server; (i) to report at least one of;
a mobile communications device location, or mobile communications device contextual information; and(ii) to receive a re-enablement second cryptographic key from the single server. - View Dependent Claims (12, 13, 14)
-
-
15. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
receiving, at a server, an indication that an unauthorized action has been attempted on a mobile communications device; sending, from the server, a first command for a security component of the mobile communications device, the first command directing the security component to encrypt data stored on the mobile communications device using a first cryptographic key from the server, wherein the security component is preloaded on a system partition of an internal memory of the mobile communications device where an operating system is stored, wherein the security component is configured to persist after a factory reset, and wherein the security component is separate from the operating system; upon the server receiving, from the security component of the mobile communications device, confirmation that the data stored has been encrypted, sending, from the server, a second command for the security component of the mobile communications device to cause a destruction of a second cryptographic key from a key store on the mobile communications device, the second cryptographic key being a cryptographic key of a bootloader, wherein, upon causing the destruction of the second cryptographic key of the bootloader, the security component autonomously initiates a boot sequence at the mobile communications device; and during the boot sequence at the mobile communications device after the destruction of the second cryptographic key, booting the mobile communications device into a kernel that restricts operation of the mobile communications device so that the mobile communications device can only communicate with the server; (i) to report at least one of;
a mobile communications device location, or mobile communications device contextual information; and(ii) to receive a re-enablement second cryptographic key from the server. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification