Selectively wiping a remote device

US 10,540,520 B2
Filed: 11/12/2018
Issued: 01/21/2020
Est. Priority Date: 01/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method of securing data on a client device, the method comprising:

determining, at a server, an authorization level for a command issuer when the command issuer logs into the server, the command issuer being associated with one of a plurality of authorization levels;

creating, at the server, a securing command for securing the client device; and

transmitting the securing command from the server to the client device, wherein the securing command for securing the client device secures at least one data type in a plurality of data types that is not user-created data, and wherein the determined authorization level associated with the command issuer is an administrator authorization level, and wherein creating the securing command includes generating the securing command to secure data that is not user-created data and preventing the securing of user-created data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level.

Citations

20 Claims

1. A method of securing data on a client device, the method comprising:
- determining, at a server, an authorization level for a command issuer when the command issuer logs into the server, the command issuer being associated with one of a plurality of authorization levels;
  
  creating, at the server, a securing command for securing the client device; and
  
  transmitting the securing command from the server to the client device, wherein the securing command for securing the client device secures at least one data type in a plurality of data types that is not user-created data, and wherein the determined authorization level associated with the command issuer is an administrator authorization level, and wherein creating the securing command includes generating the securing command to secure data that is not user-created data and preventing the securing of user-created data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the command issuer that defines a predetermined number of times a password is allowed to be incorrectly entered is associated with an administrator authorization level.
  - 3. The method of claim 1, wherein the securing includes deleting at least one data type of a plurality of data types stored on the client device.
  - 4. The method of claim 1, wherein the client device stores data of a plurality of data types, and wherein the securing includes encrypting at least one data type.
  - 5. The method of claim 4, wherein the command issuer is a user, and wherein the at least one data type is personal data associated with the user.
  - 6. The method of claim 5, wherein a second data type is not the at least one data type to be encrypted, and wherein the second data type is not associated with the created securing command.
  - 7. The method of claim 1, wherein the client device stores data of a plurality of data types, and wherein the command issuer is an administrator, and wherein securing the client device includes securing at least one data type that is not personal data.
  - 8. The method of claim 7, wherein a second data type is personal data, and wherein the second data type is not associated with the created securing command.
  - 9. The method of claim 1, wherein the securing command for securing the client device includes securing at least one of applications, data files created at the client device, or data received at the client device that are personal to a user.
  - 10. The method of claim 1, wherein creating a securing command for securing the client device comprises:
    - determining that the client device is to be secured based on the command issuer defining, at the server, a predetermined number of times a password is allowed to be incorrectly entered at the client device; and
      
      generating the securing command for securing the client device when the password is incorrectly entered at the client device the predetermined number of times.

11. A server comprising:
- a memory;
  
  a communication subsystem; and
  
  a processor operatively connected to the memory and the communication subsystem, the processor being configured to;
  
  determine an authorization level for a command issuer when the command issuer logs into the server, the command issuer being associated with one of a plurality of authorization levels;
  
  create a securing command for securing a client device; and
  
  transmit the securing command from the server to the client device, wherein the securing command for securing the client device secures at least one data type in a plurality of data types that is not user-created data, and wherein the determined authorization level associated with the command issuer is an administrator authorization level, and wherein creating the securing command includes generating the securing command to secure data that is not user-created data and preventing the securing of user-created data.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The server of claim 11, wherein the command issuer that defines a predetermined number of times a password is allowed to be incorrectly entered is associated with an administrator authorization level.
  - 13. The server of claim 11, wherein the securing includes deleting at least one data type of a plurality of data types stored on the client device.
  - 14. The server of claim 11, wherein the client device stores data of a plurality of data types, and wherein the securing includes encrypting at least one data type.
  - 15. The server of claim 14, wherein the command issuer is a user, and wherein the at least one data type is personal data associated with the user.
  - 16. The server of claim 15, wherein a second data type is not the at least one data type to be encrypted, and wherein the second data type is not associated with the created securing command.
  - 17. The server of claim 11, wherein the client device stores data of a plurality of data types, and wherein the command issuer is an administrator, and wherein securing the client device includes securing at least one data type that is not personal data.
  - 18. The server of claim 17, wherein a second data type is personal data, and wherein the second data type is not associated with the created securing command.
  - 19. The server of claim 11, wherein creating a securing command for securing the client device comprises:
    - determining that the client device is to be secured based on the command issuer defining, at the server, a predetermined number of times a password is allowed to be incorrectly entered at the client device; and
      
      generating the securing command for securing the client device when the password is incorrectly entered at the client device the predetermined number of times.

20. A non-transitory computer-readable medium storing code which, when executed by one or more processor of a server, cause the server to perform operations comprising:
- determining an authorization level for a command issuer when the command issuer logs into the server, the command issuer being associated with one of a plurality of authorization levels;
  
  creating a securing command for securing a client device; and
  
  transmitting the securing command from the server to the client device, wherein the securing command for securing the client device secures at least one data type in a plurality of data types that is not user-created data, and wherein the determined authorization level associated with the command issuer is an administrator authorization level, and wherein creating the securing command includes generating the securing command to secure data that is not user-created data and preventing the securing of user-created data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
Brown, Michael Kenneth, Brown, Michael Stephen, Little, Herbert Anthony, Totzke, Scott William
Primary Examiner(s)
Chen, Shin-Hon (Eric)

Application Number

US16/187,065
Publication Number

US 20190080114A1
Time in Patent Office

435 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 21/88   Detecting or preventing the...

G06F 2221/2107   File encryption

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 63/0428   wherein the data content is...

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/08   Access security

Selectively wiping a remote device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Selectively wiping a remote device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links