System and method for over the air configuration security
First Claim
Patent Images
1. A computer-implemented method for maintaining configuration information on a mobile device, comprising:
- receiving a message including a request associated with configuration information stored on the mobile device;
associating a security role with the received message;
determining at least one configuration setting within the configuration information affected by the received message;
comparing the security role with a security privilege associated with the at least one configuration setting; and
if the security role is in agreement with the security privilege associated with the at least one configuration setting, processing the request associated with the configuration information.
3 Assignments
0 Petitions
Accused Products
Abstract
Described is a system and method for assigning security credentials to particular components within a mobile device, and for ensuring that only configuration messages having sufficient access privilege to those components are allowed access, based on the security credentials. The security credentials or “roles” describe which settings a particular configuration message has authority to modify or query. Access is disallowed to settings for which a message does not have adequate security credentials.
-
Citations
28 Claims
-
1. A computer-implemented method for maintaining configuration information on a mobile device, comprising:
-
receiving a message including a request associated with configuration information stored on the mobile device;
associating a security role with the received message;
determining at least one configuration setting within the configuration information affected by the received message;
comparing the security role with a security privilege associated with the at least one configuration setting; and
if the security role is in agreement with the security privilege associated with the at least one configuration setting, processing the request associated with the configuration information. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer-readable medium having computer-executable components for managing security on a mobile device, comprising:
-
a stored setting having an assigned security role that identifies a privilege that an entity attempting to access the stored setting must satisfy in order to access the stored setting;
a router configured to receive a configuration message over a wireless communication link, the router being further configured to identify a source of the configuration message and to pass the configuration message to other components of the mobile device, the configuration message including an instruction that affects a configuration setting; and
a configuration manager configured to receive the configuration message from the router and to parse the configuration message to identify the configuration setting affected by the configuration message, the configuration manager being further configured to compare security privileges associated with the source of the configuration message to security roles assigned to configuration settings stored on the mobile device, wherein if the configuration setting identified in the configuration message identifies the stored setting, and wherein if the source of the configuration message has sufficient privilege to access the stored setting, the configuration manager causes the instruction that affects the configuration setting to be processed. - View Dependent Claims (9, 10, 11, 12, 14, 15, 16, 17, 18, 19)
-
-
13. A computer-readable medium having computer-executable instructions for maintaining configuration information on a mobile device, comprising:
-
receiving a configuration message including an instruction associated with a configuration setting stored on the mobile device;
associating a security role with the instruction;
comparing the security role of the instruction with a security role associated with the configuration setting stored on the mobile device; and
if the security role of the instruction is in agreement with the security role of the configuration setting, processing the instruction.
-
-
20. A computer-readable medium within a mobile device, comprising:
-
a data structure associated with a configuration setting and a configuration service provider, the configuration setting being associated with a software component resident on the mobile device, the configuration service provider being responsible for maintaining the configuration setting, wherein the data structure comprises a first field including a security role associated with the configuration setting, the security role of the configuration setting identifying a setting privilege which must be had in order to access the configuration setting; and
a second field including a security role associated with the configuration service provider, the security role of the configuration service provider identifying a provider privilege which must be had in order to make use of the configuration service provider. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28)
-
Specification