Method and system for secure synchronization between an enterprise system and a device

US 20050289350A1
Filed: 06/25/2004
Published: 12/29/2005
Est. Priority Date: 06/25/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method for synchronizing a device with an enterprise system comprising:

storing at least one first security parameter generated as a function of a verified application code at a network node;

receiving an identifier of a device requesting synchronization, an application identifier and at least one second security parameter from the device, the second security parameter generated as a function of code corresponding to an application running on the device;

if the first security parameter matches the second security parameter, performing a synchronization process with the device; and

, if the first security parameter does not match the second security parameter, denying a synchronization process with the device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for secure synchronization between an enterprise system such as an ERP system and a mobile device. Before synchronization is allowed, a verified security parameter corresponding to a verified application is compared with a device security parameter representing an application running on the device

Citations

16 Claims

1. A method for synchronizing a device with an enterprise system comprising:
- storing at least one first security parameter generated as a function of a verified application code at a network node;
  
  receiving an identifier of a device requesting synchronization, an application identifier and at least one second security parameter from the device, the second security parameter generated as a function of code corresponding to an application running on the device;
  
  if the first security parameter matches the second security parameter, performing a synchronization process with the device; and
  
  , if the first security parameter does not match the second security parameter, denying a synchronization process with the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method according to claim 1, wherein the first and second security parameters correspond respectively to a first digital signature and a second digital signature.
  - 3. The method according to claim 2, wherein the first and second digital signatures are generated respectively by a hash function from the verified application code and the device application code.
  - 4. The method according to claim 3, wherein the hash function receives a program source code and generates a hash value as a function of the program source code.
  - 5. The method according to claim 1, further including:
    - if the first security parameter matches the second security parameter, performing a deployment of software to the device;
      
      if the first security parameter does not match the second security parameter, disallowing a deployment of software to the device.
  - 6. The method according to claim 1, wherein the device is a mobile device.
  - 7. The method according to claim 6, wherein the mobile device is a PDA (“
    - Personal Digital Assistant”
      
      ).

8. A system for synchronizing a device with an enterprise system comprising:
- a database, the database storing;
  
  at least one device identifier;
  
  at least one application identifier;
  
  at least one verified security parameter;
  
  wherein each verified security parameter is associated with an application identifier; and
  
  , a processor, the processor configured to;
  
  receive a device identifier, an application identifier and at least one device security parameter from the device, the device security parameter generated as a function of code corresponding to an application running on the device;
  
  determine a corresponding verified security parameter from the database as a function of the application identifier and the device identifier;
  
  if the determined verified security parameter matches the device security parameter, perform a synchronization process with the device; and
  
  , if the determined verified security parameter does not match the device security parameter, deny a synchronization process with the device.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The system according to claim 8, wherein the determined verified and the device security parameters correspond respectively to a first digital signature and a second digital signature.
  - 10. The system according to claim 9, wherein the first and second digital signatures are generated by a hash function respectively from a verified code and code corresponding to the application running on the device.
  - 11. The system according to claim 10, wherein the hash function receives a program source code and generates a hash value as a function of the program source code.
  - 12. The system according to claim 8, wherein the processor is further configured to:
    - if the determined verified security parameter matches the device security parameter, perform a deployment of software to the device; and
      
      , if the determined verified security parameter does not match the device security parameter, disallow a deployment of software to the device.

13. A system for synchronizing a mobile device with an enterprise system comprising:
- a central synchronization point, the central synchronization point including a processor;
  
  a central deployment console, the central deployment console including a processor;
  
  a database, the database storing;
  
  at least one device identifier;
  
  at least one application identifier;
  
  at least one verified security parameter, wherein each verified security parameter corresponds to an application identifier and a device identifier;
  
  wherein the processor at the central synchronization point is configured to;
  
  receive a device security parameter, an application identifier and a device identifier from a device requesting synchronization;
  
  upon receiving the device security parameter, the application identifier and the device identifier, transmit the device security parameter, the application identifier and the device identifier to the central deployment console;
  
  the processor at the central deployment console configured to;
  
  receive a device security parameter, an application identifier and a device identifier from the central synchronization server;
  
  determine a corresponding verified security parameter from the database as a function of the application identifier and the device identifier;
  
  if the corresponding verified security parameter matches the device security parameter, transmit a signal to the central synchronization point indicating synchronization should be allowed; and
  
  , if the corresponding verified security parameter does not match the device security parameter transmit a signal to the central synchronization point indicating synchronization should not be allowed;
- View Dependent Claims (14, 15)
- - 14. The system according to claim 13, whereupon the processor at the central synchronization point is configured to upon receiving a signal from the central deployment console indicating that synchronization should be allowed, allow synchronization with the device.
  - 15. The system according to claim 13, whereupon the processor at the central synchronization point is configured to upon receiving a signal from the central deployment console indicating that synchronization should not be allowed, disallow synchronization with the device;

16. A program storage device, the program storage device including instructions for performing synchronization between an enterprise system and a device, the instructions including:
- storing at least one verified security parameter generated as a function of a verified application code at a network node;
  
  receiving an identifier of a device requesting synchronization, an application identifier and at least one device security parameter from the device, the device security parameter generated as a function of code corresponding to an application running on the device;
  
  if the verified security parameter matches the device security parameter, performing a synchronization process with the device; and
  
  , if the verified security parameter does not match the device security parameter, denying a synchronization process with the device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP AG (SAP SE)
Original Assignee
SAP AG (SAP SE)
Inventors
Schmidt-Karaca, Markus

Application Number

US10/877,844
Publication Number

US 20050289350A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2129   Authenticate client device ...

H04L 63/123   received data contents, e.g...

H04L 63/126   the source of the received ...

Method and system for secure synchronization between an enterprise system and a device

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure synchronization between an enterprise system and a device

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links