METHOD AND SYSTEM FOR MANAGING DELAYED USER AUTHENTICATION

US 20100293606A1
Filed: 07/27/2010
Published: 11/18/2010
Est. Priority Date: 07/30/2004
Status: Active Grant

First Claim

Patent Images

1. A method for unlocking a mobile electronic device, the method comprising:

initiating start-up of the device which triggers launch of a virtual machine on a client operating system on the device,after the initiation of start-up of the device and before completion of the launch of the virtual machine,passing a user authentication input from a host-side of the device to the client operating system with a validation request;

the client operating system authenticating the user authentication input and notifying the host-side of a successful authentication;

the host-side unlocking access to at least one host application running on the host-side to enable access to the at least one host application.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and methods for coordinating the operation of a client security module and a host security module on a mobile electronic device. The modules communicate with each other through a platform abstraction layer using application programming interfaces to coordinate their activities. In particular, on start-up of the device, the host security module obtains user authorization input from a user and passes the input to a client operating system for validation. Once validated, the host security module unlocks the host-side of the device. At the same time, the client operating system sends a notice or request to the client-side virtual machine requesting that the client-side be unlocked. Once the virtual machine is initialized and available it launches the client security module and unlocks the client-side. During the delay while the virtual machine loads, the user is given access only to the host applications.

Citations

14 Claims

1. A method for unlocking a mobile electronic device, the method comprising:
- initiating start-up of the device which triggers launch of a virtual machine on a client operating system on the device,after the initiation of start-up of the device and before completion of the launch of the virtual machine,passing a user authentication input from a host-side of the device to the client operating system with a validation request;
  
  the client operating system authenticating the user authentication input and notifying the host-side of a successful authentication;
  
  the host-side unlocking access to at least one host application running on the host-side to enable access to the at least one host application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1 further comprising, following authenticating of the user authentication input, notifying the virtual machine of a validated unlock request received from the host security module.
  - 3. The method of claim 2 wherein notifying the virtual machine comprises the client operating system notifying the virtual machine.
  - 4. The method of claim 3 wherein the client operating system does not await a response to notifying the virtual machine.
  - 5. The method of claim 3 further comprising the notifying the virtual machine remaining pending while the virtual machine completes its initialization.
  - 6. The method of claim 1 further comprising, following authenticating of the user authentication input, the client operating system, through a password validator, authenticating the user authentication input and notifying the virtual machine of a validated unlock request.
  - 7. The method of claim 1 wherein client operating system authenticating comprises authenticating the user authentication input through an application programming interface called by a host security module of the host-side to validate the user input.
  - 8. The method of claim 7 further comprising the client operating system notifying the virtual machine of a validated unlock request through the application programming interface called by the host security module of the host-side to verify the user input.
  - 9. The method of claim 1 further comprising, following authenticating of the user authentication input, a host security module of the host-side notifying the virtual machine of a validated unlock request.
  - 10. The method of claim 2 wherein notifying the virtual machine further comprises including the user authentication input.
  - 11. The method of claim 1 further comprising the client operating system storing the user authentication input.
  - 12. The method of claim 1 further comprising notifying the virtual machine of a request to unlock a client-side of the device, and the virtual machine recognizing the request following completion of launch of the virtual machine.
  - 13. The method of claim 12 further comprising storing the user authentication input and, following the virtual machine recognizing the request, a client security module of the client-side obtaining the stored user authentication input.
  - 14. The method of claim 13 further comprising clearing memory of the stored user authentication input following obtaining the stored user authentication input by the client security module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Research In Motion Limited (Blackberry Limited)
Inventors
Darbha, Sriram, Barker, Melanie, Emery, Jeffrey Kenneth

Granted Patent

US 8,250,371 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

G06F 21/31   User authentication

G06F 21/575   Secure boot

H04L 63/08   for authentication of entit...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

H04N 21/41407   embedded in a portable devi...

H04N 21/4181   for conditional access

H04N 21/4184   providing storage capabilit...

H04N 21/422   Input-only peripherals , i....

H04N 21/443   OS processes, e.g. booting ...

H04N 21/4753   for user identification, e....

METHOD AND SYSTEM FOR MANAGING DELAYED USER AUTHENTICATION

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND SYSTEM FOR MANAGING DELAYED USER AUTHENTICATION

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links