SELECTIVELY WIPING A REMOTE DEVICE

US 20120079603A1
Filed: 09/26/2011
Published: 03/29/2012
Est. Priority Date: 01/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

initiating, at a sending device, transmission of a securing command to a receiving device, the securing command being provided with an indicator of an authorization level;

receiving the securing command at the receiving device;

in response to the securing command, the receiving device;

setting a flag indicating which of a plurality of data types is to be secured based on the authorization level indicated by the securing command, each of the plurality of data types being associated with at least one of a plurality of authorization levels;

securing data of each of the plurality of data types thus indicated; and

clearing the flag upon completion of said securing.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level.

83 Citations

View as Search Results

22 Claims

1. A method, comprising:
- initiating, at a sending device, transmission of a securing command to a receiving device, the securing command being provided with an indicator of an authorization level;
  
  receiving the securing command at the receiving device;
  
  in response to the securing command, the receiving device;
  
  setting a flag indicating which of a plurality of data types is to be secured based on the authorization level indicated by the securing command, each of the plurality of data types being associated with at least one of a plurality of authorization levels;
  
  securing data of each of the plurality of data types thus indicated; and
  
  clearing the flag upon completion of said securing.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the authorization level is selected at the server from the plurality of authorization levels.
  - 3. The method of claim 2, wherein the authorization level thus selected is associated with a command issuer.
  - 4. The method of claim 1, wherein the securing command comprises the indicator of the authorization level.
  - 5. The method of claim 1, wherein setting the flag comprises setting a value for each of the plurality of data types, each said value indicating whether the data of said data type is to be secured.
  - 6. The method of claim 5, wherein securing comprises executing a securing operation for the data of said data type for which a value was set.
  - 7. The method of claim 5, wherein clearing the flag comprises resetting each said value once the data of said data type has been secured.
  - 8. The method of claim 1, wherein securing comprises encrypting the data of each of the plurality of data types thus indicated.
  - 9. The method of claim 1, wherein securing comprises deleting the data of each of the plurality of data types thus indicated.
  - 10. The method of claim 1, further comprising the receiving device authenticating the securing command prior to setting the flag.
  - 11. The method of claim 1, wherein the sending device is a server and the receiving device is a mobile device.

12. A system, comprising:
- a sending device configured to;
  
  initiate transmission of a securing command to a receiving device, the securing command being provided with an indicator of an authorization level; and
  
  a receiving device configured to;
  
  receive the securing command;
  
  in response to the securing command;
  
  set a flag indicating which of a plurality of data types is to be secured based on the authorization level indicated by the securing command, each of the plurality of data types being associated with at least one of a plurality of authorization levels;
  
  secure data of each of the plurality of data types thus indicated; and
  
  clear the flag upon completion of said securing.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The system of claim 12, wherein the authorization level is selected at the sending device from the plurality of authorization levels.
  - 14. The system of claim 13, wherein the authorization level thus selected is associated with a command issuer.
  - 15. The system of claim 12, wherein the securing command comprises the indicator of the authorization level.
  - 16. The system of claim 12, wherein the receiving device is configured to set the flag by setting a value for each of the plurality of data types, each said value indicating whether the data of said data type is to be secured.
  - 17. The system of claim 16, wherein the receiving device is configured to clear the flag by resetting each said value once the data of said data type has been secured.
  - 18. The system of claim 12, wherein the receiving device is configured to secure the data by encrypting the data of each of the plurality of data types thus indicated.
  - 19. The system of claim 12, wherein the receiving device is configured to secure the data by deleting the data of each of the plurality of data types thus indicated.
  - 20. The system of claim 12, wherein the receiving device is further configured to authenticate the securing command prior to setting the flag.
  - 21. The system of claim 12, wherein the sending device is a server.
  - 22. The system of claim 12, wherein the receiving device is a mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
BROWN, Michael K., BROWN, Michael S., LITTLE, Herbert A., TOTZKE, Scott W.

Granted Patent

US 9,100,413 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/26
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 21/88   Detecting or preventing the...

G06F 2221/2107   File encryption

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 63/0428   wherein the data content is...

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/08   Access security

SELECTIVELY WIPING A REMOTE DEVICE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

83 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

SELECTIVELY WIPING A REMOTE DEVICE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

83 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links