Providing access levels to services based on mobile device security state
9 Assignments
0 Petitions
Accused Products
Abstract
A mobile device'"'"'s level of access to services provided by a service provider is based on a current security state assessment of the mobile device. Mobile devices are granted different access levels to services based on the security state of the device. A security component can assess the current security state of the mobile device by processing security data generated by the mobile device. In a specific embodiment, the security component is at the mobile device. In another specific embodiment, the security component is at a server.
-
Citations
38 Claims
-
1-8. -8. (canceled)
-
9. A method comprising:
-
on a mobile communications device, receiving a request for access to the mobile communications device from a service provider; at the mobile communications device, assessing by a device security component a current security state of the mobile communications device based upon processing of security data generated by the mobile communications device; and at the device security component, granting the requesting service provider access to the mobile communications device at an access level determined by the device security component depending upon the current security state assessment of the mobile communications device. - View Dependent Claims (12)
-
-
10-11. -11. (canceled)
-
13-15. -15. (canceled)
-
16. A system comprising:
-
a server for assessing the security state of a mobile communications device, the server having a server security component in communication with the mobile communications device; the server security component receiving from the mobile communications device security data generated by at least one application running on the mobile communications device; the server security component processing the received data to assess a current security state of the mobile communications device; and the server security component providing current security state assessment data to the mobile communication device for enforcement of an application-level security policy on the mobile device that determines whether to grant access to a service provider and at what level depending on the current security state assessment of the mobile communications device. - View Dependent Claims (17, 19)
-
-
18. (canceled)
-
20. A method comprising:
-
providing a server security component in communication with a mobile communications device and with a service provider; at the server security component, receiving a request for access to the service provider from the mobile communications device; at the server security component, in response to the request for access, assessing the current security state of the mobile communications device by processing security data generated by at least one application running on the mobile communications device; and determining whether to grant access to the service provider and at what level depending upon the current security state assessment of the mobile communications device. - View Dependent Claims (21, 22)
-
-
23. A method comprising:
-
providing a server security component in communication with a mobile communications device and a service provider; at the server security component, receiving a request from the service provider for the current security state assessment of the mobile communications device; at the server security component, assessing the current security state of the mobile communications device by processing security data generated by the mobile communications device; and providing the security state of the mobile communications device to the service provider. - View Dependent Claims (24, 25, 26)
-
-
27. A non-transitory computer readable storage medium containing computer readable instructions comprising:
-
computer program code for, at a mobile communications device security component, receiving a request from a service provider for access to the mobile communications device; computer program code for, at the mobile communications device security component, in response to the request by the service provider for access to the mobile communications device, assessing by the device security component a current security state of the mobile communications device by processing security data generated by the mobile communications device; and
,computer program code for, at the device security component, granting to the service provider access to the mobile communications device at an access level depending upon the mobile communications device current security state. - View Dependent Claims (28)
-
-
29. A method comprising:
-
at a server in communication with a mobile communication device and with a service provider, receiving a request from the mobile communications device for access to the service provider; in response to the request for access to the service provider, requesting by a server security component current security state assessment data concerning the mobile communications device requesting access to the service provider; if the server security component determines that the mobile communications device security state assessment data is not current, assessing the current security state of the mobile communications device by the server security component obtaining from the mobile communications device security data generated by the mobile communications device; and
,at the server security component, granting access to the requested service provider by the mobile communications device at an access level depending upon the current security state assessment of the mobile communications device. - View Dependent Claims (30)
-
-
31. A system comprising:
-
a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data about the mobile communications device; the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component; the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and in response to a request from the mobile communications device for access to the service provider, the server security component providing current security state assessment data to the requested mobile communications device for enforcement of an application-level security policy on the mobile communication device that determines whether access to the service provider is to be granted to the mobile communication device and at what level.
-
-
32. A system comprising:
-
a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data generated by the mobile communications device; the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component; the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and in response to a request from a service provider for access to the mobile communications device, the server security component providing current security state assessment data to the requested mobile communications device for enforcement of an application-level security policy on the mobile communications device that determines whether access to the mobile communications device is to be granted to the mobile communications device and at what level.
-
-
33. A system comprising:
-
at a server security component in communication with a mobile communications device and with a service provider, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a current security state of the mobile communications device; and
,at the server security component, providing mobile communications device current security state assessment data to the service provider so that the service provider can determine whether the mobile communications device should be granted access to the service provider and at what level.
-
-
34. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a current security state of the mobile communications device; at the service security component, receiving a request from the mobile communications device to access a service provider; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the service provider and at what level depending upon the current security state assessment for the mobile communications device.
-
-
35. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a current security state of the mobile communications device; at the server security component, receiving a request from a service provider to access the mobile communications device; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the mobile communications device and at what level depending upon the current security state assessment for the mobile communications device.
-
-
36. A system comprising:
-
at a server security component in communication with a mobile communications device and with a service provider, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess as current security state of the mobile communications device; and
,at the server security component, providing mobile communications device current security state assessment data to the service provider so that the service provider can determine whether the mobile communications device should be granted access to the service provider and at what level.
-
-
37. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a current security state of the mobile communications device; at the service security component, receiving a request from the mobile communications device to access a service provider; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the service provider and at what level depending upon the current security state assessment for the mobile communications device.
-
-
38. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a current security state of the mobile communications device; at the server security component, receiving a request from a service provider to access the mobile communications device; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the mobile communications device and at what level depending upon the current security state assessment for the mobile communications device.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeLookout Incorporated
-
Original AssigneeLookout Incorporated
-
InventorsMahaffey, Kevin, Hering, John G., Burgess, James
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/3
-
CPC Class CodesG06F 21/30 Authentication, i.e. establ...G06F 21/31 User authenticationG06F 21/577 Assessing vulnerabilities a...G06F 2221/2129 Authenticate client device ...H04L 2463/102 applying security measure f...H04L 63/10 for controlling access to d...H04L 63/102 Entity profilesH04L 63/1416 Event detection, e.g. attac...H04W 12/08 Access security
