SECURITY MANAGEMENT SYSTEM AND METHOD FOR LOCATION-BASED MOBILE DEVICE

US 20130013932A1
Filed: 05/24/2012
Published: 01/10/2013
Est. Priority Date: 07/06/2011
Status: Active Grant

First Claim

Patent Images

1. A method for managing information security for a mobile device in a restricted area, based on location information regarding the mobile device, the method comprising:

receiving, by the mobile device, a request for the execution of an application program in a restricted area from a server managing the restricted area;

executing, by the mobile device, the application program requested for execution when the program is set to be executable according to a security policy set to the restricted area;

encrypting, by the mobile device, a file, created according to the execution of the application program, based on location information regarding the mobile device; and

storing the encrypted file.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and a system of managing information security for a mobile device in a restricted area based on location information regarding the mobile device are provided. The method includes receiving, by the mobile device, a request for the execution of an application program in a restricted area from a server managing the restricted area, executing, by the mobile device, the application program requested for execution when the program was set to be executable according to a security policy set to the restricted area, encrypting, by the mobile device, a file, created according to the execution of the application program, based on location information regarding the mobile device, and storing the encrypted file.

Citations

16 Claims

1. A method for managing information security for a mobile device in a restricted area, based on location information regarding the mobile device, the method comprising:
- receiving, by the mobile device, a request for the execution of an application program in a restricted area from a server managing the restricted area;
  
  executing, by the mobile device, the application program requested for execution when the program is set to be executable according to a security policy set to the restricted area;
  
  encrypting, by the mobile device, a file, created according to the execution of the application program, based on location information regarding the mobile device; and
  
  storing the encrypted file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising:
    - receiving, by the mobile device, the security policy when the mobile device enters the restricted area.
  - 3. The method of claim 1, wherein the encrypted file comprises:
    - a header; and
      
      encrypted data following the header,wherein the header comprises;
      
      a flag indicating whether the encrypted file is created while the mobile device is in the restricted area; and
      
      information regarding a location where the encrypted file is created.
  - 4. The method of claim 1, wherein the storage of the encrypted file comprises:
    - transmitting, by the mobile device, a message for reporting the file creation to a server managing the restricted area;
      
      receiving, by the mobile device, an encryption key corresponding to the location information regarding the mobile device from the server;
      
      encrypting, by the mobile device, the created file via the received encryption key; and
      
      storing the encrypted file.
  - 5. The method of claim 1, wherein the execution of the application program comprises:
    - refusing the execution of the application program when the application program requested for execution is set not to be executable in the restricted area according to the security policy.
  - 6. The method of claim 1, further comprising:
    - determining, when a request is made to display files stored in the mobile device, whether the mobile device is located in the restricted area;
      
      displaying, when the mobile device is located in the restricted area, all the files stored in the mobile device; and
      
      displaying, when the mobile device is located outside the restricted area, files that were created while the mobile device was located outside the restricted area.
  - 7. The method of claim 6, further comprising:
    - receiving, by the mobile device, when the mobile device is located in the restricted area, a request for the execution of one of the displayed files;
      
      requesting, by the mobile device, when the file requested for execution is created while the mobile device is in the restricted area, a decryption key for executing the file from the server; and
      
      receiving, by the mobile device, the decryption key from the server, decoding the file via the received decryption key, and executing the file.
  - 8. The method of claim 7, wherein the decryption key comprises the location information regarding the mobile device.

9. A location information-based security management system, the system comprising:
- a Radio Frequency (RF) communication unit for performing RF communication with a server managing a restricted area;
  
  a storage unit for storing a security policy set for the restricted area transmitted from the server and a file created according to the execution of an application program; and
  
  a controller,wherein the controller;
  
  receives a request for the execution of the application program in a restricted area from the server, and determines whether the application program is set to be executable in the restricted area according to the security policy;
  
  executes the application program when the application program is set to be executable according to the security policy;
  
  encrypts a file, created according to the execution of the application program, based on location information regarding the mobile device; and
  
  stores the encrypted file.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the controller receives the security policy when the mobile device enters the restricted area.
  - 11. The system of claim 9, wherein the encrypted file comprises:
    - a header; and
      
      encrypted data following the header,wherein the header comprises;
      
      a flag indicating whether the encrypted file is created while the mobile device is in the restricted area; and
      
      information regarding a location where the encrypted file is created.
  - 12. The system of claim 9, wherein the controller:
    - transmits a message for reporting the file creation to a server managing the restricted area;
      
      receives an encryption key corresponding to the location information regarding the mobile device from the server;
      
      encrypts the created file via the received encryption key; and
      
      stores the encrypted file.
  - 13. The system of claim 9, wherein the controller refuses the execution of the application program when the application program requested for execution is set not to be executable in the restricted area according to the security policy.
  - 14. The system of claim 9, wherein the controller:
    - determines, when a request is made to display files stored in the mobile device, whether the mobile device is located in the restricted area;
      
      displays, when the mobile device is located in the restricted area, all the files stored in the mobile device; and
      
      displays, when the mobile device is located outside the restricted area, files that were created while the mobile device was located outside the restricted area.
  - 15. The system of claim 14, wherein the controller:
    - receives, when the mobile device is located in the restricted area, a request for the execution of one of the displayed files;
      
      requests, when the file requested for execution is created while the mobile device is in the restricted area, a decryption key for executing the file from the server; and
      
      receives the decryption key from the server, decrypts the file via the received decryption key, and executes the file.
  - 16. The system of claim 9, wherein the decryption key comprises the location information regarding the mobile device

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
YOU, Yong Ho, KONG, Hyoung Suk

Granted Patent

US 9,071,621 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/189
CPC Class Codes

G06F 21/629   to features or functions of...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/107   wherein the security polici...

SECURITY MANAGEMENT SYSTEM AND METHOD FOR LOCATION-BASED MOBILE DEVICE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

SECURITY MANAGEMENT SYSTEM AND METHOD FOR LOCATION-BASED MOBILE DEVICE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links