ASSESSING THE SECURITY STATE OF A MOBILE COMMUNICATIONS DEVICE
First Claim
1. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, cause the processor to perform a method comprising:
- receiving, at a server security component, security data generated by an application running on a mobile communications device;
processing, at the server security component, the received security data to make an assessment of a current security state of the mobile communications device; and
in response to a request from the mobile communications device for access to a service provider, received at the server, providing, by the server, the assessment of the current security state of the mobile communications device by the server security component to the service provider for enforcement of an application-level security policy that determines whether or not to grant access to the mobile communications device and at what level.
9 Assignments
0 Petitions
Accused Products
Abstract
Methods for assessing the current security state of a mobile communications device. A security component installed in either the server or the mobile communications device is configured to assess the current security state by processing security data generated by the mobile communications device. If the security data is not current, then security events on the mobile communications device are evaluated to determine a severity level for the security events, and this determination is used to assess the current security state of the mobile communications device.
-
Citations
20 Claims
-
1. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
receiving, at a server security component, security data generated by an application running on a mobile communications device; processing, at the server security component, the received security data to make an assessment of a current security state of the mobile communications device; and in response to a request from the mobile communications device for access to a service provider, received at the server, providing, by the server, the assessment of the current security state of the mobile communications device by the server security component to the service provider for enforcement of an application-level security policy that determines whether or not to grant access to the mobile communications device and at what level. - View Dependent Claims (2, 3, 4)
-
-
5. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
receiving, at a server security component, security data generated by an application running on a mobile communications device; processing, at the server security component, the received security data to make an assessment of a current security state of the mobile communications device; and in response to a request from a service provider for access to the mobile communications device, received at the server, providing, by the server, the assessment of the current security state of the mobile communications device from the server security component to the mobile communications device for enforcement of an application-level security policy that determines whether or not to grant access to the service provider and at what level. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
providing a server security component in communication with a mobile communications device and a service provider; receiving, at the server security component, security data generated by the mobile communications device; storing the security data in a database accessible to the server security component; processing, at the server security component, the received and stored security data to make an assessment of a current security state of the mobile communications device; and in response to a request from the mobile communications device for access to a service provider, received at the server, providing, by the server, the assessment of the current security state of the mobile communications device from the server security component to the service provider for enforcement of an application-level security policy that determines whether or not to grant access to the mobile communications device and at what level.
-
-
10. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, cause the processor to perform a method comprising:
-
providing a server security component in communication with a mobile communications device and a service provider; receiving, at the server security component, security data generated by the mobile communications device; storing the security data in a database accessible to the server security component; processing, at the server security component, the received and stored security data to make an assessment of a current security state of the mobile communications device; and in response to a request from a service provider for access to the mobile communications device, received at the server, providing, by the server, the assessment of the current security state of the mobile communications device from the server security component to the service provider for enforcement of an application-level security policy that determines whether or not to grant access to the mobile communications device and at what level.
-
-
11. A method comprising:
-
at a mobile communications device, receiving a request from a service provider for access to the mobile communications device; at the mobile communications device, assessing a current security state of the mobile communications device based upon processing of security data generated by the mobile communications device; and granting the service provider access to the mobile communications device at an access level depending upon the assessment of the current security state of the mobile communications device. - View Dependent Claims (12, 13)
-
-
14. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a current security state of the mobile communications device; at the server in communication with server security component, receiving a request from the mobile communications device to access a service provider; in response to request for access received by the server, at the server security components, determining whether to grant the requested access to the service provider and at what access level depending upon the assessment of the current security state for the mobile communications device; and communicating to the service provider the determination of whether to grant the requested access, and if so, the access level. - View Dependent Claims (15, 16)
-
-
17. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to assess a cuurent security state of the mobile communications device; at a server in communication with the server security component, receiving a request from a service provider to access the mobile communications device; and
,in response to request for access received by the server, at the server security component, determining whether to grant the requested access to the mobile communications device and at what level depending upon the assessment of the current security state for the mobile communications device; and communicating to the service provider the determination of whether to grant the requested access, and if so, the access level. - View Dependent Claims (18, 19)
-
-
20. A method comprising:
-
at a server in communication with a mobile communications device and a service provider, receiving a request from the mobile communications device for access to the service provider; at the server, assessing the current security state of the mobile communications device; and granting, by the server, access to the mobile communications device by the service provider if the assessed current security state of the mobile communications device indicates that the mobile communications device is safe.
-
Specification