SYSTEM AND METHOD FOR CREATING AND ASSIGNING A POLICY FOR A MOBILE COMMUNICATIONS DEVICE BASED ON PERSONAL DATA

US 20150118992A1
Filed: 10/25/2013
Published: 04/30/2015
Est. Priority Date: 10/25/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

identifying, by a mobile communications device, one or more locations for storing data on the mobile communications device;

identifying a first set of personal data stored at the one or more locations on the mobile communications device;

generating, by the mobile communications device, a policy for the mobile communications device based on an analysis of the first set of personal data;

identifying a second set of personal data stored on the mobile communications device based on the generated policy;

monitoring the second set of personal data stored on the mobile communications device; and

detecting an access of the monitored second set of personal data by an application executed on the mobile communications device.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method to create and assign a policy for a mobile communications device are disclosed. The policy may be created based on personal data associated with the mobile communications device. For example, known sources of personal data on the mobile communications device may be identified and a policy may be created based on the known personal data. The policy may then be used to identify additional personal data associated with the mobile communications device. Thus, the personal data associated with the mobile communications device may be monitored. If an application attempts to access the monitored personal data, the access will be detected.

87 Citations

View as Search Results

20 Claims

1. A method comprising:
- identifying, by a mobile communications device, one or more locations for storing data on the mobile communications device;
  
  identifying a first set of personal data stored at the one or more locations on the mobile communications device;
  
  generating, by the mobile communications device, a policy for the mobile communications device based on an analysis of the first set of personal data;
  
  identifying a second set of personal data stored on the mobile communications device based on the generated policy;
  
  monitoring the second set of personal data stored on the mobile communications device; and
  
  detecting an access of the monitored second set of personal data by an application executed on the mobile communications device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the step of identifying of the second set of personal data on the mobile communications device is achieved by using the generated policy to identify additional personal data stored on the mobile communications device.
  - 3. The method of claim 2, wherein the monitored second set of personal data includes the identified first set of personal data and the identified additional personal data.
  - 4. The method of claim 1, wherein the first set of personal data comprises data from at least one of a contacts database, email database, a database containing communications received or transmitted by the mobile communications device, location information of the mobile communications device, or recently used network names.
  - 5. The method of claim 1, wherein the step of detecting the access of the monitored second set of personal data includes determining if the access resulted in a transmission of at least part of the second set of personal data from the mobile communications device.
  - 6. The method of claim 1, wherein, when the executed application is associated with a container wrapper, the step of detecting the access of the monitored second set of personal data is based on the executed application interacting with an interface of the container wrapper.
  - 7. The method of claim 1, wherein, when the monitored second set of personal data is associated with a container wrapper, the step of detecting the access of the monitored second set of personal data is based on the executed application interacting with an interface of the container wrapper.

8. A method comprising:
- identifying, by a mobile communications device, personal data associated with the mobile communications device;
  
  receiving at the mobile communications device, from a server, an analysis associated with the mobile communications device;
  
  generating, by the mobile communications device, a policy for the mobile communications device based on the personal data associated with the mobile communications device and the analysis received from the server;
  
  assigning the policy to the mobile communications device;
  
  monitoring data on the mobile communications device based on the policy; and
  
  detecting an access of the monitored data by an application that is executed on the mobile communications device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the analysis received from the server is at least partly based on a presence of at least one application installed on the mobile communications device.
  - 10. The method of claim 9, wherein the analysis received from the server is further at least partly based on known access to the monitored data performed by the at least one application installed on the mobile communications device.
  - 11. The method of claim 8, wherein the identified personal data includes at least one of a contacts database, email database, a database containing communications received or transmitted by the mobile communications device, location information of the mobile communications device, or recently used network names.
  - 12. The method of claim 8, wherein the step of detecting the access of the monitored data includes determining if the access resulted in a transmission of at least part of the monitored data from the mobile communications device.
  - 13. The method of claim 8, wherein the monitored data includes the identified personal data and additional personal data identified based on the policy.
  - 14. The method of claim 8, wherein, when the application is associated with a container wrapper, the step of detecting the access of the monitored data is based on the application interacting with an interface of the container wrapper.

15. A method comprising:
- identifying, by a mobile communications device, a first set of personal data stored on the mobile communications device;
  
  creating, by the mobile communications device, a policy based on the identified first set of personal data stored on the mobile communications device;
  
  identifying a second set of personal data stored on the mobile communications device based on the generated policy, wherein the second set of personal data includes the identified first set of personal data and additional personal data;
  
  monitoring the second set of personal data stored on the mobile communications device; and
  
  detecting an access of the monitored second set of personal data by at least one application executed on the mobile communications device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the identified first set of personal data is associated with at least one of a contacts database, email database, a database containing communications received or transmitted by the mobile communications device, location information of the mobile communications device, or recently used network names.
  - 17. The method of claim 15, wherein the step of detecting the access of the monitored second set of personal data includes determining if the access resulted in a transmission of at least a part of the second set of personal data from the mobile communications device.
  - 18. The method of claim 15, wherein, when the at least one application is associated with a container wrapper, the step of detecting the access of the monitored second set of personal data is based on the at least one application interacting with an interface of the container wrapper.
  - 19. The method of claim 18, wherein, when the monitored second set of personal data is associated with a container wrapper, the step of detecting the access of the monitored second set of personal data is based on the at least one application interacting with an interface of the container wrapper.
  - 20. The method of claim 15, further comprising:
    - displaying a notification of the detecting of access of the second set of personal data, the notification identifying the application accessing the second set of personal data and presenting an option to allow the access or not allow the access.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lookout Incorporated
Original Assignee
Lookout Incorporated
Inventors
Wyatt, Timothy Micheal, Mahaffey, Kevin Patrick, Richardson, David Luke, Buck, Brian James, Rogers, Marc William

Granted Patent

US 9,642,008 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/410
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

H04L 63/20   for managing network securi...

H04W 12/02   Protecting privacy or anony...

H04W 12/08   Access security

H04W 88/02   Terminal devices

SYSTEM AND METHOD FOR CREATING AND ASSIGNING A POLICY FOR A MOBILE COMMUNICATIONS DEVICE BASED ON PERSONAL DATA

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

87 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR CREATING AND ASSIGNING A POLICY FOR A MOBILE COMMUNICATIONS DEVICE BASED ON PERSONAL DATA

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

87 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links