Method and system for protecting data within portable electronic devices

US 7,159,120 B2
Filed: 11/19/2001
Issued: 01/02/2007
Est. Priority Date: 11/19/2001
Status: Active Grant

First Claim

Patent Images

1. A method of protecting data within a portable electronic device comprising:

a user accessing a graphical user interface (GUI) operating on the device to select a predetermined number of attempts that are permitted for a valid password entry;

determining whether a received password is valid upon detecting an attempt to unlock the device;

determining whether a number of attempts to enter the password exceeds the selected predetermined number of attempts for a valid password entry; and

erasing all applications and data stored on the device if the number of attempts exceed the predetermined number of attempts for a valid password entry.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for protecting data within a portable electronic device to prevent unauthorized access to that data. Encryption of data within the portable electronic device and automatic erasure of data upon unauthorized attempted access is provided. A limited number of attempts to access the portable electronic device are allowed, and if exceeded, the data is automatically erased without notification. Data transfer functions of the portable electronic device are also disabled when the device is locked. Erasing of data is also provided if the portable electronic device is not synced with another device during a predetermined time period.

223 Citations

32 Claims

1. A method of protecting data within a portable electronic device comprising:
- a user accessing a graphical user interface (GUI) operating on the device to select a predetermined number of attempts that are permitted for a valid password entry;
  
  determining whether a received password is valid upon detecting an attempt to unlock the device;
  
  determining whether a number of attempts to enter the password exceeds the selected predetermined number of attempts for a valid password entry; and
  
  erasing all applications and data stored on the device if the number of attempts exceed the predetermined number of attempts for a valid password entry.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method according to claim 1 further comprising the steps of:
    - requiring entry of a password to access the data within the portable electronic vice;
      
      determining whether the entered password is the valid password; and
      
      allowing access to the data if the valid password is entered.
  - 3. The method according to claim 2 further comprising protecting the data within the portable electronic device.
  - 4. The method according to claim 3 where in the step of protecting further comprises encrypting selected data.
  - 5. The method according to claim 4 further comprising decrypting only a portion of the encrypted selected data being accessed after entry of a valid password.
  - 6. The method according to claim 1 wherein the step of erasing comprises bit-wiping at least some of the data.
  - 7. The method according to claim 6 wherein bit-wiping the data comprises overwriting the data with characters.
  - 8. The method according to claim 7 wherein overwriting the data is performed a plurality of times.
  - 9. The method according to claim 1 wherein the predetermined number is user defined.
  - 10. The method according to claim 1 further comprising erasing the data after a predetermined time period from the last syncing of the portable electronic device with another electronic device.
  - 11. The method according to claim 10 wherein the predetermined time period is user defined.
  - 12. The method according to claim 2 further comprising locking the portable electronic device and requiring entry of the valid password after a predetermined period of non-operation of a powered on portable electronic device.
  - 13. The method according to claim 12 wherein the step of locking is performed only after an additional user defined time period after the period of non-operation.
  - 14. The method according to claim 2 further comprising locking the portable electronic device and requiring entry of the valid password after powering off the portable electronic device.
  - 15. The method according to claim 2 further comprising disabling data transfer means of the portable electronic device until the valid password is entered.
  - 16. The method according to claim 2 further comprising protecting the valid password.
  - 17. The method according to claim 16 wherein protecting the valid password is provided using an MD5 hash.
  - 18. The method according to claim 2 wherein the step of requiring entry of a password is performed to restrict access to selected applications within the portable electronic device.
  - 19. The method according to claim 2 further comprising displaying a lockout screen having the appearance of a normal start-up screen of the portable electronic device and having a password entry portion.
  - 20. The method according to claim 1 wherein the portable electronic device is a personal digital assistant.

21. A method of protecting data within a portable electronic device to prevent access the data when in a locked mode, comprising:
- a user accessing a graphical user interface (GUI) operating on the device to encrypt selected data whenever the device is operating in a locked mode;
  
  the user accessing the GUI to select a predetermined number of attempts that are permitted for a valid password entry;
  
  determining whether a received password is valid upon detecting an attempt to exit the locked mode;
  
  determining whether a number of attempts to enter the password exceeds the selected predetermined number of attempts for a valid password entry; and
  
  erasing all applications and data stored on the device if the number of attempts exceed the predetermined number of attempts for a valid password entry.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method according to claim 21 further comprising disabling data transfer means of the portable electronic device in the locked mode.
  - 23. The method according to claim 21 further comprising requiring entry of the valid password upon powering on the portable electronic device after a previous powering off.
  - 24. The method according to claim 21 wherein after an automatic powering off of the portable electronic device based upon non-use, the portable electronic device is not locked until a predetermined time period has expired.
  - 25. The method according to claim 23 further comprising decrypting only a portion of the encrypted selected data accessed after entry of a valid password.

26. A portable electronic device comprising:
- a graphical user interface (GUI) to enable a user select a predetermined number of attempts that are permitted for a valid password entry;
  
  a data storage component for storing data; and
  
  a processor programmed to erase all applications and data stored on the data storage component after a predetermined number of non-valid passwords are entered that fail to match a valid password.
- View Dependent Claims (27, 28, 29, 30, 31, 32)
- - 27. The portable electronic device according to claim 26 wherein the processor is further programmed to encrypt selected stored data.
  - 28. The portable electronic device according to claim 27 wherein the processor is further programmed to decrypt only a portion of the selected stored data being access after entry of the valid password.
  - 29. The portable electronic device according to claim 26 further comprising a display and wherein the processor is programmed to provide a password entry portion on the display for entering a password.
  - 30. The portable electronic device according to claim 26 further comprising data transfer means and wherein the processor is programmed to disable the data transfer means until the valid password is entered.
  - 31. The portable electronic device according to claim 26 further comprising a plurality of buttons for accessing the stored data and wherein the plurality of buttons are adapted to provide for entry of a password.
  - 32. The portable electronic device according to claim 26 wherein the data storage component comprises a RAM portion and a ROM portion and the processor is programmed to erase all stored data in the RAM after a predetermined number of non-valid passwords are entered that fail to match a valid password.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Good Technology Incorporated (Blackberry Limited)
Inventors
Muratov, Alexander Victorovitch, Foley, Ronald Eugene
Primary Examiner(s)
Arani; Taghi T.

Application Number

US09/988,402
Publication Number

US 20030097596A1
Time in Patent Office

1,870 Days
Field of Search

713/182, 713/183, 713/193, 713/194, 726/26, 380/277, 380/281, 715/700
US Class Current

713/182
CPC Class Codes

G06F 21/31   User authentication

G06F 21/575   Secure boot

G06F 21/62   Protecting access to data v...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2137   Time limited access, e.g. t...

G06F 2221/2143   Clearing memory, e.g. to pr...

Method and system for protecting data within portable electronic devices

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

223 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for protecting data within portable electronic devices

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

223 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links