Secure mobile platform system
First Claim
1. A system comprising:
- a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data generated by the mobile communications device;
the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component;
the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and
in response to a request from the mobile communications device for access to the service provider or to a request from a service provider to access to the mobile communications device, the server security component granting access to the requested service provider or to the requested mobile communications device at an access level depending on the current security state assessment of the mobile communications device.
8 Assignments
0 Petitions
Accused Products
Abstract
The present invention is directed toward a secure platform which enables mobile devices, such as a cell phones, smartphones, or PDAs, to have relationships with services or service providers that are controlled by the state of security on each device. In an embodiment, the platform is comprised of a server that receives data from security software on a mobile device regarding the device'"'"'s security state. The platform enables access to a service to be granted, denied, or limited based on the security state of the mobile device. The platform may provide two-way communications between a mobile device and a service so that the platform can enforce access security both from the client to the service and from the service to the client. Furthermore, the platform allows services or service providers to evaluate the security state of a device independently of using the platform to communicate with the device.
128 Citations
10 Claims
-
1. A system comprising:
-
a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data generated by the mobile communications device; the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component; the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and in response to a request from the mobile communications device for access to the service provider or to a request from a service provider to access to the mobile communications device, the server security component granting access to the requested service provider or to the requested mobile communications device at an access level depending on the current security state assessment of the mobile communications device. - View Dependent Claims (2, 3)
-
-
4. A method comprising:
-
at a server in communication with a mobile communications device and with a service provider, receiving a request from the service provider for access to the mobile communications device or from the mobile communications device for access to the service provider; receiving by the server security component from the mobile communications device security data generated by the mobile communication device; in response to the request for access to the mobile communications device or for access to the service provider, determining by the server security component the current security state assessment of the requesting or requested mobile communications device by processing the received mobile communication device security data; and at the server security component, granting access to the mobile communications device or access to the requested service provider at an access level depending upon the current security state assessment of the mobile communications device. - View Dependent Claims (5)
-
-
6. A non-transitory computer readable storage medium containing computer readable instructions comprising:
-
computer program code for, at a server in communication with a mobile communications device and with a service provider, receiving a request from the service provider for access to a the mobile communications device; computer program code for receiving by the server security component from the mobile communication device security data generated by the mobile communication device; computer program code for, in response to the request for access to the mobile communications device, on the server, assessing the current security state of the mobile communications device by processing the received mobile communications device security data; and computer program code for granting by the server to the service provider access to the requested mobile communications device at an access level depending upon the current security state assessment of the mobile communications device. - View Dependent Claims (7)
-
-
8. A system comprising:
-
a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data generated by the mobile communications device; the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component; the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and in response to a request from the mobile communications device for access to the service provider or to a request from a service provider to access to the mobile communications device, the server security component providing current security state assessment data to the requested service provider or to the requested mobile communications device for enforcement of an application-level security policy that determines whether access is to be granted and at what level.
-
-
9. A system comprising:
-
a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data generated by the mobile communications device; the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component; the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and in response to a request from the mobile communications device for access to the service provider, the server security component providing current security state assessment data to the requested service provider for enforcement of an application-level security policy that determines whether mobile communications device access is to be granted to the mobile communications device and at what level.
-
-
10. A system comprising:
-
a server having a security component for communicating with a mobile communications device and with a service provider, the server security component further accessing a database available to store security data generated by the mobile communications device; the server security component receiving from the mobile communications device security data generated by the mobile communications device and causing the received mobile communications device security data to be stored in the database accessible to the server security component; the server security component processing the received mobile communications device security data to assess a current security state of the mobile communications device; and in response to a request from a service provider for access to the mobile communications device, the server security component providing current security state assessment data to the requested service provider for enforcement of an application-level security policy that determines whether access is to be granted and at what level.
-
Specification