System and method for securely managing data stored on mobile devices, such as enterprise mobility data

US 8,126,506 B2
Filed: 02/14/2008
Issued: 02/28/2012
Est. Priority Date: 02/14/2007
Status: Active Grant

First Claim

Patent Images

1. A method for providing user access to data stored within a mobile device under enterprise mobility management, the method comprising:

receiving a request from a user to access data stored under enterprise mobility management parameters,wherein the enterprise mobility management parameters include information that helps identify the desired security level for a particular type of data;

reviewing an access policy to determine one or more security measures to implement,wherein the access policy is selected from multiple access policies and wherein the access policy relates characteristics associated with the mobile device to security measures established by an employer of multiple employees who each use a mobile device managed under the enterprise mobility management parameters;

implementing a determined security measure based on the review of the access policy; and

determining that the implemented security measure has been satisfied; and

providing the user access to the data stored under the enterprise mobility management parameters.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for managing data stored on mobile devices is described. In some cases, the system stores data, such as data under enterprise mobility management, within a secured memory location of a SIM card. In some cases, the system may request validation credentials before providing access to data stored in secure locations. In some cases, the system may review an access policy and request validation based on instructions from the access policy.

Citations

21 Claims

1. A method for providing user access to data stored within a mobile device under enterprise mobility management, the method comprising:
- receiving a request from a user to access data stored under enterprise mobility management parameters,wherein the enterprise mobility management parameters include information that helps identify the desired security level for a particular type of data;
  
  reviewing an access policy to determine one or more security measures to implement,wherein the access policy is selected from multiple access policies and wherein the access policy relates characteristics associated with the mobile device to security measures established by an employer of multiple employees who each use a mobile device managed under the enterprise mobility management parameters;
  
  implementing a determined security measure based on the review of the access policy; and
  
  determining that the implemented security measure has been satisfied; and
  
  providing the user access to the data stored under the enterprise mobility management parameters.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein reviewing an access policy includes reviewing information identifying a location of the mobile device.
  - 3. The method of claim 1, wherein reviewing an access policy includes reviewing information identifying previous or current usage of the mobile device.
  - 4. The method of claim 1, wherein reviewing an access policy includes reviewing a time the request was received.
  - 5. The method of claim 1, wherein the implemented security measure includes performing an action without requesting input from the user.
  - 6. The method of claim 1, wherein the implemented security measure includes performing an action in order to request input from the user and determining that the implemented security measure has been satisfied based on the requested input.
  - 7. The method of claim 1, wherein the implemented security measure includes querying a server in communication with the mobile device over a network to determine a security status of the mobile device.
  - 8. The method of claim 1, wherein the implemented security measure includes requesting validation credentials from the user.
  - 9. The method of claim 1, wherein providing the user access to the data stored under the enterprise mobility management parameters includes presenting the requested data to the user via a user interface of the mobile device.
  - 10. The method of claim 1, wherein the implemented security measure includes automatically remapping data to a secure storage location.

11. A computer-readable medium whose contents cause a mobile device to perform a method of determining whether a user is authorized to access contents stored within the mobile device, the method comprising:
- receiving a request from a user to access content stored within the mobile device;
  
  determining that the requested content is stored within a secure memory component contained by a subscriber identity module within the mobile device;
  
  performing an action to determine whether the user is an authorized user;
  
  denying access to the requested content when the performed action determines that the user is not an authorized user; and
  
  removing the requested content from the mobile device in response to the determination that the user is not an authorized user.
- View Dependent Claims (12, 13)
- - 12. The computer-readable medium of claim 11, wherein determining that the user is not an authorized user includes receiving incorrect identification credentials from the user.
  - 13. The computer-readable medium of claim 11, wherein determining that the user is not an authorized user includes receiving information identifying the mobile device as lost or stolen.

14. A system for providing user access to data stored within a mobile device under enterprise mobility management, the system comprising:
- means for receiving a request from a user to access data stored under enterprise mobility management parameters,wherein the enterprise mobility management parameters include information that helps identify the desired security level for a particular type of data;
  
  means for reviewing an access policy to determine one or more security measures to implement,wherein the access policy is selected from multiple access policies and wherein the access policy relates characteristics associated with the mobile device to security measures established by an employer of multiple employees who each use a mobile device managed under the enterprise mobility management parameters;
  
  means for implementing a determined security measure based on the review of the access policy; and
  
  means for determining that the implemented security measure has been satisfied; and
  
  means for providing the user access to the data stored under the enterprise mobility management parameters.
- View Dependent Claims (15, 16, 17)
- - 15. The system of claim 14, wherein the means for reviewing an access policy includes reviewing information identifying a location of the mobile device.
  - 16. The system of claim 14, wherein the means for reviewing an access policy includes reviewing information identifying previous or current usage of the mobile device.
  - 17. The system of claim 14, wherein the means for reviewing an access policy includes reviewing a time the request was received.

18. A system for determining whether a user is authorized to access contents stored within a mobile device, the system comprising:
- means for receiving a request from a user to access content stored within the mobile device;
  
  means for determining that the requested content is stored within a secure memory component contained by a subscriber identity module within the mobile device;
  
  means for performing an action to determine whether the user is an authorized user;
  
  means for denying access to the requested content when the performed action determines that the user is not an authorized user; and
  
  means for removing the requested content from the mobile device in response to the determination that the user is not an authorized user.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, further comprising:
    - means for removing the requested content from the mobile device in response to the determination that the user is not an authorized user.
  - 20. The system of claim 18, wherein the means for performing includes receiving incorrect identification credentials from the user.
  - 21. The system of claim 18, wherein the means for determining that the user is not an authorized user includes receiving information identifying the mobile device as lost or stolen.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Nuance Communications, Inc. (Microsoft Corporation)
Inventors
Roundtree, Brian
Primary Examiner(s)
Nguyen, Lee

Application Number

US12/031,680
Publication Number

US 20080194296A1
Time in Patent Office

1,475 Days
Field of Search

455410-412, 455/558
US Class Current

455/558
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/78   to assure secure storage of...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2111   Location-sensitive, e.g. ge...

H04L 63/105   Multiple levels of security

H04W 12/08   Access security

H04W 12/37   Managing security policies ...

H04W 12/67   Risk-dependent, e.g. select...

H04W 88/02   Terminal devices

System and method for securely managing data stored on mobile devices, such as enterprise mobility data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for securely managing data stored on mobile devices, such as enterprise mobility data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links