Method and system for managing delayed user authentication
First Claim
1. A method for unlocking a mobile electronic device, the method comprising:
- initiating start-up of the device which triggers launch of a virtual machine on a client operating system on the device;
after the initiation of start-up of the device and before completion of the launch of the virtual machine;
passing a user authentication input from a host-side of the device to the client operating system with a validation request;
the client operating system authenticating the user authentication input, notifying the host-side of a successful authentication and sending, to the virtual machine, a notification of a validated unlock request received from a host security module, the notification including the user authentication input;
notifying the virtual machine of a request to unlock a client-side of the device; and
the host-side unlocking access to at least one host application running on the host-side to enable access to the at least one host application;
following completion of launch of the virtual machine, the method includes the virtual machine;
recognizing the request to unlock the client-side of the device; and
responsive to the recognizing, launching a client security module to unlock the client-side.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and methods for coordinating the operation of a client security module and a host security module on a mobile electronic device. The modules communicate with each other through a platform abstraction layer using application programming interfaces to coordinate their activities. In particular, on start-up of the device, the host security module obtains user authorization input from a user and passes the input to a client operating system for validation. Once validated, the host security module unlocks the host-side of the device. At the same time, the client operating system sends a notice or request to the client-side virtual machine requesting that the client-side be unlocked. Once the virtual machine is initialized and available it launches the client security module and unlocks the client-side. During the delay while the virtual machine loads, the user is given access only to the host applications.
64 Citations
24 Claims
-
1. A method for unlocking a mobile electronic device, the method comprising:
-
initiating start-up of the device which triggers launch of a virtual machine on a client operating system on the device; after the initiation of start-up of the device and before completion of the launch of the virtual machine; passing a user authentication input from a host-side of the device to the client operating system with a validation request; the client operating system authenticating the user authentication input, notifying the host-side of a successful authentication and sending, to the virtual machine, a notification of a validated unlock request received from a host security module, the notification including the user authentication input; notifying the virtual machine of a request to unlock a client-side of the device; and the host-side unlocking access to at least one host application running on the host-side to enable access to the at least one host application; following completion of launch of the virtual machine, the method includes the virtual machine; recognizing the request to unlock the client-side of the device; and responsive to the recognizing, launching a client security module to unlock the client-side. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile electronic device comprising:
-
memory storing protected client data; a processor adapted to; initiate start-up of the mobile electronic device, thereby triggering launch of a virtual machine on a client operating system on the device; after the initiation of start-up of the device and before completion of the launch of the virtual machine, the processor adapted to; pass a user authentication input from a host-side of the device to the client operating system with a validation request; at the client operating system; authenticate the user authentication input; and notify the host-side of a successful authentication; and send, to the virtual machine, a notification of a validated unlock request received from a host security module, the notification including the user authentication input; notify the virtual machine of a request to unlock a client-side of the device; and at the host-side, unlock access to at least one host application running on the host-side to enable access to the at least one host application; following completion of launch of the virtual machine, the processor executing the virtual machine to; recognize the request to unlock the client-side of the device; and launch a client security module to unlock the client-side. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable medium containing computer-executable instructions that, when performed by processor in a mobile electronic device having a memory storing protected client data, cause said processor to:
-
initiate start-up of the mobile electronic device, thereby triggering launch of a virtual machine on a client operating system on the device; after the initiation of start-up of the device and before completion of the launch of the virtual machine, the instructions causing said processor to; pass a user authentication input from a host-side of the device to the client operating system with a validation request; at the client operating system; authenticate the user authentication input; and notify the host-side of a successful authentication; and send, to the virtual machine, a notification of a validated unlock request received from a host security module, the notification including the user authentication input; notify the virtual machine of a request to unlock a client-side of the device; and at the host-side, unlock access to at least one host application running on the host-side to enable access to the at least one host application; following completion of launch of the virtual machine, the instructions causing said processor to execute the virtual machine to; recognize the request to unlock the client-side of the device; and launch a client security module to unlock the client-side. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification