Providing access levels to services based on mobile device security state
First Claim
Patent Images
1. A method comprising:
- on a mobile communications device, receiving a request for access to the mobile communications device from a service provider;
at the mobile communications device, assessing by a mobile communication device security component a current security state of the mobile communications device based upon processing of security event data generated by the mobile communications device to determine severity levels for the security events and using this determination as part of assessing the current security state of the mobile communication device ; and
at the mobile communication device security component, granting the requesting service provider access to the mobile communications device at an access level determined by the mobile communications device security component depending upon the current security state assessment of the mobile communications device.
9 Assignments
0 Petitions
Accused Products
Abstract
A mobile device'"'"'s level of access to services provided by a service provider is based on a current security state assessment of the mobile device. Mobile devices are granted different access levels to services based on the security state of the device. A security component can assess the current security state of the mobile device by processing security data generated by the mobile device. In a specific embodiment, the security component is at the mobile device. In another specific embodiment, the security component is at a server.
-
Citations
9 Claims
-
1. A method comprising:
-
on a mobile communications device, receiving a request for access to the mobile communications device from a service provider; at the mobile communications device, assessing by a mobile communication device security component a current security state of the mobile communications device based upon processing of security event data generated by the mobile communications device to determine severity levels for the security events and using this determination as part of assessing the current security state of the mobile communication device ; and at the mobile communication device security component, granting the requesting service provider access to the mobile communications device at an access level determined by the mobile communications device security component depending upon the current security state assessment of the mobile communications device.
-
-
2. A method comprising:
-
providing a server security component in communication with a mobile communications device and with a service provider; at the server security component, receiving a request for access to the service provider from the mobile communications device; at the server security component, in response to the request for access, assessing the current security state of the mobile communications device by (i) processing security data generated by at least one application running on the mobile communications device; (ii) at the server security component, providing access to a database containing mobile communications device security event information; and
at the server security component, comparing the security data generated by at least one application running on the mobile communications device received by the server security component and stored in the database against mobile communications device security event data stored in the database to assess a current security state of the mobile communications device and(iii) at the server security component, processing the mobile communications device data received by the server security component to assess a severity of security events on the mobile communications device to determine severity levels for the security events, and using this data as part of the current security state assessment determining whether to grant access to the service provider and at what level depending upon the current security state assessment of the mobile communications device.
-
-
3. A method comprising:
-
providing a server security component in communication with a mobile communications device and a service provider; at the server security component, receiving a request from the service provider for the current security state assessment of the mobile communications device; at the server security component, assessing the current security state of the mobile communications device by (i) processing security data generated by the mobile communications device; and (ii) at the server security component, providing access to a database containing mobile communications device security event information; and
at the server security component, comparing the security data generated by at least one application running on the mobile communications device received by the server security component and stored in the database against mobile communications device security event data stored in the database to assess a current security state of the mobile communications device and(iii) at the server security component, processing the mobile communications device data received by the server security component to assess a severity of security events on the mobile communications device to determine severity levels for the security events, and using this data as part of the current security state assessment providing the security state assessment of the mobile communications device to the service provider. - View Dependent Claims (4)
-
-
5. A method comprising:
-
at a server in communication with a mobile communication device and with a service provider, receiving a request from the mobile communications device for access to the service provider; in response to the request for access to the service provider, requesting by a server security component current security state assessment data concerning the mobile communications device requesting access to the service provider; if the server security component determines that the mobile communications device security state assessment data is not current, assessing the current security state of the mobile communications device by the server security component obtaining from the mobile communications device event security data generated by the mobile communications device to determine severity levels for the security events and using this determination as part of assessing the current security state of the mobile communication device ; and
,at the server security component, granting access to the requested service provider by the mobile communications device at an access level depending upon the current security state assessment of the mobile communications device.
-
-
6. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security event data generated by at least one application running on the mobile communications device; at the server security component, processing the received event security data to determine severity levels for the security events and using this determination to assess a current security state of the mobile communications device; at the service security component, receiving a request from the mobile communications device to access a service provider; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the service provider and at what level depending upon the current security state assessment for the mobile communications device.
-
-
7. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security event data generated by at least one application running on the mobile communications device; at the server security component, processing the received security event data to determine severity levels for the security events and using this determination to assess a current security state of the mobile communications device; at the server security component, receiving a request from a service provider to access the mobile communications device; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the mobile communications device and at what level depending upon the current security state assessment for the mobile communications device.
-
-
8. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security event data generated by at least one application running on the mobile communications device; at the server security component, processing the received security data to determine severity levels for the security events and using this determination to assess a current security state of the mobile communications device; at the service security component, receiving a request from the mobile communications device to access a service provider; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the service provider and at what level depending upon the current security state assessment for the mobile communications device.
-
-
9. A method comprising:
-
at a server security component in communication with a mobile communications device, receiving security event data generated by at least one application running on the mobile communications device; at the server security component, processing the received security event data to determine severity levels for the security events and using this determination to assess a current security state of the mobile communications device; at the server security component, receiving a request from a service provider to access the mobile communications device; and
,in response to request for access, at the server security component, determining whether to grant the requested access to the mobile communications device and at what level depending upon the current security state assessment for the mobile communications device.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeLookout Incorporated
-
Original AssigneeLookout Incorporated
-
InventorsMahaffey, Kevin Patrick, Hering, John G., Burgess, James David
-
Primary Examiner(s)CHEN, SHIN HON
-
Application NumberUS13/314,032Publication NumberTime in Patent Office419 DaysField of SearchNoneUS Class Current726/3CPC Class CodesG06F 21/30 Authentication, i.e. establ...G06F 21/31 User authenticationG06F 21/577 Assessing vulnerabilities a...G06F 2221/2129 Authenticate client device ...H04L 2463/102 applying security measure f...H04L 63/10 for controlling access to d...H04L 63/102 Entity profilesH04L 63/1416 Event detection, e.g. attac...H04W 12/08 Access security
