Method and system for managing delayed user authentication
First Claim
1. A method for unlocking a mobile electronic device, the method comprising:
- initiating start-up of the device which triggers launch of a virtual machine on a client operating system on the device;
after the initiation of start-up of the device and before completion of the launch of the virtual machine;
passing a user authentication input from a host-side of the device to the client operating system with a validation request;
the client operating system authenticating the user authentication input and notifying the host-side of a successful authentication;
a host security module of the host-side notifying the virtual machine of a validated unlock request; and
the host-side unlocking access to at least one host application running on the host-side to enable access to the at least one host application;
launching the virtual machine and unlocking a client-side of the device in response to the validated unlock request.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and methods for coordinating the operation of a client security module and a host security module on a mobile electronic device. The modules communicate with each other through a platform abstraction layer using application programming interfaces to coordinate their activities. In particular, on start-up of the device, the host security module obtains user authorization input from a user and passes the input to a client operating system for validation. Once validated, the host security module unlocks the host-side of the device. At the same time, the client operating system sends a notice or request to the client-side virtual machine requesting that the client-side be unlocked. Once the virtual machine is initialized and available it launches the client security module and unlocks the client-side. During the delay while the virtual machine loads, the user is given access only to the host applications.
70 Citations
15 Claims
-
1. A method for unlocking a mobile electronic device, the method comprising:
-
initiating start-up of the device which triggers launch of a virtual machine on a client operating system on the device; after the initiation of start-up of the device and before completion of the launch of the virtual machine; passing a user authentication input from a host-side of the device to the client operating system with a validation request; the client operating system authenticating the user authentication input and notifying the host-side of a successful authentication; a host security module of the host-side notifying the virtual machine of a validated unlock request; and the host-side unlocking access to at least one host application running on the host-side to enable access to the at least one host application; launching the virtual machine and unlocking a client-side of the device in response to the validated unlock request. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A mobile electronic device comprising:
-
memory storing protected client data; a processor adapted to; initiate start-up of the mobile electronic device, thereby triggering launch of a virtual machine on a client operating system on the device; after the initiation of start-up of the device and before completion of the launch of the virtual machine, the processor adapted to; pass a user authentication input from a host-side of the device to the client operating system with a validation request; at the client operating system; authenticate the user authentication input; and notify the host-side of a successful authentication; and at a host security module of the host-side, notify the virtual machine of a validated unlock request; and at the host-side, unlock access to at least one host application running on the host-side to enable access to the at least one host application; launch the virtual machine and unlock a client-side of the device in response to the validated unlock request. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A non-transitory computer readable medium containing computer-executable instructions that, when performed by processor in a mobile electronic device having a memory storing protected client data, cause said processor to:
-
initiate start-up of the mobile electronic device, thereby triggering launch of a virtual machine on a client operating system on the device; after the initiation of start-up of the device and before completion of the launch of the virtual machine, the instructions causing said processor to; pass a user authentication input from a host-side of the device to the client operating system with a validation request; at the client operating system; authenticate the user authentication input; and notify the host-side of a successful authentication; and at a host security module of the host-side, notify the virtual machine of a validated unlock request; and at the host-side, unlock access to at least one host application running on the host-side to enable access to the at least one host application; launch the virtual machine and unlock a client-side of the device in response to the validated unlock request. - View Dependent Claims (12, 13, 14, 15)
-
Specification