System and method for managing and securing mobile devices

US 8,510,819 B2
Filed: 05/20/2011
Issued: 08/13/2013
Est. Priority Date: 05/21/2010
Status: Active Grant

First Claim

Patent Images

1. A method for securing a mobile device comprising:

generating a time-sensitive server identity token (TSIT) at a server, the TSIT having an associated time stamp;

sending the TSIT to the mobile device;

generating a collection of time-based keys at the mobile device, each key representing a specific time within a period of time before the TSIT was received from the server;

verifying that the TSIT was provided by the server if the TSIT matches one of the collection of time-based keysproviding authentication information from the mobile device to the server in response to verification of the TSIT at the mobile device;

establishing a secure communications session between the mobile device and the server after authenticating the server to the mobile device; and

subsequentlyproviding status information from the mobile device to the server;

providing a list of at least one security action from the server to the mobile device; and

processing the list of at least one security action at the mobile device such that each of the at least one security action is provided to one of a local queue for storage and a client software of the mobile device for execution.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for securing at least one mobile device. A server includes a controller and a non-transitory computer readable medium storing instructions executable by the controller. The executable instructions are configured to perform a method in which a secure communications session is established with a user and the user is allowed to input a list of a plurality of security actions to be performed at a mobile device associated with the user. A secure communications session is established with the mobile device, and the list of the plurality of security actions is provided to the mobile device simultaneously as a single instruction set.

21 Citations

View as Search Results

20 Claims

1. A method for securing a mobile device comprising:
- generating a time-sensitive server identity token (TSIT) at a server, the TSIT having an associated time stamp;
  
  sending the TSIT to the mobile device;
  
  generating a collection of time-based keys at the mobile device, each key representing a specific time within a period of time before the TSIT was received from the server;
  
  verifying that the TSIT was provided by the server if the TSIT matches one of the collection of time-based keysproviding authentication information from the mobile device to the server in response to verification of the TSIT at the mobile device;
  
  establishing a secure communications session between the mobile device and the server after authenticating the server to the mobile device; and
  
  subsequentlyproviding status information from the mobile device to the server;
  
  providing a list of at least one security action from the server to the mobile device; and
  
  processing the list of at least one security action at the mobile device such that each of the at least one security action is provided to one of a local queue for storage and a client software of the mobile device for execution.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, the status information comprising a trigger update representing a local queue of active triggers at the mobile device.
  - 3. The method of claim 1 further comprising updating a queue of security actions at the server in response to the status information provided from the mobile device to the server.

4. A system for securing at least one mobile device comprising:
- a server comprising a controller and a non-transitory computer readable medium storing instructions executable by the controller, the executable instructions configured to perform a method comprising;
  
  establishing a secure communications session with a user;
  
  allowing the user to input a list of a plurality of security actions to be performed at a mobile device of the at least one mobile device associated with the user;
  
  updating a list of security actions associated with the mobile device, comprising a plurality of security actions having associated conditions, according to the user input;
  
  establishing a secure communications session with the mobile device after authenticating the server to the mobile device by verifying, at the mobile device, a time-sensitive server identity token (TSIT) provide by the server; and
  
  subsequentlyproviding the list of the plurality of security actions to the mobile device simultaneously as a single instruction set; and
  
  updating the list of security actions according to a list of logged events and executed security actions since a last secure communications session with the mobile device.
- View Dependent Claims (5, 6, 7, 8, 9)
- - 5. The system of claim 4, wherein allowing the user to input the list of at least one security action to be performed at the mobile device associated with the user comprises allowing the user to input a trigger associated with one of the at least one security action, such that the security action is performed when the condition associated with the trigger is met.
  - 6. The system of claim 4, wherein establishing the secure communications session with the user comprises:
    - generating a time-sensitive server identity token (TSIT) comprising an indication as to the time at which the TSIT was generated; and
      
      sending the TSIT to the mobile device.
  - 7. The system of claim 6, wherein generating the TSIT comprises:
    - randomly generating a client specific secret;
      
      generating a time-based key;
      
      forming a message from the client specific secret and the time-based key; and
      
      hashing the message to form the TSIT.
  - 8. The system of claim 6, wherein generating the TSIT comprises executing a secure hash algorithm with appropriate variables.
  - 9. The system of claim 4 further comprising a mobile device comprising a controller and a non-transitory computer readable medium storing instructions executable by the controller, the executable instructions configured to perform a method comprising:
    - providing authentication information to the server;
      
      providing status information to the server;
      
      retrieving the list of at least one security action from the server; and
      
      executing the list of at least one security action.

10. A system for securing at least one mobile device comprising:
- a mobile device comprising a controller and a non-transitory computer readable medium storing instructions executable by the controller, the executable instructions configured to perform a method comprising;
  
  providing authentication information from the mobile device to an associated sever in response to authenticating, at the mobile device, a time-sensitive server identity token (TSIT) provide by the sever; and
  
  subsequentlyproviding status information to the server, the status information comprising a trigger update representing a local queue of active triggers and a log of jobs executed and triggers whose conditions have been met since a last provision of status information to the server;
  
  retrieving an update from the server representing a difference between the local queue and a job queue at the server; and
  
  modifying the local queue according to the received update.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 11. The system of claim 10, wherein providing authentication information to an associated server comprises:
    - determining that client data at the mobile device is incomplete;
      
      utilizing a persistent Application Programming Interface (API) key to authenticate the mobile device at the server; and
      
      synchronizing the client data at the mobile device with stored client data at the server.
  - 12. The system of claim 10, wherein the update from the server comprises a job, and the method further comprises executing the job when it is received at the mobile device.
  - 13. The system of claim 10, wherein one of the active triggers comprises a condition of multiple failed authentication attempts by a user of the mobile device.
  - 14. The system of claim 10, wherein one of the active triggers comprises a condition of the passage of a predetermined period of time since a last communication with the server.
  - 15. The system of claim 10, wherein one of the active triggers comprises a condition that the mobile device is outside of a predefined area.
  - 16. The system of claim 10, the method further comprising:
    - receiving a time-sensitive server identity token (TSIT) from the server; and
      
      verifying that the TSIT was provided by the server;
      
      wherein providing authentication information to the associated server comprises providing authentication Information to the associated server only once the TSIT is verified to have been provided by the server.
  - 17. The system of claim 10, wherein providing status information to the server comprises providing at least one of a battery status, device settings, installed applications, changes to the memory of the device, and performance information of the mobile device to the server.
  - 18. The system of claim 10 further comprising a server comprising a controller and a non-transitory computer readable medium storing instructions executable by the controller, the executable instructions configured to perform a method comprising:
    - establishing a secure communications session with a user;
      
      allowing a user to input at least one security action to be performed at the mobile device to provide the list of security actions;
      
      establishing a secure communications session with the mobile device; and
      
      providing the update to the mobile device, the update comprising the at least one security action.
  - 19. The system of claim 10, wherein the local queue of active triggers comprises detection that the mobile device is in a location outside of a predetermined region.

20. A system for securing at least one mobile device comprising:
- a mobile device comprising a controller and a non-transitory computer readable medium storing instructions executable by the controller, the executable instructions configured to perform a method comprising;
  
  receiving a time-sensitive server identity token (TSIT) from the server;
  
  generating a collection of time-based keys, each key representing a specific time within a period of time before the TSIT was received from the server;
  
  verifying that the TSIT was provided by the server if the TSIT matches one of the collection of time-based keys;
  
  providing authentication information to an associated server once the TSIT is verified to have been provided by the server and a secure communications session is established between the mobile device and the sever; and
  
  subsequentlyproviding status information to the server, the status information comprising a trigger update representing a local queue of active triggers;
  
  retrieving an update from the server representing a difference between the local queue and a job queue at the server; and
  
  modifying the local queue according to the received update.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Assurant Incorporated
Original Assignee
Neevo, LLC
Inventors
Saunders, Stuart James, Adair, Kenneth Alan
Primary Examiner(s)
Chai, Longbit

Application Number

US13/112,776
Publication Number

US 20110306320A1
Time in Patent Office

816 Days
Field of Search

726/6, 726/9
US Class Current

726/9
CPC Class Codes

H04L 2463/121 Timestamp cryptographic mec...

H04W 12/06 Authentication

System and method for managing and securing mobile devices

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System and method for managing and securing mobile devices

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others