System and method for protecting data in wireless devices

US 8,515,390 B2
Filed: 10/05/2007
Issued: 08/20/2013
Est. Priority Date: 10/05/2007
Status: Active Grant

First Claim

Patent Images

1. A method of protecting data on a network-based wireless device comprising the steps of:

(a) providing a security manager with an identification of the wireless device;

(b) determining at the security manager whether the wireless device contains data that is to be protected;

(c) sending from the security manager to the wireless device a command to secure the data that is to be protected;

(d) securing at the wireless device the data that is to be protected;

(e) receiving an acknowledgment at the security manager that the data has been secured; and

(f) sending from the security manager a message for refusing network access to the wireless device,wherein steps (c), (d) and (e) are skipped if it is determined in step (b) that the wireless device does not contain data that is to be protected.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

When a network-based wireless device such as a mobile phone or data terminal is reported lost or stolen or is determined to be malfunctioning, a service provider can immediately deny the device access to the network. However, any management operation to secure data carried by the wireless device cannot be carried out as the device is no longer reachable from the network. Therefore, the data should be secured before the device is rendered inoperable. Apparatus and methods are provided to back-up the data or wipe the data before the system denies access to the device. A system and method are provided by which a security manager works in conjunction with an equipment register of the network to lock and wipe data on the wireless device before the device is denied access to the network. Similarly, for a wireless device that is later recovered or determined to be operable, the device can be granted access to the network again and any data that was locked or wiped can be unlocked or restored over the network.

16 Citations

View as Search Results

20 Claims

1. A method of protecting data on a network-based wireless device comprising the steps of:
- (a) providing a security manager with an identification of the wireless device;
  
  (b) determining at the security manager whether the wireless device contains data that is to be protected;
  
  (c) sending from the security manager to the wireless device a command to secure the data that is to be protected;
  
  (d) securing at the wireless device the data that is to be protected;
  
  (e) receiving an acknowledgment at the security manager that the data has been secured; and
  
  (f) sending from the security manager a message for refusing network access to the wireless device,wherein steps (c), (d) and (e) are skipped if it is determined in step (b) that the wireless device does not contain data that is to be protected.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein the identification of the wireless device includes a device identity of the wireless device.
  - 3. The method of claim 2, wherein determining whether the wireless device contains data that is to be protected includes using the device identity to check a database containing device identities of wireless devices having data to be protected.
  - 4. The method of claim 1 comprising:
    - storing data that is to be protected before it is secured, wherein the data is stored in a data repository remote from the wireless device.
  - 5. The method of claim 1, wherein securing the data that is to be protected includes at least one of locking the data and wiping the data.
  - 6. The method of claim 1, wherein refusing network access to the wireless device includes placing the wireless device on a black list in an Equipment Identity Register (EIR).
  - 7. The method of claim 6, wherein the security manager and the EIR are physically combined and reside on a common host.
  - 8. The method of claim 7, wherein the security manager communicates with the EIR by sending requests using messages or procedure calls.
  - 9. The method of claim 1, wherein the wireless device has been reported as lost or stolen.
  - 10. The method of claim 1, wherein the security manager determines if the wireless device contains data to be protected by maintaining an inventory of data stored on each wireless device.
  - 11. The method of claim 1, wherein the security manager and the EIR reside on different hosts.
  - 12. The method of claim 11, wherein the security manager communicates with the EIR by sending requests over a network connection.
  - 13. The method of claim 1, wherein the security manager communicates with the wireless device via a Small Messaging Service (SMS).
  - 14. The method of claim 1 comprising the steps of:
    - determining whether data is to be restored to the wireless device;
      
      permitting network access to the wireless device;
      
      restoring data to the wireless device; and
      
      receiving an acknowledgment at the security manager that the data has been restored.
  - 15. The method of claim 14, wherein determining whether data is to be restored to the wireless device includes checking a data repository to determine whether the data repository contains data to be restored to the wireless device.
  - 16. The method of claim 14 comprising:
    - storing in a data repository remote from the wireless device the data that is to be restored to the wireless device.
  - 17. The method of claim 14, wherein restoring data to the wireless device includes sending one or more commands from the security manager to the wireless device via the network.
  - 18. The method of claim 14, wherein permitting network access to the wireless device includes placing the wireless device on a white list in an Equipment Identity Register (EIR).
  - 19. The method of claim 14, wherein the wireless device has been reported as recovered.
  - 20. The method of claim 1, wherein a network identity associated with the wireless device is changed before step (c) is carried out.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent USA, Inc. (Nokia Corporation)
Original Assignee
Mformation Software Technologies Incorporated (Nokia Corporation)
Inventors
Nath, Badri, Kushwaha, Rakesh, Grealish, Colin
Primary Examiner(s)
MILLER, BRANDON J

Application Number

US11/868,345
Publication Number

US 20090093235A1
Time in Patent Office

2,146 Days
Field of Search

455410-411, 455418-420, 455/435.1, 4554141-4142
US Class Current

455/411
CPC Class Codes

G06F 21/88   Detecting or preventing the...

H04W 12/082   using revocation of authori...

H04W 12/126   Anti-theft arrangements, e....

H04W 88/02   Terminal devices

System and method for protecting data in wireless devices

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for protecting data in wireless devices

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links