System and method to force a mobile device into a secure state
First Claim
1. A method of forcing a mobile device into a secure state, the method comprising:
- in response to a request received from a software application to obtain a content protection ticket, a hardware processor issuing the content protection ticket if the mobile device is unlocked, and deferring issuance of the content protection ticket if the mobile device is locked;
the hardware processor determining that the mobile device is to be placed into the secure state;
in response to determining that the mobile device is to be placed into the secure state, the hardware processor revoking all content protection tickets previously obtained by the software application and unreferencing sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and
in response to revoking all content protection tickets for the software application, the hardware processor deleting the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable.
4 Assignments
0 Petitions
Accused Products
Abstract
Embodiments relate to systems and methods for implementation on a mobile device to force the mobile device into a secure state upon detection or determination of a triggering event. Once it is determined that a triggering event has occurred, each application operating on the mobile device is caused to immediately unreference sensitive objects and a secure garbage collection operation is performed upon the unreferenced sensitive objects to render data associated therewith unreadable. The mobile device is then caused to enter a secure state, in which the mobile device cannot be accessed without authorization. A microprocessor within the mobile device is configured to determine the existence of the triggering event according to a configuration data structure and to perform the secure garbage collection.
56 Citations
27 Claims
-
1. A method of forcing a mobile device into a secure state, the method comprising:
-
in response to a request received from a software application to obtain a content protection ticket, a hardware processor issuing the content protection ticket if the mobile device is unlocked, and deferring issuance of the content protection ticket if the mobile device is locked; the hardware processor determining that the mobile device is to be placed into the secure state; in response to determining that the mobile device is to be placed into the secure state, the hardware processor revoking all content protection tickets previously obtained by the software application and unreferencing sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and in response to revoking all content protection tickets for the software application, the hardware processor deleting the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A mobile device comprising a hardware processor and memory, wherein the hardware processor is configured to:
-
in response to a request received from a software application to obtain a content protection ticket, issue the content protection ticket if the mobile device is unlocked, and defer issuance of the content protection ticket if the mobile device is locked; determine that the mobile device is to be placed into a secure state; in response to determining that the mobile device is to be placed into the secure state, revoke all content protection tickets previously obtained by the software application and unreference sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and in response to revoking all content protection tickets for the software application, delete the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer-readable medium for storing instructions, which when executed by a hardware processor of a mobile device, cause a method of forcing the mobile device into a secure state to be performed, the method comprising:
-
in response to a request received from a software application to obtain a content protection ticket, issuing the content protection ticket if the mobile device is unlocked, and deferring issuance of the content protection ticket if the mobile device is locked; determining that the mobile device is to be placed into the secure state; In response to determining that the mobile device is to be placed into the secure state, revoking all content protection tickets previously obtained by the software application and unreferencing sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and in response to revoking all content protection tickets for the software application, deleting the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable.
-
Specification