System and method to force a mobile device into a secure state

US 8,522,355 B2
Filed: 10/17/2011
Issued: 08/27/2013
Est. Priority Date: 03/20/2002
Status: Expired due to Term

First Claim

Patent Images

1. A method of forcing a mobile device into a secure state, the method comprising:

in response to a request received from a software application to obtain a content protection ticket, a hardware processor issuing the content protection ticket if the mobile device is unlocked, and deferring issuance of the content protection ticket if the mobile device is locked;

the hardware processor determining that the mobile device is to be placed into the secure state;

in response to determining that the mobile device is to be placed into the secure state, the hardware processor revoking all content protection tickets previously obtained by the software application and unreferencing sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and

in response to revoking all content protection tickets for the software application, the hardware processor deleting the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments relate to systems and methods for implementation on a mobile device to force the mobile device into a secure state upon detection or determination of a triggering event. Once it is determined that a triggering event has occurred, each application operating on the mobile device is caused to immediately unreference sensitive objects and a secure garbage collection operation is performed upon the unreferenced sensitive objects to render data associated therewith unreadable. The mobile device is then caused to enter a secure state, in which the mobile device cannot be accessed without authorization. A microprocessor within the mobile device is configured to determine the existence of the triggering event according to a configuration data structure and to perform the secure garbage collection.

56 Citations

View as Search Results

27 Claims

1. A method of forcing a mobile device into a secure state, the method comprising:
- in response to a request received from a software application to obtain a content protection ticket, a hardware processor issuing the content protection ticket if the mobile device is unlocked, and deferring issuance of the content protection ticket if the mobile device is locked;
  
  the hardware processor determining that the mobile device is to be placed into the secure state;
  
  in response to determining that the mobile device is to be placed into the secure state, the hardware processor revoking all content protection tickets previously obtained by the software application and unreferencing sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and
  
  in response to revoking all content protection tickets for the software application, the hardware processor deleting the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, further comprising the hardware processor receiving at least one request from at least one software application operating on the mobile device to obtain at least one content protection ticket.
  - 3. The method of claim 1, further comprising the hardware processor causing the mobile device to enter the secure state, wherein the mobile device cannot be accessed without authorization.
  - 4. The method of claim 1, wherein the mobile device is to be placed into the secure state in response to user selection of a menu option to place the mobile device into a secure state.
  - 5. The method of claim 1, wherein the mobile device is to be placed into the secure state in response to user activation or actuation of one or more user input components on the mobile device.
  - 6. The method of claim 1, wherein the mobile device is to be placed into the secure state in response to a determined security threat.
  - 7. The method of claim 6, wherein the security threat is determined when a predetermined number of unsuccessful authorization attempts is made.
  - 8. The method of claim 6, wherein the security threat is determined when an unauthorized attempt to access a function or data is made.
  - 9. The method of claim 1, wherein the wiping comprises calling a wipe function in relation to the sensitive objects.
  - 10. The method of claim 9, further comprising the hardware processor clearing a system clipboard of the mobile device.
  - 11. The method of claim 9, wherein the wipe function comprises a native wipe function that sets object data of the sensitive objects to one of ones, zeroes and random data.
  - 12. The method of claim 11, wherein the wipe function over-writes the object data multiple times by setting the object data to one of ones, zeroes and random data each time.
  - 13. The method of claim 1, wherein the deleting is performed upon all sensitive objects that were referenced by the software application.

14. A mobile device comprising a hardware processor and memory, wherein the hardware processor is configured to:
- in response to a request received from a software application to obtain a content protection ticket, issue the content protection ticket if the mobile device is unlocked, and defer issuance of the content protection ticket if the mobile device is locked;
  
  determine that the mobile device is to be placed into a secure state;
  
  in response to determining that the mobile device is to be placed into the secure state, revoke all content protection tickets previously obtained by the software application and unreference sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and
  
  in response to revoking all content protection tickets for the software application, delete the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
- - 15. The device of claim 14, wherein the hardware processor is further configured to receive at least one request from at least one software application operating on the mobile device to obtain at least one content protection ticket.
  - 16. The device of claim 14, wherein the hardware processor is further configured to cause the mobile device to enter the secure state, in which the mobile device cannot be accessed without authorization.
  - 17. The device of claim 14, wherein the mobile device is to be placed into the secure state in response to user selection of a menu option to place the mobile device into a secure state.
  - 18. The device of claim 14, wherein the mobile device is to be placed into the secure state in response to user activation or actuation of one or more user input components on the mobile device.
  - 19. The device of claim 14, wherein the mobile device is to be placed into the secure state in response to a determined security threat.
  - 20. The device of claim 19, wherein the security threat is determined when a predetermined number of unsuccessful authorization attempts is made.
  - 21. The device of claim 20, wherein the security threat is determined when an unauthorized attempt to access a function or data is made.
  - 22. The device of claim 14, wherein the wiping comprises calling a wipe function in relation to the sensitive objects.
  - 23. The device of claim 22, wherein the hardware processor is further configured to clear a system clipboard of the mobile device.
  - 24. The device of claim 14, wherein the wipe function comprises a native wipe function that sets object data of the sensitive objects to one of ones, zeroes and random data.
  - 25. The device of claim 24, wherein the wipe function over-writes the object data multiple times by setting the object data to one of ones, zeroes and random data each time.
  - 26. The device of claim 14, wherein the hardware processor is configured to delete the sensitive data for all sensitive objects that were referenced by the software application.

27. A non-transitory computer-readable medium for storing instructions, which when executed by a hardware processor of a mobile device, cause a method of forcing the mobile device into a secure state to be performed, the method comprising:
- in response to a request received from a software application to obtain a content protection ticket, issuing the content protection ticket if the mobile device is unlocked, and deferring issuance of the content protection ticket if the mobile device is locked;
  
  determining that the mobile device is to be placed into the secure state;
  
  In response to determining that the mobile device is to be placed into the secure state, revoking all content protection tickets previously obtained by the software application and unreferencing sensitive objects referenced by the software application, wherein revoking the content protection tickets prevents the software application from accessing sensitive data associated with the sensitive objects; and
  
  in response to revoking all content protection tickets for the software application, deleting the sensitive data associated with the sensitive objects by wiping the sensitive data associated with the sensitive objects from memory to render the sensitive data unreadable.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cloud Software Group Switzerland GmbH
Original Assignee
Blackberry Limited
Inventors
Little, Herbert Anthony, Adams, Neil Patrick, Brown, Michael Kenneth, Brown, Michael Stephen
Primary Examiner(s)
Dada, Beemnet
Assistant Examiner(s)
BEHESHTI SHIRAZI, SAYED ARESH

Application Number

US13/274,964
Publication Number

US 20120036582A1
Time in Patent Office

680 Days
Field of Search

707781-786, 726/26, 710/5, 710/45, 710/52, 710/240, 711/133, 711/144, 711/141, 711/150, 711/168, 714/791
US Class Current

726/26
CPC Class Codes

G06F 12/0253   Garbage collection, i.e. re...

G06F 12/0261   using reference counting

G06F 21/62   Protecting access to data v...

G06F 2212/1052   Security improvement

G06F 2221/2143   Clearing memory, e.g. to pr...

System and method to force a mobile device into a secure state

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

56 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

System and method to force a mobile device into a secure state

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

56 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links