System and method for secure control of resources of wireless mobile communication devices

US 8,544,084 B2
Filed: 08/19/2003
Issued: 09/24/2013
Est. Priority Date: 08/19/2002
Status: Active Grant

First Claim

Patent Images

1. A method for control of resources of a mobile device, the method comprising:

segregating the mobile device into a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an owner of the mobile device;

receiving a request to perform an operation, wherein the operation affects an asset of the mobile device;

responsive to receiving the request;

denying, by a domain controller, the request if the request originated from a different domain than the asset; and

permitting, by the domain controller, the request if the request originated from the same domain as the asset.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles.

Citations

84 Claims

1. A method for control of resources of a mobile device, the method comprising:
- segregating the mobile device into a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an owner of the mobile device;
  
  receiving a request to perform an operation, wherein the operation affects an asset of the mobile device;
  
  responsive to receiving the request;
  
  denying, by a domain controller, the request if the request originated from a different domain than the asset; and
  
  permitting, by the domain controller, the request if the request originated from the same domain as the asset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18, 19, 20, 21, 22)
- - 2. The method of claim 1, further comprising determining, by the domain controller, which of the domains the request originated from using a cryptographic key from a key store;
    - anddetermining, by the domain controller, which of the domains the asset belongs to using the cryptographic key from the key store.
  - 3. The method of claim 1 further comprising:
    - receiving information; and
      
      assigning the information to one of the domains based upon a domain policy.
  - 4. The method of claim 3, wherein the domain policy specifies that information should be associated with a domain based upon any one or more of the following including any combination thereof:
    - a source of the information, a digital signature of the information, an access list describing allowed domain information, and an input from a user of the mobile device.
  - 5. The method of claim 3, wherein the domain policy specifies that information should be associated with a domain based upon an indicator of a domain in the information.
  - 6. The method of claim 3, wherein the domain policy specifies that information is associated with a domain based upon a communication pipe over which the information was received.
  - 7. The method of claim 1 further comprising:
    - determining whether the operation is permitted based upon one or more properties stored in a property store; and
      
      denying the request when the operation is not permitted based upon the one or more properties in the property store.
  - 8. The method of claim 7, wherein the one or more properties comprise any one or more of the following including any combination thereof:
    - one or more global properties, one or more domain properties, and one or more application properties.
  - 9. The method of claim 1, wherein the asset comprises at least one of:
    - a communication pipe, persistent data, a property, a software application, a wireless transceiver, a user interface, an interface/connector, a processor, a memory, or a data store.
  - 10. The method of claim 9, wherein the persistent data includes any one or more of the following including any combination thereof:
    - messages, contact information, calendar items, task items, configuration information, properties, records, and voice mails.
  - 11. The method of claim 1, wherein the request originates from at least one of:
    - a communication pipe, persistent data, a property, or a software application.
  - 12. The method of claim 1, wherein the plurality of domains includes a work domain and a personal domain.
  - 13. The method of claim 1, wherein the plurality of domains includes a carrier domain.
  - 14. The method of claim 1, wherein the domain controller is configured to process the request based upon input from the first domain owner and the second domain owner.
  - 16. The method of claim 1, wherein the operation includes any one or more of the following including any combination thereof:
    - creating a domain, deleting a domain, managing a software application, installing a software application, deleting a software application, managing a property, creating a property, reading a property, modifying a property, creating data, reading data, modifying data, and accessing data.
  - 17. The method of claim 1, wherein the request is from any one or more of the following including any combination thereof:
    - an external entity, a device management server, a corporate entity, and an employer.
  - 18. The method of claim 1, wherein the asset comprises a software application that presents a unified view of data across multiple domains.
  - 19. The method of claim 1, wherein the mobile device includes an application having access to multiple domains.
  - 20. The method of claim 1, wherein the mobile device includes a messaging application having access to multiple domains.
  - 21. The method of claim 1, wherein the mobile device includes an address book application having access to multiple domains.
  - 22. The method of claim 1, wherein the plurality of domains includes a work domain and a personal domain.

15. A mobile device comprising:
- a memory comprising a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an owner of the mobile device; and
  
  a domain controller configured to;
  
  receive a request to perform an operation, wherein the operation affects an asset;
  
  deny the request if the request originated from a different domain than the asset; and
  
  permit the request if the request originated from the same domain as the asset.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 23. The mobile device of claim 15, wherein the domain controller is configured to process the request based upon input from the first domain owner and the second domain owner.
  - 24. The mobile device of claim 15, wherein the domain controller is further configured to determine which of the domains the request originated from based upon a digital signature.
  - 25. The mobile device of claim 15, wherein the domain controller is further configured to determine which of the domains the request originated from based upon a communication pipe where the request is received.
  - 26. The mobile device of claim 15, further comprising:
    - a super user application configured to temporarily assume membership of either the first domain based upon approval by the first domain owner or the second domain based upon approval by the second domain owner.
  - 27. The mobile device of claim 26, wherein the super user application is further configured to modify properties in the first domain and the second domain.
  - 28. The mobile device of claim 15, wherein the domain controller is further configured to deny the request when the domain controller determines that the request violates a property mapped to the asset.
  - 29. The mobile device of claim 28, wherein the property comprises any one or more of the following including any combination thereof:
    - one or more global properties, one or more domain properties, and one or more application properties.
  - 30. The mobile device of claim 15, wherein the operation includes any one or more of the following including any combination thereof:
    - creating a domain, deleting a domain, managing a software application, installing a software application, deleting a software application, managing a property, creating a property, reading a property, modifying a property, creating data, reading data, modifying data, or accessing data.
  - 31. The mobile device of claim 15, wherein the first domain comprises a subdomain, wherein the domain controller is further configured to permit requests from the subdomain within the first domain.
  - 32. The mobile device of claim 15, wherein the asset includes at least one of:
    - a communication pipe, persistent data, a property, a software application, a wireless transceiver, a user interface, an interface, a connector, a processor, a memory, or a data store.
  - 33. The mobile device of claim 32, wherein the persistent data includes any one or more of the following including any combination thereof:
    - messages, contact information, calendar items, task items, configuration information, properties, records, and voice mails.
  - 34. The mobile device of claim 15, wherein the request originates from at least one of:
    - a communication pipe, persistent data, a property, or a software application.
  - 35. The mobile device of claim 15, wherein the domain controller is further configured to execute error processing operations subsequent to denying the request.
  - 36. The mobile device of claim 15, wherein the plurality of domains includes a work domain and a personal domain.
  - 37. The mobile device of claim 15, wherein the plurality of domains includes a carrier domain.
  - 38. The mobile device of claim 15, further comprising:
    - an application having access to multiple domains.
  - 39. The mobile device of claim 15, further comprising:
    - a messaging application having access to multiple domains.
  - 40. The mobile device of claim 15, further comprising:
    - an address book application having access to multiple domains.
  - 41. The mobile device of claim 15, further comprising:
    - an application configured to provide a unified view of data across multiple domains.

42. A method for control of resources of a mobile device, the method comprising:
- segregating the mobile device into a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an employee of the employer;
  
  receiving a request to perform an operation, wherein the operation affects an asset of the mobile device;
  
  responsive to receiving the request;
  
  denying, by a domain controller, the request if the request originated from a different domain than the asset; and
  
  permitting, by the domain controller, the request if the request originated from the same domain as the asset.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
- - 43. The method of claim 42, further comprising determining, by the domain controller, which of the domains the request originated from using a cryptographic key from a key store;
    - anddetermining, by the domain controller, which of the domains the asset belongs to using the cryptographic key from the key store.
  - 44. The method of claim 42 further comprising:
    - receiving information; and
      
      assigning the information to one of the domains based upon a domain policy.
  - 45. The method of claim 44, wherein the domain policy specifies that information should be associated with a domain based upon any one or more of the following including any combination thereof:
    - a source of the information, a digital signature of the information, an access list describing allowed domain information, and an input from a user of the mobile device.
  - 46. The method of claim 44, wherein the domain policy specifies that information should be associated with a domain based upon an indicator of a domain in the information.
  - 47. The method of claim 44, wherein the domain policy specifies that information is associated with a domain based upon a communication pipe over which the information was received.
  - 48. The method of claim 42 further comprising:
    - determining whether the operation is permitted based upon one or more properties stored in a property store; and
      
      denying the request when the operation is not permitted based upon the one or more properties in the property store.
  - 49. The method of claim 48, wherein the one or more properties comprise any one or more of the following including any combination thereof:
    - one or more global properties, one or more domain properties, and one or more application properties.
  - 50. The method of claim 42, wherein the asset comprises at least one of:
    - a communication pipe, persistent data, a property, a software application, a wireless transceiver, a user interface, an interface/connector, a processor, a memory, or a data store.
  - 51. The method of claim 50, wherein the persistent data includes any one or more of the following including any combination thereof:
    - messages, contact information, calendar items, task items, configuration information, properties, records, and voice mails.
  - 52. The method of claim 42, wherein the request originates from at least one of:
    - a communication pipe, persistent data, a property, or a software application.
  - 53. The method of claim 42, wherein the plurality of domains includes a work domain and a personal domain.
  - 54. The method of claim 42, wherein the plurality of domains includes a carrier domain.
  - 55. The method of claim 42, wherein the domain controller is configured to process the request based upon input from the first domain owner and the second domain owner.
  - 56. The method of claim 42, wherein the operation includes any one or more of the following including any combination thereof:
    - creating a domain, deleting a domain, managing a software application, installing a software application, deleting a software application, managing a property, creating a property, reading a property, modifying a property, creating data, reading data, modifying data, and accessing data.
  - 57. The method of claim 42, wherein the request is from any one or more of the following including any combination thereof:
    - an external entity, a device management server, a corporate entity, and an employer.
  - 58. The method of claim 42, wherein the asset comprises a software application that presents a unified view of data across multiple domains.
  - 59. The method of claim 42, wherein the mobile device includes an application having access to multiple domains.
  - 60. The method of claim 42, wherein the mobile device includes a messaging application having access to multiple domains.
  - 61. The method of claim 42, wherein the mobile device includes an address book application having access to multiple domains.
  - 62. The method of claim 42, wherein the plurality of domains includes a work domain and a personal domain.

63. A mobile device comprising:
- a memory comprising a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an employee of the employer; and
  
  a domain controller configured to;
  
  receive a request to perform an operation, wherein the operation affects an asset;
  
  deny the request if the request originated from a different domain than the asset; and
  
  permit the request if the request originated from the same domain as the asset.
- View Dependent Claims (64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82)
- - 64. The mobile device of claim 63, wherein the domain controller is further configured to determine which of the domains the request originated from based upon a digital signature.
  - 65. The mobile device of claim 63, wherein the domain controller is further configured to determine which of the domains the request originated from based upon a communication pipe where the request is received.
  - 66. The mobile device of claim 63, further comprising:
    - a super user application configured to temporarily assume membership of either the first domain based upon approval by the first domain owner or the second domain based upon approval by the second domain owner.
  - 67. The mobile device of claim 66, wherein the super user application is further configured to modify properties in the first domain and the second domain.
  - 68. The mobile device of claim 63, wherein the domain controller is further configured to deny the request when the domain controller determines that the request violates a property mapped to the asset.
  - 69. The mobile device of claim 68, wherein the property comprises any one or more of the following including any combination thereof:
    - one or more global properties, one or more domain properties, and one or more application properties.
  - 70. The mobile device of claim 63, wherein the operation includes any one or more of the following including any combination thereof:
    - creating a domain, deleting a domain, managing a software application, installing a software application, deleting a software application, managing a property, creating a property, reading a property, modifying a property, creating data, reading data, modifying data, or accessing data.
  - 71. The mobile device of claim 63, wherein the first domain comprises a subdomain, wherein the domain controller is further configured to permit requests from the subdomain within the first domain.
  - 72. The mobile device of claim 63, wherein the asset includes at least one of:
    - a communication pipe, persistent data, a property, a software application, a wireless transceiver, a user interface, an interface, a connector, a processor, a memory, or a data store.
  - 73. The mobile device of claim 72, wherein the persistent data includes any one or more of the following including any combination thereof:
    - messages, contact information, calendar items, task items, configuration information, properties, records, and voice mails.
  - 74. The mobile device of claim 63, wherein the request originates from at least one of:
    - a communication pipe, persistent data, a property, or a software application.
  - 75. The mobile device of claim 63, wherein the domain controller is further configured to execute error processing operations subsequent to denying the request.
  - 76. The mobile device of claim 63, wherein the plurality of domains includes a work domain and a personal domain.
  - 77. The mobile device of claim 63, wherein the plurality of domains includes a carrier domain.
  - 78. The mobile device of claim 63, wherein the domain controller is configured to process the request based upon input from the first domain owner and the second domain owner.
  - 79. The mobile device of claim 63, further comprising:
    - an application having access to multiple domains.
  - 80. The mobile device of claim 63, further comprising:
    - a messaging application having access to multiple domains.
  - 81. The mobile device of claim 63, further comprising:
    - an address book application having access to multiple domains.
  - 82. The mobile device of claim 63, further comprising:
    - an application configured to provide a unified view of data across multiple domains.

83. One or more non-transitory computer readable media storing instructions that when executed by one or more processors cause the one or more processors to:
- segregate a mobile device into a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an owner of the mobile device;
  
  responsive to receiving a request to perform an operation, wherein the operation affects an asset of the mobile device;
  
  deny, by a domain controller, the request if the request originated from a different domain than the asset; and
  
  permit, by the domain controller, the request if the request originated from the same domain as the asset.

84. One or more non-transitory computer readable media storing instructions that when executed by one or more processors cause the one or more processors to:
- segregate a mobile device into a plurality of domains including a first domain controlled by a first domain owner, and a second domain controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an employee of the employer;
  
  responsive to receiving a request to perform an operation, wherein the operation affects an asset of the mobile device;
  
  deny, by a domain controller, the request if the request originated from a different domain than the asset; and
  
  permit, by the domain controller, the request if the request originated from the same domain as the asset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
Owen, Russell N., Little, Herbert A., Yach, David P., Shenfield, Michael
Primary Examiner(s)
Schwartz, Darren B

Application Number

US10/524,353
Publication Number

US 20050213763A1
Time in Patent Office

3,689 Days
Field of Search

726/2, 726 16- 18, 726 26- 30, 713/150, 713164-168, 713/170, 713/189, 713/193
US Class Current

726/19
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 63/104   Grouping of entities

H04L 63/12   Applying verification of th...

H04L 63/20   for managing network securi...

H04W 12/08   Access security

H04W 12/086   using security domains

System and method for secure control of resources of wireless mobile communication devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

84 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure control of resources of wireless mobile communication devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

84 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links