System and method for secure control of resources of wireless mobile communication devices
First Claim
1. A wireless mobile communication device, comprising:
- at least one memory storing a first domain comprising a first set of assets each sharing a first level of trust, and the at least one memory storing a second domain comprising a second set of assets each sharing a second level of trust, wherein the first level of trust is different than the second level of trust; and
a domain controller configured to control the first domain and the second domain, and further configured to control access to the first set of assets and the second set of assets;
wherein the domain controller is further configured to receive a request to perform an operation affecting a particular asset in the first set of assets and to determine whether the request originated from a first entity that has a first trust relationship with the first domain;
wherein the domain controller is further configured to permit completion of the operation affecting the particular asset only if the request originated from the first entity, and wherein the domain controller is further configured to permit the first entity to perform operations with respect to each of the first set of assets, andwherein the first domain is owned by a first stakeholder and the second domain is owned by a second stakeholder, the first stakeholder comprising an employer, and the second stakeholder comprising at least one of an employee of the employer, and an owner of the wireless mobile communication device.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles.
88 Citations
36 Claims
-
1. A wireless mobile communication device, comprising:
-
at least one memory storing a first domain comprising a first set of assets each sharing a first level of trust, and the at least one memory storing a second domain comprising a second set of assets each sharing a second level of trust, wherein the first level of trust is different than the second level of trust; and a domain controller configured to control the first domain and the second domain, and further configured to control access to the first set of assets and the second set of assets; wherein the domain controller is further configured to receive a request to perform an operation affecting a particular asset in the first set of assets and to determine whether the request originated from a first entity that has a first trust relationship with the first domain; wherein the domain controller is further configured to permit completion of the operation affecting the particular asset only if the request originated from the first entity, and wherein the domain controller is further configured to permit the first entity to perform operations with respect to each of the first set of assets, and wherein the first domain is owned by a first stakeholder and the second domain is owned by a second stakeholder, the first stakeholder comprising an employer, and the second stakeholder comprising at least one of an employee of the employer, and an owner of the wireless mobile communication device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for secure control of a wireless mobile communication device, comprising:
-
segregating a plurality of assets of the wireless mobile communication device into a first set of assets in a first domain and into a second set of assets in a second domain, wherein the first set of assets includes at least two different types of assets, wherein the first set of assets share a first level of trust to access, wherein the second set of assets share a second level of trust to access, and wherein the first level of trust is different than the second level of trust; receiving a request from a first entity to perform an operation affecting at least one of the first set of assets; determining, via a domain controller configured to control the first domain and the second domain, whether the operation is permitted by the first domain, wherein the operation is permitted by the first domain if the first entity has a first trust relationship with the first domain and further wherein the first entity is allowed to perform operations with respect to each of the first set of assets; and allowing the operation to be completed only if the operation is permitted by the first domain, wherein the first domain is owned by a first stakeholder and the second domain is owned by a second stakeholder, the first stakeholder comprising an employer, and the second stakeholder comprising at least one of an employee of the employer, and an owner of the wireless mobile communication device. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer readable medium storing program code which, when executed by a processor, performs a method for secure control of a wireless mobile communication device, the method comprising:
-
segregating a plurality of assets of the wireless mobile communication device into a first set of assets in a first domain and into a second set of assets in a second domain, wherein the first set of assets includes at least two different types of assets, wherein the first set of assets share a first level of trust to access, wherein the second set of assets share a second level of trust to access, and wherein the first level of trust is different than the second level of trust; receiving a request from a first entity to perform an operation affecting at least one of the first set of assets; determining, via a domain controller configured to control the first domain and the second domain, whether the operation is permitted by the first domain, wherein the operation is permitted by the first domain if the first entity has a first trust relationship with the first domain and further wherein the first entity is allowed to perform operations with respect to each of the first set of assets; allowing the operation to be completed only if the operation is permitted by the first domain, and wherein the first domain comprises an employer domain and the second domain comprises a user domain. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification