Electronic devices having adaptive security profiles and methods for selecting the same

US 8,683,556 B2
Filed: 05/04/2011
Issued: 03/25/2014
Est. Priority Date: 05/04/2011
Status: Active Grant

First Claim

Patent Images

1. A method, performed by an electronic device, for selectively adjusting a security profile of the electronic device, the method comprising:

acquiring, by the electronic device, a plurality of expected zones from a database that defines the plurality of expected zones in which the electronic device can be located, wherein the plurality of expected zones for the electronic device are maintained in the database, wherein at least one of the plurality of expected zones includes geographic and temporal boundaries, wherein the geographic and temporal boundaries are associated with the at least one of the plurality of expected zones, and wherein at least one temporal boundary includes a time based parameter, and wherein at least one of the plurality of expected zones includes a geographic area where the electronic device is expected to be located at a particular period of time;

obtaining, by the electronic device, a current location of the electronic device;

determining, by the electronic device, whether the current location is located in, or near, one of the plurality of expected zones; and

selectively applying, by the electronic device, one of a plurality of different security profiles based on the determination of whether the current location is located in, or near, one of the plurality of expected zones, wherein the one of the plurality of different security profiles is associated with at least one of the plurality of expected zones, and wherein each of the plurality of different security profiles can vary access to at least one function or feature of the electronic device by varying authentication mechanisms necessary to avail the at least one function or feature, and wherein, after successful authentication, based on the one of the plurality of different security profiles, access to the at least one function or feature remains granted as long as the electronic device remains in the one of the plurality of expected zones.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Adaptive security profiles are supported on an electronic device. One or more security profiles may be automatically or selectively applied to the device based on the device'"'"'s location and one or more geographic zone definitions. The security profiles may be used to determine the level of authentication or number of invalid authentication attempts for a particular feature or application or set of features or applications.

Citations

27 Claims

1. A method, performed by an electronic device, for selectively adjusting a security profile of the electronic device, the method comprising:
- acquiring, by the electronic device, a plurality of expected zones from a database that defines the plurality of expected zones in which the electronic device can be located, wherein the plurality of expected zones for the electronic device are maintained in the database, wherein at least one of the plurality of expected zones includes geographic and temporal boundaries, wherein the geographic and temporal boundaries are associated with the at least one of the plurality of expected zones, and wherein at least one temporal boundary includes a time based parameter, and wherein at least one of the plurality of expected zones includes a geographic area where the electronic device is expected to be located at a particular period of time;
  
  obtaining, by the electronic device, a current location of the electronic device;
  
  determining, by the electronic device, whether the current location is located in, or near, one of the plurality of expected zones; and
  
  selectively applying, by the electronic device, one of a plurality of different security profiles based on the determination of whether the current location is located in, or near, one of the plurality of expected zones, wherein the one of the plurality of different security profiles is associated with at least one of the plurality of expected zones, and wherein each of the plurality of different security profiles can vary access to at least one function or feature of the electronic device by varying authentication mechanisms necessary to avail the at least one function or feature, and wherein, after successful authentication, based on the one of the plurality of different security profiles, access to the at least one function or feature remains granted as long as the electronic device remains in the one of the plurality of expected zones.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the one of the plurality of expected zones is based at least on a determination of a user'"'"'s routine.
  - 3. The method of claim 2, wherein the determination of a user'"'"'s routine comprises:
    - enabling a tracking mode on the electronic device;
      
      sampling location data;
      
      ending the tracking mode; and
      
      storing an expected zone in the database, wherein the sampled location data is used to define geographic boundaries of that expected zone.
  - 4. The method of claim 1, wherein the plurality of expected zones are maintained in database at least by:
    - receiving user defined parameters for one of the expected zones.
  - 5. The method of claim 1, wherein the plurality of expected zones are maintained in the database at least by:
    - defining one or more of the expected zones using location data, a calendar, a social network, or a combination thereof.
  - 6. The method of claim 1, wherein the plurality of security profiles includes first and second security profiles, wherein the first security profile is more device restrictive than the second security profile, and upon determining that the electronic device is located in an expected zone, selectively applying the second security profile, and upon determining that the electronic device is not located in an expected zone, selectively applying the first security profile.
  - 7. The method of claim 1, wherein each of the plurality of security profiles has a different authentication paradigm.
  - 8. The method of claim 1, further comprising:
    - receiving user defined parameters for each of the plurality of security profiles.
  - 9. The method of claim 1, wherein the at least one of the plurality of expected zones further associates with a way to determine a boundary of at least one of the geographical or temporal boundaries used to define the at least one of the plurality of expected zones.

10. An electronic device for selectively adjusting security profiles, the electronic device comprising:
- a location determining hardware component configured to determine the location of the electronic device;
  
  a data storage hardware component operative to store at least one expected zone and at least one security profile; and
  
  a processing system hardware component coupled to the data storage hardware component and the location determining hardware component, the processing system hardware component configured to;
  
  acquire a plurality of expected zones from a database that defines the plurality of expected zones in which the electronic device can be located, wherein the database maintains the plurality of expected zones for the electronic device, wherein at least one of the plurality of expected zones includes geographic and temporal boundaries, wherein the geographic and temporal boundaries are associated with the at least one of the plurality of expected zones, and wherein at least one temporal boundary includes a time based parameter, and wherein at least one of the plurality of expected zones includes a geographic area where the electronic device is expected to be located at a particular period of time;
  
  obtain a current location of the electronic device;
  
  determine whether the current location is located in, or near, one of the plurality of expected zones; and
  
  selectively apply one of a plurality of different security profiles based on the determination of whether the current location is located in, or near, one of the plurality of expected zones, wherein the one of the plurality of different security profiles is associated with at least one of the plurality of expected zones, and wherein each of the plurality of different security profiles can vary access to at least one function or feature of the electronic device by varying authentication mechanisms necessary to avail the at least one function or feature, and wherein, after successful authentication, based on the one of the plurality of different security profiles, access to the at least one function or feature remains granted as long as the electronic device remains in the one of the plurality of expected zones.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The device of claim 10, wherein the at least one of the plurality of expected zones is automatically defined using information from a calendar.
  - 12. The device of claim 11, wherein the information from a calendar represents a travel itinerary.
  - 13. The device of claim 10, wherein the at least one of the plurality of expected zones is defined using information from a social network.
  - 14. The device of claim 13, wherein the information from a social network comprises location and time metadata of a photograph posted by a user of the electronic device on the social network.
  - 15. The device of claim 13, wherein the information from a social network comprises location information derived from a checked-in entry posted by a user of the electronic device on the social network.
  - 16. The device of claim 10, wherein the one of the plurality of different security profiles comprises authentication options for a plurality of features and applications on the electronic device.
  - 17. The device of claim 10, wherein the one of the plurality of different security profiles comprises a number of permissible invalid authentication attempts for a plurality of features and applications on the electronic device.
  - 18. The device of claim 10, wherein the at least one of the plurality of expected zones further associates with a way to determine a boundary of at least one of the geographical or temporal boundaries used to define the at least one of the plurality of expected zones.

19. A non-transitory computer readable storage medium storing executable program instructions, which when executed by an electronic device cause the electronic device to perform a method for selectively adjusting a security profile of the electronic device, the method comprising:
- acquiring, by the electronic device, a plurality of expected zones from a database that defines the plurality of expected zones in which the electronic device can be located, wherein the database maintains the plurality of expected zones for the electronic device, wherein at least one of the plurality of expected zones includes geographic and temporal boundaries, wherein the geographic and temporal boundaries are associated with the at least one of the plurality of expected zones, and wherein at least one temporal boundary includes a time based parameter, and wherein at least one of the plurality of expected zones includes a geographic area where the electronic device is expected to be located at a particular period of time;
  
  obtaining a current location of the electronic device;
  
  determining whether the current location is located in, or near, one of the plurality of expected zones; and
  
  selectively applying one of a plurality of different security profiles based on the determination of whether the current location is located in, or near, one of the plurality of expected zones, wherein the one of the plurality of different security profiles is associated with at least one of the plurality of expected zones, and wherein each of the plurality of different security profiles can vary access to at least one function or feature of the electronic device by varying authentication mechanisms necessary to avail the at least one function or feature, and wherein, after successful authentication, based on the one of the plurality of different security profiles, access to the at least one function or feature remains granted as long as the electronic device remains in the one of the plurality of expected zones.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The medium of claim 19, wherein the one of the plurality of expected zones is based at least on a determination of a user'"'"'s routine.
  - 21. The medium of claim 20, wherein the determination of a user'"'"'s routine comprises:
    - enabling a tracking mode on the electronic device;
      
      sampling location data;
      
      ending the tracking mode; and
      
      storing an expected zone in the database, wherein the sampled location data is used to define geographic boundaries of that expected zone.
  - 22. The medium of claim 19, wherein the plurality of expected zones are maintained in database at least by:
    - receiving user defined parameters for one of the expected zones.
  - 23. The medium of claim 19, wherein the plurality of expected zones are maintained in the database at least by:
    - defining one or more of the expected zones using location data, a calendar, a social network, or a combination thereof.
  - 24. The medium of claim 19, wherein the plurality of security profiles includes first and second security profiles, wherein the first security profile is more device restrictive than the second security profile, and upon determining that the electronic device is located in an expected zone, selectively applying the second security profile, and upon determining that the electronic device is not located in an expected zone, selectively applying the first security profile.
  - 25. The medium of claim 19, wherein each of the plurality of security profiles has a different authentication paradigm.
  - 26. The medium of claim 19, the method further comprising:
    - receiving user defined parameters for each of the plurality of security profiles.
  - 27. The medium of claim 19, wherein the at least one of the plurality of expected zones further associates with a way to determine a boundary of at least one of the geographical or temporal boundaries used to define the at least one of the plurality of expected zones.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
Ingrassia, Michael I. Jr., Lee, Jeffery T.
Primary Examiner(s)
HOLDER, BRADLEY W

Application Number

US13/100,851
Publication Number

US 20120284779A1
Time in Patent Office

1,056 Days
Field of Search

726/4, 726/2, 726/3
US Class Current

726/4
CPC Class Codes

G06F 21/70   Protecting specific interna...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2149   Restricted operating enviro...

H04L 63/107   wherein the security polici...

H04L 63/108   when the policy decisions a...

H04L 63/20   for managing network securi...

H04L 63/205   involving negotiation or de...

H04W 12/08   Access security

H04W 12/084   using delegated authorisati...

H04W 4/021   Services related to particu...

H04W 4/21   for social networking appli...

Electronic devices having adaptive security profiles and methods for selecting the same

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic devices having adaptive security profiles and methods for selecting the same

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links