Enablement of a trusted security zone authentication for remote mobile device management systems and methods
First Claim
1. A method of accessing secure data on a mobile device, comprising:
- receiving, by the mobile device, a request to access a data package stored on the mobile device;
authorizing, by the mobile device, the request to access the data package, wherein authorizing comprises querying the request to obtain one or more request identifications;
granting, by the mobile device, at least one key in response to authorizing the request, wherein the at least one key provides access to a secure environment on the mobile device storing one or more flags associated with the data package, wherein the secure environment prevents unauthorized access to the one or more flags, and wherein the secure environment comprises a trusted security zone that includes one or more chipsets with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals, or a secure element that includes a secure operating environment comprising a microprocessor, memory, and operating system;
granting, by the mobile device, access to the secure environment, wherein access is granted to the secure environment in response to presenting the at least one key to the secure environment; and
granting, by the mobile device, access to the data package, wherein granting access to the data package comprises changing a setting of the one or more flags associated with the data package.
6 Assignments
0 Petitions
Accused Products
Abstract
A method of accessing secure data on a mobile device is disclosed. The method comprises receiving a request to access a data package stored on the mobile device. The method comprises authorizing the request to access the data package, wherein authorizing comprises querying the request to obtain one or more request identifications. The method comprises granting a key in response to authorizing the request, wherein the key provides access to a secure environment storing one or more flags associated with the data package. The method comprises granting access to the secure environment, wherein access is granted to the secure environment in response to presenting the key to the secure environment. The method comprises granting access to the data package, wherein granting access to the data packages comprises setting the one or more flags associated with the data package.
-
Citations
20 Claims
-
1. A method of accessing secure data on a mobile device, comprising:
-
receiving, by the mobile device, a request to access a data package stored on the mobile device; authorizing, by the mobile device, the request to access the data package, wherein authorizing comprises querying the request to obtain one or more request identifications; granting, by the mobile device, at least one key in response to authorizing the request, wherein the at least one key provides access to a secure environment on the mobile device storing one or more flags associated with the data package, wherein the secure environment prevents unauthorized access to the one or more flags, and wherein the secure environment comprises a trusted security zone that includes one or more chipsets with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals, or a secure element that includes a secure operating environment comprising a microprocessor, memory, and operating system; granting, by the mobile device, access to the secure environment, wherein access is granted to the secure environment in response to presenting the at least one key to the secure environment; and granting, by the mobile device, access to the data package, wherein granting access to the data package comprises changing a setting of the one or more flags associated with the data package. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of securing data on a mobile device, comprising:
-
enabling, by the mobile device, a user to secure one or more data packages from wireless access, wherein securing one or more data packages from wireless access comprises changing a setting of one or more data package flags associated with the one or more data packages using a mobile device interface, wherein at least the one or more data package flags are stored in a secure environment on the mobile device and the secure environment prevents unauthorized access to the one or more data package flags, and wherein the secure environment comprises a trusted security zone that includes one or more chipsets with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals, or a secure element that includes a secure operating environment comprising a microprocessor, memory, and operating system; receiving, by the mobile device, a wireless request to access the one or more data packages; querying, by the mobile device, the wireless request to access the one or more data packages, wherein querying comprises requesting one or more wireless request identifications; denying, by the mobile device, access to the one or more data packages based on querying the wireless request to access the one or more data packages, wherein denying access to the one or more data packages comprises denying access to the secure environment storing at least the one or more data package flags. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method of installing secure data on a mobile device, comprising:
-
receiving, by the mobile device, a request to install one or more data package flags in a secure environment on the mobile device, wherein the one or more data package flags are associated with one or more data packages, wherein the secure environment prevents unauthorized access to the one or more flags, and wherein the secure environment comprises a trusted security zone that includes one or more chipsets with a hardware root of trust, a secure execution environment for applications, and secure access to peripherals, or a secure element that includes a secure operating environment comprising a microprocessor, memory, and operating system; authorizing, by the mobile device, the request to install the one or more data package flags in the secure environment, wherein authorizing comprises querying the request to obtain one or more request identifications; granting, by the mobile device, a key based on the authorization of the request to install the one or more data package flags in the secure environment, wherein the key provides access to install one or more data package flags in the secure environment; and installing, by the mobile device, the one or more data package flags in the secure environment through the use of the key, wherein installing the one or more data package flags secures one or more associated data packages on the mobile device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification