Method and apparatus for context aware mobile security
First Claim
Patent Images
1. A method for modifying a security policy executed on a mobile device, comprising:
- first determining, by a processor, first context parameters associated with the mobile device, the mobile device being operated according to one of a plurality of separate and distinct context aware security policies stored in a memory in the mobile device for execution;
automatically operating the mobile device according to a first security policy among the plurality of security policies based on the first determined first context parameters associated with the mobile device;
second determining, by the processor, a change in at least one of the first context parameters to a second context parameter that affects the automatically operating the mobile device according to the first security policy;
automatically selecting, by the processor, a second security policy among the plurality of security policies based on the second determining;
automatically operating the mobile device according to the second security policy of the mobile device based on the second determined change in the at least one of the first context parameters to the second context parameter, a particular network being accessible by the mobile device, the second security policy enabling connectivity of the mobile device to the particular network according to a separate security policy of the particular network;
adapting, by the processor, a third security policy among the plurality of security policies of the mobile device and one or more application services accessible via the mobile device to the separate security policy of the particular network by implementing the separate security policy of the particular network as the third security policy on the mobile device;
third determining, by the processor, a change in at least one other of the first context parameters and a change in the separate security policy of the particular network; and
automatically selecting, by the processor, a fourth security policy among the plurality of security policies based on the third determining, the fourth security policy processing the change in the at least one other of the first context parameters and the change in the separate security policy of the particular network to disable the connectivity of the mobile device to the particular network,wherein the processor employs a context aware mobile security policy application stored in the memory in the mobile device, andthe first context parameters comprise at least one of a date, a time, a temperature, a user command, a communication of the mobile device with a network access node and user credentials associated with the mobile device.
7 Assignments
0 Petitions
Accused Products
Abstract
An approach is provided for causing a change in a security policy of a device based on contextual information. The approach involves determining context information associated with a device. The approach also involves determining a security policy of the device. The approach further involves determining a change of the context information. The approach additionally involves processing the determined change of the context information to cause, at least in part, a revision of the security policy of the device.
63 Citations
12 Claims
-
1. A method for modifying a security policy executed on a mobile device, comprising:
-
first determining, by a processor, first context parameters associated with the mobile device, the mobile device being operated according to one of a plurality of separate and distinct context aware security policies stored in a memory in the mobile device for execution; automatically operating the mobile device according to a first security policy among the plurality of security policies based on the first determined first context parameters associated with the mobile device; second determining, by the processor, a change in at least one of the first context parameters to a second context parameter that affects the automatically operating the mobile device according to the first security policy; automatically selecting, by the processor, a second security policy among the plurality of security policies based on the second determining; automatically operating the mobile device according to the second security policy of the mobile device based on the second determined change in the at least one of the first context parameters to the second context parameter, a particular network being accessible by the mobile device, the second security policy enabling connectivity of the mobile device to the particular network according to a separate security policy of the particular network; adapting, by the processor, a third security policy among the plurality of security policies of the mobile device and one or more application services accessible via the mobile device to the separate security policy of the particular network by implementing the separate security policy of the particular network as the third security policy on the mobile device; third determining, by the processor, a change in at least one other of the first context parameters and a change in the separate security policy of the particular network; and automatically selecting, by the processor, a fourth security policy among the plurality of security policies based on the third determining, the fourth security policy processing the change in the at least one other of the first context parameters and the change in the separate security policy of the particular network to disable the connectivity of the mobile device to the particular network, wherein the processor employs a context aware mobile security policy application stored in the memory in the mobile device, and the first context parameters comprise at least one of a date, a time, a temperature, a user command, a communication of the mobile device with a network access node and user credentials associated with the mobile device. - View Dependent Claims (2, 3, 4)
-
-
5. A mobile communicating device, comprising:
-
at least a first memory storing a plurality of separate and distinct context aware security policies by which the mobile communicating device is operated; a sensor that determines at least one of a plurality of context parameters associated with the mobile communicating device; and a processor that is programmed to; execute a first security policy among the plurality of security policies based on first context parameters associated with the mobile communicating device; execute a first determining of a change in at least one of the first context parameters to a second context parameter that affects operation of the mobile communicating device according to the first security policy; automatically select a second security policy among the plurality of security policies based on the first determining; automatically control operation of the mobile communicating device according to the second security policy of the mobile communicating device based on the first determining of the change in the at least one of the first context parameters, a particular network being accessible by the mobile communicating device and the second security policy enabling connectivity of the mobile communicating device to the particular network according to a separate security policy of the particular network; adapt a third security policy among the plurality of security policies of the mobile communicating device and one or more application services accessible via the mobile communicating device to the separate security policy of the particular network by implementing the separate security policy of the particular network as the third security policy on the mobile communicating device; execute a second determining of a change in at least one other of the first context parameters and a change in the separate security policy of the particular network; and automatically selecting a fourth security policy among the plurality of security policies based on the second determining, the fourth security policy processing the change in the at least one other of the first context parameters and the change in the separate security policy of the particular network to disable the connectivity of the mobile device to the particular network, wherein the processor applies a context aware mobile security policy application stored in at least a second memory in the mobile communicating device to process the second determined change in the at least one of the first context parameters, and the first context parameters comprise at least one of a date, a time, a temperature, a user command, a communication of the mobile device with a network access node and user credentials associated with the mobile communicating device. - View Dependent Claims (6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium storing instructions which, when executed by one or more processors in a mobile device, cause the one or more processors to execute steps of a method for modifying a security policy executed on the mobile device, comprising:
-
first determining first context parameters associated with the mobile device, the mobile device being operable according to a plurality of separate and distinct context aware security policies stored in a memory in the mobile device; automatically operating the mobile device according to a first security policy among the plurality of security policies based on the first determined first context parameters associated with the mobile device; second determining a change in at least one of the first context parameters to a second context parameter that affects the operation of the mobile device according to the first security policy; automatically selecting a second security policy among the plurality of security policies based on the second determining; automatically operating the mobile device according to the second security policy based on the second determined change in the at least one of the first context parameters to the second context parameter, a particular network being accessible by the mobile device, the second security policy enabling connectivity of the mobile device to the particular network according to a separate security policy of the particular network; adapting a third security policy among the plurality of security policies of the mobile device and one or more application services accessible via the mobile device to the separate security policy of the particular network by implementing the separate security policy of the particular network as the third security policy on the mobile device; third determining a change in at least one other of the first context parameters and a change in the separate security policy of the particular network; and automatically selecting a fourth security policy among the plurality of security policies based on the third determining, the fourth security policy processing the change in the at least one other of the first context parameters and the change in the separate security policy of the particular network to disable the connectivity of the mobile device to the particular network, wherein the one or more processors communicate with a context aware mobile security policy application stored in the memory of the mobile device, the context aware mobile security policy application being configured to modify the security policy of the mobile device by facilitating selection between the plurality of separate and distinct context aware security policies, and the first context parameters comprise at least one of a date, a time, a temperature, a user command, a communication of the mobile device with a network access node and user credentials associated with the mobile device. - View Dependent Claims (10, 11, 12)
-
Specification