Security management system and method for location-based mobile device
First Claim
1. A method for managing information security for a mobile device in a restricted area, based on location information regarding the mobile device, the method comprising:
- receiving, by the mobile device, a request for the execution of an application program in a restricted area from a server managing the restricted area;
executing, by the mobile device, the application program requested for execution when the program is set to be executable according to a security policy set to the restricted area;
encrypting, by the mobile device, a file, created according to the execution of the application program, based on location information regarding the mobile device, the encrypted file including a flag indicating whether the encrypted file is created while the mobile device is in the restricted area;
storing the encrypted file;
receiving, by the mobile device, when the mobile device is located in the restricted area, a request for the execution of the encrypted file;
requesting, by the mobile device, when the encrypted file requested for execution is created while the mobile device is in the restricted area, a decryption key for executing the encrypted file from the server; and
receiving, by the mobile device, the decryption key from the server, decrypting the encrypted file via the received decryption key, and executing the decrypted file,wherein the encrypted file comprises;
a header; and
encrypted data following the header,wherein the header comprises;
the flag; and
the location information for identifying at least one of an encryption key and the decryption key, andwherein the flag indicates whether the location information includes information regarding a location where the encrypted file is created.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a system of managing information security for a mobile device in a restricted area based on location information regarding the mobile device are provided. The method includes receiving, by the mobile device, a request for the execution of an application program in a restricted area from a server managing the restricted area, executing, by the mobile device, the application program requested for execution when the program was set to be executable according to a security policy set to the restricted area, encrypting, by the mobile device, a file, created according to the execution of the application program, based on location information regarding the mobile device, and storing the encrypted file.
-
Citations
12 Claims
-
1. A method for managing information security for a mobile device in a restricted area, based on location information regarding the mobile device, the method comprising:
-
receiving, by the mobile device, a request for the execution of an application program in a restricted area from a server managing the restricted area; executing, by the mobile device, the application program requested for execution when the program is set to be executable according to a security policy set to the restricted area; encrypting, by the mobile device, a file, created according to the execution of the application program, based on location information regarding the mobile device, the encrypted file including a flag indicating whether the encrypted file is created while the mobile device is in the restricted area; storing the encrypted file; receiving, by the mobile device, when the mobile device is located in the restricted area, a request for the execution of the encrypted file; requesting, by the mobile device, when the encrypted file requested for execution is created while the mobile device is in the restricted area, a decryption key for executing the encrypted file from the server; and receiving, by the mobile device, the decryption key from the server, decrypting the encrypted file via the received decryption key, and executing the decrypted file, wherein the encrypted file comprises; a header; and encrypted data following the header, wherein the header comprises; the flag; and the location information for identifying at least one of an encryption key and the decryption key, and wherein the flag indicates whether the location information includes information regarding a location where the encrypted file is created. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A location information-based security management system, the system comprising:
-
a Radio Frequency (RF) communication unit for performing RF communication with a server managing a restricted area; a storage unit for storing a security policy set for the restricted area transmitted from the server and a file created according to the execution of an application program; and a controller, wherein the controller; receives a request for the execution of the application program in a restricted area from the server, and determines whether the application program is set to be executable in the restricted area according to the security policy; executes the application program when the application program is set to be executable according to the security policy; encrypts the file, created according to the execution of the application program, based on location information regarding a mobile device, the encrypted file including a flag indicating whether the encrypted file is created while the mobile device is in the restricted area; stores the encrypted file; receives, when the mobile device is located in the restricted area, a request for the execution of the encrypted file; requests, when the encrypted file requested for execution is created while the mobile device is in the restricted area, a decryption key for executing the encrypted file from the server; and receives the decryption key from the server, decrypts the encrypted file via the received decryption key, and executes the decrypted file, wherein the encrypted file comprises; a header; and encrypted data following the header, wherein the header comprises; the flag; and the location information for identifying at least one of an encryption key and the decryption key, and wherein the flag indicates whether the location information includes information regarding a location where the encrypted file is created. - View Dependent Claims (8, 9, 10, 11, 12)
-
Specification