Access control system for a mobile device

US 9,077,688 B2
Filed: 06/13/2013
Issued: 07/07/2015
Est. Priority Date: 06/17/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method performed by a mobile device having a processor and memory, the method comprising:

receiving a Proxy Auto Config (PAC) file in response to a PAC request, wherein the PAC request identifies parameters of the mobile device, wherein the PAC file correlates to the parameters of the mobile device, wherein the PAC file comprises a function configured to select a proxy to a request based on a Uniform Resource Locator (URL) of the request, wherein the function is configured to apply a portion of selection rules, wherein the portion of the selection rules is selected automatically from a set of security related selection rules based on the PAC request;

selecting a proxy to handle a request to a remote server, the request is issued by a program being executed by the mobile device, wherein the proxy is configured to perform a predetermined action in response to the request, wherein in response to said request, activating the function of the PAC file to perform said selecting; and

sending the request to the proxy.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, apparatus and product that provide a access control system for mobile devices. The mobile device performing: selecting a proxy to handle a request to a remote server, the request is issued by a program being executed by the mobile device, wherein the proxy is configured to perform a security action in response to the request; and sending the request to the proxy; whereby selectively performing the predetermined security action on a portion of the requests issued by the mobile device. Additionally or alternatively, a computer performing: receiving from a mobile device, an instruction to provide a Proxy Auto Config (PAC) file; and generating a PAC file that comprises a function which is configured to receive a URL and return a proxy to handle a request to the URL, wherein the proxy is configured to perform a security action in response to receiving a request.

Citations

20 Claims

1. A computer-implemented method performed by a mobile device having a processor and memory, the method comprising:
- receiving a Proxy Auto Config (PAC) file in response to a PAC request, wherein the PAC request identifies parameters of the mobile device, wherein the PAC file correlates to the parameters of the mobile device, wherein the PAC file comprises a function configured to select a proxy to a request based on a Uniform Resource Locator (URL) of the request, wherein the function is configured to apply a portion of selection rules, wherein the portion of the selection rules is selected automatically from a set of security related selection rules based on the PAC request;
  
  selecting a proxy to handle a request to a remote server, the request is issued by a program being executed by the mobile device, wherein the proxy is configured to perform a predetermined action in response to the request, wherein in response to said request, activating the function of the PAC file to perform said selecting; and
  
  sending the request to the proxy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computer-implemented method of claim 1, wherein said selecting is performed by applying proxy selection rules based on the parameters of the mobile device, which were obtained from the PAC request and which are statically retained in the PAC file using a variable having a constant value.
  - 3. The computer-implemented method of claim 2, wherein said applying the proxy selection rules is further based on a Uniform Resource Locator (URL) of the request.
  - 4. The computer-implemented method of claim 2, wherein the parameters of the mobile device comprisea network used by the mobile device to transmit the request, wherein the network is a Wi-Fi network, a Wireless LAN network, a wired LAN network, or a cellular data network.
  - 5. The computer-implemented method of claim 1, wherein the PAC file is associated with the program, wherein a request by a different program initiates a proxy selection based on a different PAC file;
    - and wherein the function is configured to determine the proxy based on an identity of the program.
  - 6. The computer-implemented method of claim 1, wherein the PAC file is associated with a network to which the mobile is connected, and wherein the function is configured to determine the proxy based on the network.
  - 7. The computer-implemented method of claim 1, wherein the proxy is selected from a set of proxies, each of which is associated with a different action.
  - 8. The computer-implemented method of claim 1, wherein the proxy is configured to analyze the request and in response to the analysis perform one of the following actions:
    - block the request;
      
      transmit the request to the remote server;
      
      transmitting a response to the mobile device; and
      
      transmit a modified request to the remote server, wherein the modified request is obtained by applying a security-related logic on the request.
  - 9. The computer-implemented method of claim 1, wherein the predetermined action is a predetermined security action, wherein the predetermined security action includes applying a security-related logic on the request to create a modified request and transmitting the modified request to the remote server.
  - 10. The computer-implemented method of claim 2, wherein said applying the proxy selection rules is further based on a geo-location of the mobile device.

11. A computer-implemented method performed by a computer having a processor and memory, the method comprising:
- receiving from a mobile device, an instruction to provide the mobile device with a Proxy Auto Config (PAC) file;
  
  wherein the PAC file is to be used by a program of the mobile device when the mobile device is connected to a network; and
  
  dynamically generating a PAC file for the mobile device, wherein the PAC file comprises a function, wherein the function is configured to receive a Uniform Resource Locator (URL) and return a proxy to handle a request to the URL, wherein the function is configured to make a determination based on an identity of the network to which the mobile device is connected, wherein the network is a Wi-Fi network, a Wireless LAN network, a wired LAN network, or a cellular data network, wherein the proxy is configured to perform a predetermined action in response to receiving a request;
  
  whereby requests by the mobile device are selectively routed to the proxy without having a second program in the mobile device to monitor requests issued in the mobile device.
- View Dependent Claims (12, 13)
- - 12. The computer-implemented method of claim 11, wherein the PAC file comprises a function utilizing predetermined rule selection logic, wherein the PAC file retains as a constant value a first value indicative of the program and a second value indicative of the network, wherein the predetermined rule selection logic is configured to utilize at least one of the first and second values to select the proxy.
  - 13. The computer-implemented method of claim 11, wherein said dynamically generating comprises selecting a subset of selection rules from a set of selection rules retained in a rules database, wherein said selecting the subset of selection rules is performed based on parameters of the instruction to provide the PAC file, wherein the set of selection rules are security related rules, wherein the function is configured to apply the subset of selection rules.

14. A mobile device having a processor, the processor being adapted to perform the steps of:
- receiving a Proxy Auto Config (PAC) file in response to a PAC request, wherein the PAC request identifies parameters of the mobile device, wherein the PAC file correlates to the parameters of the mobile device, wherein the PAC file comprises a function configured to select a proxy to a request based on a Uniform Resource Locator (URL) of the request, wherein the function is configured to apply a portion of selection rules, wherein the portion of the selection rules is selected automatically from a set of security related selection rules based on the PAC request;
  
  selecting a proxy to handle a request to a remote server, the request is issued by a program being executed by the mobile device, wherein the proxy is configured to perform a predetermined action in response to the request, wherein in response to said request, activating the function of the PAC file to perform said selecting; and
  
  sending the request to the proxy.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The mobile device of claim 14, wherein said selecting is performed by applying proxy selection rules based on the parameters of the mobile device, which were obtained from the PAC request and which are statically retained in the PAC file using a variable having a constant value.
  - 16. The mobile device of claim 15, wherein said applying the proxy selection rules is further based on a Uniform Resource Locator (URL) of the request.
  - 17. The mobile device of claim 15, wherein the parameters of the mobile device comprise at least one of:
    - the program initiating the request;
      
      a location of the mobile device; and
      
      a network used by the mobile device to transmit the request.
  - 18. The mobile device of claim 14, wherein the PAC file is associated with a network to which the mobile is connected, and wherein the function is configured to determine the proxy based on the network.
  - 19. The mobile device of claim 14, wherein the proxy is selected from a set of proxies, each of which is associated with a different action.
  - 20. The mobile device of claim 14, wherein the proxy is configured to analyze the request and in response to the analysis perform one of the following actions:
    - block the request;
      
      transmit the request to the remote server;
      
      transmitting a response to the mobile device; and
      
      transmit a modified request to the remote server, wherein the modified request is obtained by applying a security-related logic on the request.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CA, Inc. (d/b/a CA Technologies) (Broadcom, Inc.)
Original Assignee
Skycure Ltd. (Gen Digital Inc.)
Inventors
Amit, Yair, Sharabani, Adi
Primary Examiner(s)
Hirl, Joseph P
Assistant Examiner(s)
GYORFI, THOMAS A

Application Number

US13/917,333
Publication Number

US 20130340031A1
Time in Patent Office

754 Days
Field of Search

726/1, 726/12
US Class Current

1/1
CPC Class Codes

H04L 63/0281   Proxies

H04L 63/107   wherein the security polici...

H04W 12/08   Access security

H04W 12/37   Managing security policies ...

Access control system for a mobile device

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Access control system for a mobile device

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links