Mobile device management apparatus and method based on security policies and management server for mobile device management
First Claim
Patent Images
1. A mobile device management apparatus comprising:
- at least one processor operable to read and operate according to instructions within a computer program; and
at least one memory operable to store at least portions of said computer program for access by said processor;
wherein said program includes algorithms to cause said processor to implement;
a policy storage unit which receives security policies and profiles;
wherein the security policies each control an operation state with respect to a function of a mobile device; and
wherein the profiles comprise sets of one or more respective security policies and have respective activation priorities; and
a policy implementation unit which selectively activates the profiles in response to one or more of;
a detection of an event occurring on the mobile device, anda command received from outside the mobile device;
wherein the policy implementation unit is executed on the mobile device and executes the one or more respective security policies included in an activated profile so as to control the function of the mobile device;
wherein each profile is assigned an activation index, and the policy implementation unit activates a profile of which the activation index is greater than a preset value,wherein, when two or more events are defined with a corresponding profile in the policy storage unit, an activation index of the corresponding profile increases according to a number of events, among the two or more events, occurring on the mobile device, andwherein, when the function of the mobile device is controlled by more than one of the security policies, the policy implementation unit executes only the one of the security policies belonging to a profile having a higher respective activation priority.
1 Assignment
0 Petitions
Accused Products
Abstract
A mobile device management apparatus has a policy storage unit that receives a plurality of security policies, which are classified into a plurality of profiles assigned priorities of activation and in which operating states of functions of a mobile device are defined. A management server supplies the profiles and the security policies to the mobile device. A policy implementation unit selectively activates the profiles so that control of the mobile device functions can be carried out with minimal communication, and also in response to changing events.
13 Citations
17 Claims
-
1. A mobile device management apparatus comprising:
-
at least one processor operable to read and operate according to instructions within a computer program; and at least one memory operable to store at least portions of said computer program for access by said processor; wherein said program includes algorithms to cause said processor to implement; a policy storage unit which receives security policies and profiles;
wherein the security policies each control an operation state with respect to a function of a mobile device; and
wherein the profiles comprise sets of one or more respective security policies and have respective activation priorities; anda policy implementation unit which selectively activates the profiles in response to one or more of; a detection of an event occurring on the mobile device, and a command received from outside the mobile device; wherein the policy implementation unit is executed on the mobile device and executes the one or more respective security policies included in an activated profile so as to control the function of the mobile device; wherein each profile is assigned an activation index, and the policy implementation unit activates a profile of which the activation index is greater than a preset value, wherein, when two or more events are defined with a corresponding profile in the policy storage unit, an activation index of the corresponding profile increases according to a number of events, among the two or more events, occurring on the mobile device, and wherein, when the function of the mobile device is controlled by more than one of the security policies, the policy implementation unit executes only the one of the security policies belonging to a profile having a higher respective activation priority. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A mobile device management method comprising:
-
(a) receiving a plurality of security policies classified into a plurality of profiles assigned activation priorities and in which operating states of functions of a mobile device are defined, and storing the security policies at the mobile device; and (b) activating, by the mobile device, profiles selected from the plurality of profiles in response to at least one of an event occurring on the mobile device and a command received from outside the mobile device, executing security policies included in the activated profiles, and then controlling the functions of the mobile device, wherein each profile is assigned an activation index, and the policy implementation unit activates a profile of which the activation index is greater than a preset value, wherein, when the security policies are stored with a definition of two or more events with respect to a corresponding profile at the mobile device, an activation index of the corresponding profile increases according to a number of events, among the two or more events, occurring on the mobile device, and wherein (b) is carried out so that, when a plurality of security policies, in which operating states of an identical function of the mobile device are defined, is individually included in the plurality of activated profiles, a security policy included in a profile having a highest priority of activation among the activated profiles is implemented. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A mobile device, comprising:
-
a transmitter, a receiver, a storage, a management apparatus, and one or more mobile device functions; wherein; the receiver receives a plurality of profiles; the profiles are stored in the storage; the profiles each include one or more security policies and each have a respective activation priority; each of the security policies pertains to an operation state of one of the mobile device functions; the storage also includes a plurality of event policies that define events and corresponding profiles; the management apparatus selectively activates ones of the profiles in response to at least one of; a detection of one of the defined events, and a command, received by the receiver, indicating one of the profiles to activate; and when the management apparatus activates one of the profiles, the management apparatus also executes the one or more security policies of the activated profile, and the executed security policies control the operation state of the mobile device functions, wherein each profile is assigned an activation index, and the management apparatus activates a profile of which the activation index is greater than a preset value, wherein, when two or more events are defined with a corresponding profile in the storage, an activation index of the corresponding profile increases according to a number of events, among the two or more events, occurring on the mobile device, and wherein, when the activated profile includes one of the security policies pertaining to the same one of the mobile device functions, the management apparatus executes only the one of the security policies belonging to the activated profile having the higher respective activation priority. - View Dependent Claims (16, 17)
-
Specification