System and method for device management security of trap management object

US 9,160,767 B2
Filed: 04/03/2008
Issued: 10/13/2015
Est. Priority Date: 04/06/2007
Status: Active Grant

First Claim

Patent Images

1. A Device Management (DM) client device, comprising:

a computer processor;

a memory for storing processor-executable instructions which, when executed by the computer processor, implement a DM message transmission/reception block, a Management Object (MO) storage block and a security management block;

the DM message transmission/reception block for receiving an addition command to add a recipient node to a Trap Management Object (Trap MO);

the MO storage block for storing the Trap MO including authority information which represents that a DM server device has authority to make the addition command and a plurality of MOs which include a notification target MO; and

the security management block for determining, when receiving the addition command, if the DM server device has authority to make the addition command by checking the authority information of the Trap MO via a lookup on a list, determining if the DM server device has authority to make an execution command by checking, via the lookup on the list, the notification target MO requested to be registered, and registering the notification target MO as the recipient node in the Trap MO when the DM server device has the authority to make the addition command and execution command.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a system and method for device management security, and more particularly to a system and method for device management security of a trap management object (Trap MO), which can prevent a non-authorized device management server from indirectly controlling device management of a mobile terminal through use of the Trap MO defined in Open Mobile Alliance Device Management (OMA DM). To this end, when a DM client receives a request to register a notification target MO as a recipient node registration from a DM server, the DM client determines if the DM server has authority for both addition and execution and allows only an authorized DM server to register a recipient node in the Trap MO, so that only a DM server having authority for execution of an MO can execute the MO and control the device management of a mobile terminal. Accordingly, it is possible to enhance device management security of the mobile terminal against non-authorized DM servers.

13 Citations

View as Search Results

17 Claims

1. A Device Management (DM) client device, comprising:
- a computer processor;
  
  a memory for storing processor-executable instructions which, when executed by the computer processor, implement a DM message transmission/reception block, a Management Object (MO) storage block and a security management block;
  
  the DM message transmission/reception block for receiving an addition command to add a recipient node to a Trap Management Object (Trap MO);
  
  the MO storage block for storing the Trap MO including authority information which represents that a DM server device has authority to make the addition command and a plurality of MOs which include a notification target MO; and
  
  the security management block for determining, when receiving the addition command, if the DM server device has authority to make the addition command by checking the authority information of the Trap MO via a lookup on a list, determining if the DM server device has authority to make an execution command by checking, via the lookup on the list, the notification target MO requested to be registered, and registering the notification target MO as the recipient node in the Trap MO when the DM server device has the authority to make the addition command and execution command.
- View Dependent Claims (6, 7, 8)
- - 6. The DM client device of claim 1, wherein the DM message transmission/reception block transmits a registration error message to the DM server device when the DM server device does not have authority to make the addition command.
  - 7. The DM client device of claim 1, wherein the DM message transmission/reception block transmits a registration error message to the DM server device, when the DM server device does not have authority to make the execution command.
  - 8. The DM client device of claim 1, wherein the DM message transmission/reception block transmits a registration confirmation message to the DM server device, when the DM client device registers the recipient node in the Trap MO.

2. A method for device management security of a Trap Management Object (Trap MO) in a Device Management (DM) client device, the method comprising the steps of:
- receiving the Trap MO including authority information which represents that a DM server device has authority to make an addition command to add a recipient node to the Trap MO;
  
  storing the Trap MO and a plurality of MOs including a notification target MO in a memory;
  
  receiving the addition command from the DM server device;
  
  determining, by a processor, if the DM server device has authority to make the addition command by checking the authority information of the Trap MO via a lookup on a list;
  
  determining if the DM server device has authority to make an execution command by checking, via the lookup on the list, the notification target MO requested to be registered; and
  
  registering the notification target MO as a recipient node in the Trap MO when the DM server device has authority to make the addition command and the execution command.
- View Dependent Claims (3, 4, 5, 17)
- - 3. The method of claim 2, further comprising:
    - transmitting a registration error message to the DM server device when the DM server device does not have authority to make the addition command.
  - 4. The method of claim 2, further comprising:
    - transmitting a registration error message to the DM server device when the DM server device does not have authority to make the execution command.
  - 5. The method of claim 2, further comprising a step of transmitting a registration confirmation message to the DM server device when the DM client device registers the recipient node in the Trap MO.
  - 17. The method of claim 2, further comprising:
    - storing the authority information in a “
      
      ToRef”
      
      recipient node; and
      
      storing the execution authority information in a scheduling recipient node,wherein the scheduling recipient node includes a condition node and a task node, andwherein the scheduling recipient node is included in the “
      
      ToRef”
      
      node.

9. A Device Management (DM) server device comprising:
- a computer processor;
  
  a memory for storing processor-executable instructions which, when executed by the computer processor, implement a DM message transmission/reception block, a Management Object (MO) storage block and a security management block;
  
  the DM message transmission/reception block for transmitting to a DM client device a DM message having a Trap Management Object (Trap MO) including authority information which represents that a DM server device has authority to make an addition command to add a recipient node to the Trap MO so that the DM client device determines, when receiving the addition command, whether the DM server device has authority to make the addition command by checking the authority information of the Trap MO via a lookup on a list, receiving the DM message, and receiving a registration confirmation message from the DM client device in response to the DM message; and
  
  the MO storage block for storing the Trap MO and a plurality of MOs which include a notification target MO.
- View Dependent Claims (10, 11, 12)
- - 10. The DM server device of claim 9, wherein the DM message transmission/reception block receives a registration error message from the DM client device when the DM server device does not have authority to make the addition command.
  - 11. The DM server device of claim 9, wherein the DM message transmission/reception block receives a registration error message from the DM client device when the DM server device does not have authority to make the execution command.
  - 12. The DM server device of claim 9, wherein the DM message transmission/reception block receives a registration confirmation message from the DM client device when the DM client device registers the recipient node in the Trap MO.

13. A method for Device Management (DM) security of a Trap Management Object (Trap MO) in DM server device, the method comprising:
- transmitting to a DM client device a DM message having a Trap MO including authority information which represents that the DM server device has authority to make an addition command to add a recipient node to the Trap MO to a DM client device so that the DM client determines, when receiving the addition command, whether the DM server device has authority to make the addition command by checking the authority information of the Trap MO via a lookup on a list;
  
  storing, in a memory, the Trap MO and a plurality of Management Objects (MOs) which include a notification target MO;
  
  transmitting the addition command to register, by a processor, information of the notification target MO; and
  
  receiving a registration confirmation message from the DM client device in response to the DM message, wherein the DM server device has authority to make the addition command and to make an execution command.
- View Dependent Claims (14, 15, 16)
- - 14. The method of claim 13, further comprising:
    - receiving a registration error message from the DM client device when the DM server device does not have authority to make the addition command.
  - 15. The method of claim 13, further comprising:
    - receiving a registration error message from the DM client device when the DM server device does not have authority to make the execution command.
  - 16. The method of claim 13, further comprising:
    - receiving a registration confirmation message from DM client device when the DM client device registers the recipient node in the Trap MO.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Keum, Ji-Eun, Jun, Hae-Young, Kim, Wuk
Primary Examiner(s)
Won, Michael
Assistant Examiner(s)
CELANI, NICHOLAS P

Application Number

US12/594,755
Publication Number

US 20100121967A1
Time in Patent Office

2,749 Days
Field of Search

709/223, 709/224, 709/227, 709/229, 726 2- 6, 726/21
US Class Current

1/1
CPC Class Codes

G06F 21/6272   by registering files or doc...

G06F 2221/2115   Third party

H04L 41/28   Restricting access to netwo...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

System and method for device management security of trap management object

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for device management security of trap management object

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links