Assessing a security state of a mobile communications device to determine access to specific tasks

US 9,407,640 B2
Filed: 02/27/2015
Issued: 08/02/2016
Est. Priority Date: 10/21/2008
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, causes the processor to perform a method comprising:

receiving, at a server security component, a request to access services from a mobile communications device for a specific task;

determining, at the server security component, whether a security state for the mobile communications device is acceptable for access to the services,the determining the security state for the mobile communications device comprising;

determining whether a security state information associated with the received request to access services is up to date,based on the security state information being determined to not be up to date, obtaining, at the server security component, an updated security state information from the mobile communications device, anddetermining the security state for the mobile communication device based on the updated security state information obtained from the mobile communications device;

based on the security state for the mobile communications device being determined to be acceptable for access to the services, granting access, by the server security component, to the services, and determining, at the server security component, whether the security state for the mobile communications device is acceptable for access to the specified task requested; and

based on the security state for the mobile communications device being determined to be acceptable for access to the specified task requested, granting access, by the server security component, to the specific task requested.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods for assessing the current security state of a mobile communications device to determine access to specific tasks is presented. A security component on a server is configured to receive a request to access services from a mobile communications device for a specific task. The security component on the server is further configured to determine whether a security state for the mobile communications device is acceptable for access to the services. Based on the security state for the mobile device being determined to be acceptable for access to the services, access to the services is granted and a determination is whether the security state is acceptable for access to the specific task requested. Based on the security state being determined to be acceptable for access to the specific task requested, access to the specific task requested is granted by the server security component.

321 Citations

12 Claims

1. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, causes the processor to perform a method comprising:
- receiving, at a server security component, a request to access services from a mobile communications device for a specific task;
  
  determining, at the server security component, whether a security state for the mobile communications device is acceptable for access to the services,the determining the security state for the mobile communications device comprising;
  
  determining whether a security state information associated with the received request to access services is up to date,based on the security state information being determined to not be up to date, obtaining, at the server security component, an updated security state information from the mobile communications device, anddetermining the security state for the mobile communication device based on the updated security state information obtained from the mobile communications device;
  
  based on the security state for the mobile communications device being determined to be acceptable for access to the services, granting access, by the server security component, to the services, and determining, at the server security component, whether the security state for the mobile communications device is acceptable for access to the specified task requested; and
  
  based on the security state for the mobile communications device being determined to be acceptable for access to the specified task requested, granting access, by the server security component, to the specific task requested.
- View Dependent Claims (2)
- - 2. The computer-readable medium of claim 1, wherein determining whether the security state for the mobile communications device is acceptable for access to the specific task requested comprises:
    - sending, from the server security component, a security state information associated with the received request to access services to a service provider; and
      
      receiving, at the server security component, a response from the service provider corresponding to the request to access,wherein the response provides an indication of whether the security state for the mobile communications device is acceptable for the specific task requested.

3. A non-transitory computer-readable medium encoded with a plurality of instructions which, when executed by a processor, causes the processor to perform a method comprising:
- receiving, at a service provider, a request to access services by a mobile communications device;
  
  determining, at the service provider, whether a security state for the mobile communications device is acceptable for access to the services,the determining the security state for the mobile communications device comprising;
  
  determining whether a security state information associated with the received request to access services is up to date,based on the security state information being determined to not being up to date, obtaining, at the server security component, an updated security state information from the mobile communications device, anddetermining the security state for the mobile communications device based on the updated security state information obtained from the mobile communications device;
  
  based on the security state for the mobile communications device being determined to be acceptable for access to the services, granting access, by the server security component, to the services, and determining, at the service provider, whether the security state for the mobile communications device is acceptable for access to the specified task requested; and
  
  based on the security state for the mobile communications device being determined to be unacceptable for access to the specific task requested, denying access, by the service provider, to the specified task requested.
- View Dependent Claims (4, 5, 6)
- - 4. The computer-readable medium of claim 3, wherein a server security component serves as a proxy between a mobile communications device and the service provider, and wherein receiving the request to access services by a mobile communications device comprises receiving the request from the server security component.
  - 5. The computer-readable medium of claim 3, wherein the updated security state information is obtained directly from the mobile communications device.
  - 6. The computer-readable medium of claim 3, wherein the updated security state information is obtained from a server security component serving as a proxy between the mobile communications device and the service provider.

7. A method comprising:
- receiving, at a server security component, a request to access services from a mobile communications device for a specified task;
  
  determining, at the server security component, whether a security state for the mobile communications device is acceptable for access to the services,the determining the security state for the mobile communications device comprising;
  
  determining whether a security state information associated with the received request to access services is up to date,based on the security state information being determined to not be up to date, obtaining, at the server security component, an updated security state information from the mobile communication device, anddetermining the security state for the mobile communications device based on the updated security state information obtained from the mobile communications device;
  
  based on the security state for the mobile communications device being determined to be acceptable for access to the services, granting access, by the server security component, to the services, and determining, at the server security component, whether the security state for the mobile communications device is acceptable for access to the specified task requested; and
  
  based on the security state for the mobile communications device being determined to be acceptable for access to the specified task requested, granting access, by the server security component, to the specified task requested.
- View Dependent Claims (8)
- - 8. The method of claim 7, wherein determining whether the security state for the mobile communications device is acceptable for access to the specific task requested comprises:
    - sending, from the server security component, a security state information associated with the received request to access services to a service provider; and
      
      receiving, at the server security component, a response from the service provider corresponding to the request to access,wherein the response provides an indication of whether the security state for the mobile communications device is acceptable for the specific task requested.

9. A method comprising:
- receiving, at a service provider, a request to access services by a mobile communications device;
  
  determining, at the service provider, whether a security state for the mobile communications device is acceptable for access to the services,the determining the security state for the mobile communications device comprising;
  
  determining whether a security state information associated with the received request to access services is up to date,based on the security state information being determined to not being up to date, obtaining, at the server security component, an updated security state information from the mobile communications device, anddetermining the security state for the mobile communications device based on the updated security state information obtained from the mobile communications device;
  
  based on the security state for the mobile communications device being determined to be acceptable for access to the services, granting access, by the server security component, to the services, and determining, at the service provider, whether the security state for the mobile communications device is acceptable for access to the specified task requested; and
  
  based on the security state for the mobile communications device being determined to be unacceptable for access to the specific task requested, denying access, by the service provider, to the specified task requested.
- View Dependent Claims (10, 11, 12)
- - 10. The method of claim 9, wherein a server security component serves as a proxy between a mobile communications device and the service provider, and wherein receiving the request to access services by a mobile communications device comprises receiving the request from the server security component.
  - 11. The method of claim 9, wherein the updated security state information is obtained directly from the mobile communications device.
  - 12. The method of claim 9, wherein the updated security state information is obtained from a server security component serving as a proxy between the mobile communications device and the service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lookout Incorporated
Original Assignee
Lookout Incorporated
Inventors
Mahaffey, Kevin Patrick, Hering, John G., Burgess, James David
Primary Examiner(s)
Chen, Shin-Hon

Application Number

US14/634,115
Publication Number

US 20150188924A1
Time in Patent Office

522 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G06F 21/30   Authentication, i.e. establ...

G06F 21/31   User authentication

G06F 21/577   Assessing vulnerabilities a...

G06F 2221/2129   Authenticate client device ...

H04L 2463/102   applying security measure f...

H04L 63/10   for controlling access to d...

H04L 63/102   Entity profiles

H04L 63/1416   Event detection, e.g. attac...

H04W 12/08   Access security

Assessing a security state of a mobile communications device to determine access to specific tasks

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

321 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Assessing a security state of a mobile communications device to determine access to specific tasks

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

321 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links