System and method for providing network security to mobile devices
First Claim
Patent Images
1. A mobile security system, comprising:
- a mobile security system processor;
a mobile security system memory;
a connection mechanism configured to receive network data previously received by a mobile device before being executed by a mobile device processor of the mobile device, the mobile security system processor being different than the mobile device processor;
a network connection module configured to act as a network gateway;
a security policy for determining whether to forward the network data intended for the mobile device to the mobile device, the security policy configured to instruct the mobile security system to allow the network data to be received by the mobile device without scanning by the mobile security system processor of the mobile security system for malicious content if the network connection module is in communication with one or more trusted networks identified by the security policy;
a security engine for executing the security policy in the mobile security system memory; and
a backup module configured to store at least a portion of a boot sector of the mobile device, the stored portion configured to aid recovery of the boot sector of the mobile device should the boot sector of the mobile device become compromised.
2 Assignments
0 Petitions
Accused Products
Abstract
A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.
-
Citations
18 Claims
-
1. A mobile security system, comprising:
-
a mobile security system processor; a mobile security system memory; a connection mechanism configured to receive network data previously received by a mobile device before being executed by a mobile device processor of the mobile device, the mobile security system processor being different than the mobile device processor; a network connection module configured to act as a network gateway; a security policy for determining whether to forward the network data intended for the mobile device to the mobile device, the security policy configured to instruct the mobile security system to allow the network data to be received by the mobile device without scanning by the mobile security system processor of the mobile security system for malicious content if the network connection module is in communication with one or more trusted networks identified by the security policy; a security engine for executing the security policy in the mobile security system memory; and a backup module configured to store at least a portion of a boot sector of the mobile device, the stored portion configured to aid recovery of the boot sector of the mobile device should the boot sector of the mobile device become compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
executing, by a mobile security system, a security policy by a security engine in a mobile security system memory of the mobile security system using a mobile security system processor of the mobile security system; detecting, by the mobile security system, if a mobile device connected to the mobile security system is in communication with one or more trusted networks identified by the security policy; determining, by the mobile security system, not to scan network data received by the mobile device and allow the network data to be executed by a processor of the mobile device if the mobile device is in communication with the one or more trusted networks; receiving, over a connection mechanism of the mobile security system for connecting to the mobile device, network data received by the mobile device when the mobile device is not in communication with the one or more trusted networks, the network data being intended for the mobile device, the network data being received over the connection mechanism before execution by the processor of the mobile device; acting, by the mobile security system, as a network gateway on behalf of the mobile device; determining, by the mobile security system, whether to forward the network data to the mobile device, the determining being based on the security policy in the mobile security system memory; and storing, by the mobile security system, at least a portion of a boot sector of the mobile device, the stored portion configured to aid recovery of the boot sector of the mobile device should the boot sector of the mobile device become compromised.
-
-
18. A system comprising:
-
an interface for receiving, by a mobile security system, network data previously received by a mobile device before being executed by a mobile device processor of the mobile device; a processor for executing a security policy in a mobile security system memory of the mobile security system, the security policy for detecting malware in the network data and determining whether to forward the network data intended for the mobile device to the mobile device if malware is not detected in the network data, the security policy configured to instruct the mobile security system to allow the network data to be received by the mobile device without scanning for malicious content if the mobile device is in communication with one or more trusted networks identified by the security policy; and a data store for storing at least a portion of a boot sector of the mobile device, the stored portion configured to aid recovery of the boot sector of the mobile device should the boot sector of the mobile device become compromised.
-
Specification