Automatic security action invocation for mobile communications device

US 9,603,010 B2
Filed: 07/06/2015
Issued: 03/21/2017
Est. Priority Date: 05/18/2006
Status: Active Grant

First Claim

Patent Images

1. A method for providing security on a mobile communications device, the method comprising:

forcing the mobile communications device into a locked state, regardless of any current user input activity and regardless of wireless network coverage, upon expiry of periodic timeout periods, each timeout period having a first duration;

detecting, by a communications subsystem of the mobile communications device, prior to expiry of a particular timeout period of the periodic timeout periods, a lack of wireless network coverage for a second duration that is shorter than the first duration; and

responsive to detecting the lack of wireless network coverage for the second duration, forcing the mobile communications device into the locked state prior to the expiry of the particular timeout period, regardless of any current user input activity, thereby shortening the particular timeout period from the first duration to the second duration.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile communications device, method, and computer program product for providing security on a mobile communications device are described. In accordance with one example embodiment, the mobile communications device comprises: a processor; a communications subsystem connected to the processor operable to exchange signals with a wireless network and with the processor; a storage element connected to the processor and having a plurality of application modules and data stored thereon, the data comprising at least user application data associated with the application modules and service data including data for establishing communications with the wireless network; and a security module operable to determine if a battery level falls below a predetermined threshold and perform a security action comprising erasing or encrypting at least some of the data on the storage element if the battery power falls below the predetermined threshold.

27 Citations

24 Claims

1. A method for providing security on a mobile communications device, the method comprising:
- forcing the mobile communications device into a locked state, regardless of any current user input activity and regardless of wireless network coverage, upon expiry of periodic timeout periods, each timeout period having a first duration;
  
  detecting, by a communications subsystem of the mobile communications device, prior to expiry of a particular timeout period of the periodic timeout periods, a lack of wireless network coverage for a second duration that is shorter than the first duration; and
  
  responsive to detecting the lack of wireless network coverage for the second duration, forcing the mobile communications device into the locked state prior to the expiry of the particular timeout period, regardless of any current user input activity, thereby shortening the particular timeout period from the first duration to the second duration.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method recited in claim 1, further comprising:
    - while the mobile communications device is in the locked state, detecting successful user authentication; and
      
      responsive to the successful user authentication, exiting the locked state.
  - 3. The method recited in claim 1, further comprising:
    - while the mobile communications device remains in the locked state and lacks wireless network coverage, performing a data protection security action.
  - 4. The method recited in claim 3, wherein performing the data protection security action comprises erasing data stored in an erasable persistent memory of the mobile communications device.
  - 5. The method recited in claim 3, wherein performing the data protection security action comprises erasing all user data stored on the mobile communications device.
  - 6. The method recited in claim 3, wherein performing the data protection security action comprises overwriting memory locations in which the user data is stored.
  - 7. The method recited in claim 3, wherein performing the data protection security action comprises encrypting data stored in the mobile communications device.
  - 8. The method recited in claim 1, wherein forcing the mobile communications device into the locked state is enabled by a policy message received on the mobile communications device.

9. A mobile communications device, comprising:
- a processor;
  
  a communications subsystem coupled to the processor;
  
  an input device coupled to the processor;
  
  a storage element coupled to the processor and having data stored thereon; and
  
  a security module operable to;
  
  force the mobile communications device into a locked state, regardless of any current user input activity and regardless of wireless network coverage, upon expiry of periodic timeout periods, each timeout period having a first duration;
  
  detect, in conjunction with the communications subsystem, prior to expiry of a particular timeout period of the periodic timeout periods, a lack of wireless network coverage for a second duration that is shorter than the first duration; and
  
  force the mobile communications device into the locked state prior to the expiry of the particular timeout period, regardless of any current user input activity, responsive to detection of the lack of wireless network coverage for the second duration, thereby shortening the particular timeout period from the first duration to the second duration.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The mobile communications device recited in claim 9, wherein the security module is operable to detect successful user authentication via the input device while the mobile communications device is in the locked state and to exit the locked state responsive to the successful user authentication.
  - 11. The mobile communications device recited in claim 9, wherein the security module is operable to perform a data protection security action while the mobile communications device remains in the locked state and lacks wireless network coverage.
  - 12. The mobile communications device recited in claim 11, wherein performing the data protection security action comprises erasing data stored in an erasable persistent memory of the mobile communications device.
  - 13. The mobile communications device recited in claim 11, wherein performing the data protection security action comprises erasing all user data stored on the mobile communications device.
  - 14. The mobile communications device recited in claim 11, wherein performing the data protection security action comprises overwriting memory locations in which the user data is stored.
  - 15. The mobile communications device recited in claim 11, wherein performing the data protection security action comprises encrypting data stored in the mobile communications device.
  - 16. The mobile communications device recited in claim 9, wherein forcing the mobile communications device into the locked state is enabled by a policy message received on the mobile communications device.

17. A non-transitory computer-readable medium comprising instructions executable on a mobile communications device for providing security on the mobile communications device, the instructions comprising:
- code for forcing the mobile communications device into a locked state, regardless of any current user input activity and regardless of wireless network coverage, upon expiry of periodic timeout periods, each timeout period having a first duration;
  
  code for detecting, by a communications subsystem of the mobile communications device, prior to expiry of a particular timeout period of the periodic timeout periods, a lack of wireless network coverage for a second duration that is shorter than the first duration; and
  
  code for forcing the mobile communications device into the locked state prior to the expiry of the particular timeout period, regardless of any current user input activity, responsive to detecting the lack of wireless network coverage for the second duration, thereby shortening the particular timeout period from the first duration to the second duration.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
- - 18. The non-transitory computer-readable medium recited in claim 17, the instructions further comprising:
    - code for detecting successful user authentication while the mobile communications device is in the locked state; and
      
      code for exiting the locked state responsive to the successful user authentication.
  - 19. The non-transitory computer-readable medium recited in claim 17, the instructions further comprising:
    - code for performing a data protection security action while the mobile communications device remains in the locked state and lacks wireless network coverage.
  - 20. The non-transitory computer-readable medium recited in claim 19, wherein performing the data protection security action comprises erasing data stored in an erasable persistent memory of the mobile communications device.
  - 21. The non-transitory computer-readable medium recited in claim 19, wherein performing the data protection security action comprises erasing all user data stored on the mobile communications device.
  - 22. The non-transitory computer-readable medium recited in claim 19, wherein performing the data protection security action comprises overwriting memory locations in which the user data is stored.
  - 23. The non-transitory computer-readable medium recited in claim 19, wherein performing the data protection security action comprises encrypting data stored in the mobile communications device.
  - 24. The non-transitory computer-readable medium recited in claim 17, wherein forcing the mobile communications device into the locked state is enabled by a policy message received on the mobile communications device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
Brown, Michael Stephen, Adams, Neil Patrick, Little, Herbert Anthony, Fyke, Steven Henry
Primary Examiner(s)
NGUYEN, DINH

Application Number

US14/791,901
Publication Number

US 20150312754A1
Time in Patent Office

624 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/305   by remotely controlling dev...

G06F 21/6218   to a system of files or obj...

G06F 21/88   Detecting or preventing the...

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 2209/80   Wireless network architectu...

H04L 63/102   Entity profiles

H04L 9/00   Cryptographic mechanisms or...

H04W 12/02   Protecting privacy or anony...

H04W 12/08   Access security

H04W 12/082   using revocation of authori...

H04W 12/12   Detection or prevention of ...

H04W 12/61   Time-dependent

H04W 8/02   Processing of mobility data...

H04W 8/245   from a network towards a te...

Automatic security action invocation for mobile communications device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

Automatic security action invocation for mobile communications device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links