Selectively wiping a remote device

US 9,652,629 B2
Filed: 08/03/2015
Issued: 05/16/2017
Est. Priority Date: 01/19/2007
Status: Active Grant

First Claim

Patent Images

1. A method of selectively securing data at a mobile device by a command issuer associated with an authorization level, the method comprising:

receiving a securing command at the mobile device via a wireless communication subsystem, the mobile device storing data of a first type and data of a second type, the securing command including the authorization level associated with the command issuer; and

in response to receiving the securing command, the mobile device selectively securing the data by;

determining the authorization level from the securing command;

determining, at the mobile device, using the authorization level included in the securing command that data of the first type is to be secured;

securing data of the first type and not securing data of one or more data types not identified by the mobile device based on the authorization level included in the securing command.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for selectively securing data from unauthorized access on a client device storing a plurality of data types with reference to an authorization level indicated in a command. A command is received at a client device comprising an authorization level indicator. Based on at least one predefined rule, which may be implemented in an IT policy stored at the client device, each of the plurality of data types to be secured is determined, and then the data corresponding to those types is secured. The data may be secured by encrypting and/or deleting the data at the client device. The predefined rules associated with each authorization level may be configured by a user or administrator having an authorization level that exceeds the associated authorization level.

52 Citations

33 Claims

1. A method of selectively securing data at a mobile device by a command issuer associated with an authorization level, the method comprising:
- receiving a securing command at the mobile device via a wireless communication subsystem, the mobile device storing data of a first type and data of a second type, the securing command including the authorization level associated with the command issuer; and
  
  in response to receiving the securing command, the mobile device selectively securing the data by;
  
  determining the authorization level from the securing command;
  
  determining, at the mobile device, using the authorization level included in the securing command that data of the first type is to be secured;
  
  securing data of the first type and not securing data of one or more data types not identified by the mobile device based on the authorization level included in the securing command.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein the command issuer is associated with a user and wherein the first type of data is personal data associated with the user.
  - 3. The method of claim 2, wherein the second type of data is not personal data and the second type of data is not secured in response to receiving the securing command.
  - 4. The method of claim 1, wherein the command issuer is associated with an administrator and wherein the first type of data is not personal data.
  - 5. The method of claim 4, wherein the second type of data is personal data and the second type of data is not secured in response to receiving the securing command.
  - 6. The method of claim 1, wherein the securing comprises deleting the data.
  - 7. The method of claim 1, wherein the securing comprises encrypting the data.
  - 8. The method of claim 1, further comprising:
    - prior to securing, setting an indicator corresponding to the first type of data; and
      
      after securing, removing the indicator.
  - 9. The method of claim 1, wherein the first type of data comprises message data.
  - 10. The method of claim 1, wherein the first type of data comprises applications, or data files created at the mobile device or received by an authorized user at the mobile device that are personal to the user.
  - 11. The method of claim 1, wherein the first type of data is not user-created data and wherein determining using the authorization level included in the securing command that data of the first type is to be secured comprises:
    - determining that the authorization level is an administrator authorization level permitting the administrator to secure data that is not user-created data but preventing the administrator from securing user-created data.

12. A mobile device, comprising:
- at least one memory component storing data of a first type and data of a second type;
  
  a wireless communication subsystem; and
  
  at least one processor configured to enable;
  
  receiving a securing command via the wireless communication subsystem, the securing command including an authorization level associated with a command issuer; and
  
  in response to receiving the securing command, the mobile device selectively securing the data by;
  
  determining the authorization level from the securing command;
  
  determining using the authorization level included in the securing command that data of the first type is to be secured; and
  
  securing data of the first type and not securing data of one or more data types not identified by the mobile device based on the authorization level included in the securing command.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The mobile device of claim 12, wherein the command issuer is associated with a user and wherein the first type of data is personal data associated with the user.
  - 14. The mobile device of claim 13, wherein the second type of data is not personal data and the second type of data is not secured in response to receiving the securing command.
  - 15. The mobile device of claim 12, wherein the command issuer is associated with an administrator and wherein the first type of data is not personal data.
  - 16. The mobile device of claim 15, wherein the second type of data is personal data and the second type of data is not secured in response to receiving the securing command.
  - 17. The mobile device of claim 12, wherein the securing comprises deleting the data.
  - 18. The mobile device of claim 12, wherein the securing comprises encrypting the data.
  - 19. The mobile device of claim 12, wherein the processor is further configured to enable:
    - prior to securing, setting an indicator corresponding to the first type of data; and
      
      after securing, removing the indicator.
  - 20. The mobile device of claim 12, wherein the first type of data comprises message data.
  - 21. The mobile device of claim 12, wherein the first type of data comprises applications, or data files created at the mobile device or received by an authorized user at the mobile device that are personal to the user.
  - 22. The mobile device of claim 12, wherein the first type of data is not user-created data and wherein determining using the authorization level included in the securing command that data of the first type is to be secured comprises:
    - determining that the authorization level is an administrator authorization level permitting the administrator to secure data that is not user-created data but preventing the administrator from securing user-created data.

23. A non-transitory computer-readable medium storing code which, when executed by one or more processors of a mobile device, causes the mobile device to perform operations comprising:
- receiving a securing command at the mobile device via a wireless communication subsystem, the mobile device storing data of a first type and data of a second type, the securing command including an authorization level associated with a command issuer; and
  
  in response to receiving the securing command, the mobile device selectively securing the data by;
  
  determining the authorization level from the securing command;
  
  determining, at the mobile device, using the authorization level included in the securing command that data of the first type is to be secured; and
  
  securing data of the first type and not securing data of one or more data types not identified by the mobile device based on the authorization level included in the securing command.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
- - 24. The non-transitory computer-readable medium of claim 23, wherein the command issuer is associated with a user and wherein the first type of data is personal data associated with the user.
  - 25. The non-transitory computer-readable medium of claim 23, wherein the second type of data is not personal data and the second type of data is not secured in response to receiving the securing command.
  - 26. The non-transitory computer-readable medium of claim 23, wherein the command issuer is associated with an administrator and wherein the first type of data is not personal data.
  - 27. The non-transitory computer-readable medium of claim 26, wherein the second type of data is personal data and the second type of data is not secured in response to receiving the securing command.
  - 28. The non-transitory computer-readable medium of claim 23, wherein the securing comprises deleting the data.
  - 29. The non-transitory computer-readable medium of claim 23, wherein the securing comprises encrypting the data.
  - 30. The non-transitory computer-readable medium of claim 23, further comprising:
    - prior to securing, setting an indicator corresponding to the first type of data; and
      
      after securing, removing the indicator.
  - 31. The non-transitory computer-readable medium of claim 23, wherein the first type of data comprises message data.
  - 32. The non-transitory computer-readable medium of claim 23, wherein the first type of data comprises applications, or data files created at the mobile device or received by an authorized user at the mobile device that are personal to the user.
  - 33. The non-transitory computer-readable medium of claim 23, wherein the first type of data is not user-created data and wherein determining using the authorization level included in the securing command that data of the first type is to be secured comprises:
    - determining that the authorization level is an administrator authorization level permitting the administrator to secure data that is not user-created data but preventing the administrator from securing user-created data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
Brown, Michael K., Brown, Michael S., Totzke, Scott W., Little, Herbert A.
Primary Examiner(s)
Chen, Shin-Hon

Application Number

US14/816,271
Publication Number

US 20150339495A1
Time in Patent Office

652 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

G06F 21/6245   Protecting personal data, e...

G06F 21/88   Detecting or preventing the...

G06F 2221/2107   File encryption

G06F 2221/2113   Multi-level security, e.g. ...

G06F 2221/2143   Clearing memory, e.g. to pr...

H04L 63/0428   wherein the data content is...

H04L 63/101   Access control lists [ACL]

H04L 63/105   Multiple levels of security

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/08   Access security

Selectively wiping a remote device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

52 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Selectively wiping a remote device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

52 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links