System and method for providing network security to mobile devices
DCFirst Claim
Patent Images
1. A security system, comprising:
- security system memory;
a security system processor configured to;
store in the security system memory a security policy identifying one or more trusted networks and defining when to forward network data intended for a mobile device to the mobile device for processing by at least one mobile device processor of the mobile device, the at least one mobile device processor of the mobile device being different than the security system processor of the security system,the security policy defining that when the mobile device does not reside on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will scan the network data for malicious content to decide whether the network data should be forwarded to the mobile device,the security policy defining that when the mobile device resides on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will allow the network data to be forwarded to the mobile device without the security system processor of the security system scanning for the malicious content;
receive from the mobile device particular network data before the at least one mobile device processor of the mobile device processes the particular network data, the particular network data having been forwarded to the security system by the at least one mobile device processor of the mobile device; and
execute security code to implement the security policy as it relates to the particular network data received from the mobile device, the security code configured to modify at least a portion of the particular network data before delivering the particular network data as modified to the mobile device.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.
-
Citations
21 Claims
-
1. A security system, comprising:
-
security system memory; a security system processor configured to; store in the security system memory a security policy identifying one or more trusted networks and defining when to forward network data intended for a mobile device to the mobile device for processing by at least one mobile device processor of the mobile device, the at least one mobile device processor of the mobile device being different than the security system processor of the security system, the security policy defining that when the mobile device does not reside on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will scan the network data for malicious content to decide whether the network data should be forwarded to the mobile device, the security policy defining that when the mobile device resides on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will allow the network data to be forwarded to the mobile device without the security system processor of the security system scanning for the malicious content; receive from the mobile device particular network data before the at least one mobile device processor of the mobile device processes the particular network data, the particular network data having been forwarded to the security system by the at least one mobile device processor of the mobile device; and execute security code to implement the security policy as it relates to the particular network data received from the mobile device, the security code configured to modify at least a portion of the particular network data before delivering the particular network data as modified to the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
storing in security system memory a security policy identifying one or more trusted networks and defining when to forward network data intended for a mobile device to the mobile device for processing by at least one mobile device processor of the mobile device, the at least one mobile device processor of the mobile device being different than a security system processor of the security system, the security policy defining that when the mobile device does not reside on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will scan the network data for malicious content to decide whether the network data should be forwarded to the mobile device, the security policy defining that when the mobile device resides on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will allow the network data to be forwarded to the mobile device without the security system processor of the security system scanning for the malicious content; receiving from the mobile device particular network data before the at least one mobile device processor of the mobile device processes the particular network data, the particular network data having been forwarded to the security system by the at least one mobile device processor of the mobile device; and executing security code to implement the security policy as it relates to the particular network data received from the mobile device, the executing the security code including modifying at least a portion of the particular network data before delivering the particular network data as modified to the mobile device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A security system comprising:
-
security system memory storing a security policy identifying one or more trusted networks and defining when to forward network data intended for a mobile device to the mobile device for processing by at least one mobile device processor of the mobile device, the at least one mobile device processor of the mobile device being different than a security system processor of the security system, the security policy defining that when the mobile device does not reside on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will scan the network data for malicious content to decide whether the network data should be forwarded to the mobile device, the security policy defining that when the mobile device resides on any of the one or more trusted networks identified by the security policy, the security system processor of the security system will allow the network data to be forwarded to the mobile device without the security system processor of the security system scanning for the malicious content; means for receiving from the mobile device particular network data before the at least one mobile device processor of the mobile device processes the particular network data, the particular network data having been forwarded to the security system by the at least one mobile device processor of the mobile device; and security code configured to implement the security policy as it relates to the particular network data received from the mobile device, the security code configured to modify at least a portion of the particular network data before delivering the particular network data as modified to the mobile device.
-
Specification