System and method for providing network security to mobile devices

US 10,839,075 B2
Filed: 09/17/2019
Issued: 11/17/2020
Est. Priority Date: 12/13/2005
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

memory storing data transfer code,the data transfer code operable on a mobile device having at least one mobile device processor, mobile device memory and a mobile device data port, andthe data transfer code including a redirector executable by the at least one mobile device processor, the redirector operable to redirect all network data received by the mobile device to a trusted security device before the network data is processed by the mobile device processor,the trusted security device including at least one security device processor, security device memory and a security device data port, the security device data port configured to couple to the mobile device data port, the at least one security device processor being different than the at least one mobile device processor, the security device memory including security code and a security policy thereon,the security code operable to receive particular network data from the redirector before the at least one mobile device processor processes the particular network data,the security code operable to evaluate the particular network data for malware as defined the security policy; and

the security code operable to prevent at least a portion of the particular network data from being processed by the at least one mobile device processor or operable to modify at least a portion of the particular network data before being processed by the at least one mobile device processor, when the network data is determined to contain malware as defined by the security policy.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.

210 Citations

20 Claims

1. A system, comprising:
- memory storing data transfer code,the data transfer code operable on a mobile device having at least one mobile device processor, mobile device memory and a mobile device data port, andthe data transfer code including a redirector executable by the at least one mobile device processor, the redirector operable to redirect all network data received by the mobile device to a trusted security device before the network data is processed by the mobile device processor,the trusted security device including at least one security device processor, security device memory and a security device data port, the security device data port configured to couple to the mobile device data port, the at least one security device processor being different than the at least one mobile device processor, the security device memory including security code and a security policy thereon,the security code operable to receive particular network data from the redirector before the at least one mobile device processor processes the particular network data,the security code operable to evaluate the particular network data for malware as defined the security policy; and
  
  the security code operable to prevent at least a portion of the particular network data from being processed by the at least one mobile device processor or operable to modify at least a portion of the particular network data before being processed by the at least one mobile device processor, when the network data is determined to contain malware as defined by the security policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The system of claim 1, wherein the security code is operable to perform gateway level security services including firewall services.
  - 3. The system of claim 1, wherein the security code includes at least one of antivirus software, antispyware software, a firewall, IPS/IDS software, content filtering software, a bytecode monitor, and a URL monitor.
  - 4. The system of claim 1, wherein the security device data port includes a USB connector.
  - 5. The system of claim 1, wherein the security device data port includes a PCMCIA connector.
  - 6. The system of claim 1, wherein the security device data port includes an Ethernet connector.
  - 7. The system of claim 1, wherein the security device data port includes a wireless communication module.
  - 8. The system of claim 1, wherein the trusted security device includes an external data port configured to receive the particular network data directly.
  - 9. The system of claim 1, wherein the data transfer code is operable to install a device driver to the mobile device to enable the data transfer via at least one resident device.
  - 10. The system of claim 1, wherein at least a portion of the trusted security device is a part of the mobile device.

11. A security method, comprising:
- storing data transfer code,the data transfer code operable on a mobile device having at least one mobile device processor, mobile device memory and a mobile device data port, andthe data transfer code including a redirector executable by the at least one mobile device processor, the redirector operable to redirect all network data received by the mobile device to a trusted security device before the network data is processed by the mobile device processor;
  
  transferring the data transfer code to the mobile device;
  
  receiving, by the trusted security device, particular network data from the redirector before the at least one mobile device processor processes the particular network data, the trusted security device including at least one security device processor, security device memory and a security device data port, the security device data port being coupled to the mobile device data port, the at least one security device processor being different than the at least one mobile device processor, the security device memory including security code and a security policy thereon,using the security code to evaluate the particular network data for malware as defined the security policy; and
  
  using the security code to prevent at least a portion of the particular network data from being processed by the at least one mobile device processor or to modify at least a portion of the particular network data before being processed by the at least one mobile device processor, when the network data is determined to contain malware as defined by the security policy.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The method of claim 11, wherein the using the security code to evaluate the particular network data for malware as defined the security policy includes performing gateway level security services including firewall services.
  - 13. The method of claim 11, wherein the using the security code to evaluate the particular network data for malware as defined the security policy includes using at least one of antivirus software, antispyware software, a firewall, IPS/IDS software, content filtering software, a bytecode monitor, and a URL monitor.
  - 14. The method of claim 11, wherein the security device data port includes a USB connector.
  - 15. The method of claim 11, wherein the security device data port includes a PCMCIA connector.
  - 16. The method of claim 11, wherein the security device data port includes an Ethernet connector.
  - 17. The method of claim 11, wherein the security device data port includes a wireless communication module.
  - 18. The method of claim 11, wherein the trusted security device includes an external data port configured to receive the particular network data directly.
  - 19. The method of claim 11, wherein the data transfer code is operable to install a device driver to the mobile device to enable the data transfer via at least one resident device.
  - 20. The method of claim 11, wherein at least a portion of the trusted security device is a part of the mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CUPP Computing AS
Original Assignee
CUPP Computing AS
Inventors
Touboul, Shlomo
Primary Examiner(s)
Okeke, Izunna

Application Number

US16/573,877
Publication Number

US 20200026853A1
Time in Patent Office

427 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/562   Static detection

H04L 63/02   for separating internal fro...

H04L 63/0263   Rule management

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1441   Countermeasures against mal...

H04L 63/145   the attack involving the pr...

H04L 63/20   for managing network securi...

H04W 12/00   Security arrangements; Auth...

H04W 12/12   Detection or prevention of ...

H04W 12/128   Anti-malware arrangements, ...

System and method for providing network security to mobile devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

210 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for providing network security to mobile devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

210 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links