System and method for secure control of resources of wireless mobile communication devices
First Claim
1. A wireless communication device, comprising:
- at least one memory storing a first domain comprising a first set of assets controlled by a first domain owner, and the at least one memory storing a second domain comprising a second set of assets controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an owner of the wireless communication device; and
a domain controller configured to control the first domain and the second domain, and further configured to control access to the first set of assets and the second set of assets;
wherein the domain controller is further configured to receive from a first entity a request to perform an operation affecting a particular asset in the first set of assets and responsive to receiving the request;
deny the request if the request originated from a different domain than the asset; and
permit the request if the request originated from a same domain as the asset.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for secure control of a wireless mobile communication device are disclosed. Each of a plurality of domains includes at least one wireless mobile communication device asset. When a request to perform an operation affecting at least one of the assets is received, it is determined whether the request is permitted by the domain that includes the at least one affected asset, by determining whether the entity with which the request originated has a trust relationship with the domain, for example. The operation is completed where it is permitted by the domain. Wireless mobile communication device assets include software applications, persistent data, communication pipes, and configuration data, properties or user or subscriber profiles.
81 Citations
24 Claims
-
1. A wireless communication device, comprising:
-
at least one memory storing a first domain comprising a first set of assets controlled by a first domain owner, and the at least one memory storing a second domain comprising a second set of assets controlled by a second domain owner, wherein the first domain owner is an employer, and the second domain owner is an owner of the wireless communication device; and a domain controller configured to control the first domain and the second domain, and further configured to control access to the first set of assets and the second set of assets; wherein the domain controller is further configured to receive from a first entity a request to perform an operation affecting a particular asset in the first set of assets and responsive to receiving the request; deny the request if the request originated from a different domain than the asset; and permit the request if the request originated from a same domain as the asset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method implemented on a wireless communication device, the method comprising:
-
storing a first set of assets in a first domain and storing a second set of assets in a second domain, wherein the first set of assets is controlled by a first domain owner that is an employer, and the second set of assets is controlled by a second domain owner that is an owner of the wireless communication device; receiving, from a first entity, a request to perform an operation affecting a particular asset in the first set of assets, wherein the request is received by a domain controller configured to control the first domain and the second domain, and further configured to control access to the first set of assets and the second set of assets; responsive to receiving the request, the domain controller; denying the request if the request originated from a different domain than the asset; and permitting the request if the request originated from a same domain as the asset. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable medium storing program code executable by a processor to implement a method on a wireless communication device, the method comprising:
-
storing a first set of assets in a first domain and storing a second set of assets in a second domain, wherein the first set of assets is controlled by a first domain owner that is an employer, and the second set of assets is controlled by a second domain owner that is an owner of the wireless communication device; receiving from a first entity a request to perform an operation affecting a particular asset in the first set of assets, wherein the request is received by a domain controller configured to control the first domain and the second domain, and further configured to control access to the first set of assets and the second set of assets; responsive to receiving the request, the domain controller; denying the request if the request originated from a different domain than the asset; and permitting the request if the request originated from a same domain as the asset. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
Specification