Mobile device security system
First Claim
1. A location based mobile device security enforcement system, comprising:
- a mobile device; and
a management system comprising;
one or more non-transitory storage-devices storing computer executable instructions; and
a processor configured to execute the computer executable instructions to;
monitor the mobile device located in a secure area by receiving a report from the mobile device security application on the mobile device, wherein the secure area comprises at least one authorized accessible area for the mobile device;
interact with the mobile device located in the secure area to register a mobile device user of the mobile device;
in response to registering the mobile device user, create a mobile device user profile and a security policy for the mobile device based on the registration, and store the mobile device user profile and the security policy in a mobile device management (MDM) server, wherein the security policy comprises a user designation level of the mobile device selected from a plurality of user designation levels, information of the at least one authorized accessible area for the mobile device, and information of authorized period of time for the mobile device; and
transmit the security policy to the mobile device;
a security control module separate from the mobile device and configured to maintain a constant contact with the mobile device;
one or more first computers at the secure area, separate from the mobile device, and each configured to,allow a user to install the mobile device security application on the mobile device through a connection established between the first computer and the mobile device;
register, with the management system, the mobile device user and create the mobile device user profile based on the registration;
assign the user designation level to the mobile device;
assign the at least one authorized accessible area for the mobile device; and
assign the authorized period of time for the mobile device;
wherein the mobile device security application installed on the mobile device, when executed by a processor of the mobile device, is configured to;
monitor a current location of the mobile device and a current time; and
when the mobile device is located within the secure area,communicate wirelessly with the management system;
interact with the management system to register the mobile device user;
receive and store the security policy from the management system;
determine whether the mobile device requires a security change to one or more functions on the mobile device by comparing the current location of the mobile device and the current time with the user designation level of the mobile device, the information of the at least one authorized accessible area for the mobile device and the information of the authorized period of time for the mobile device of the security policy; and
in response to determining that the mobile device requires the security change to the one or more functions on the mobile device, perform the security change to each of the one or more functions on the mobile device, and disable or enable a respective driver of at least one of a camera device, a microphone device, and a telephone device of the mobile device;
wherein the secure area comprises a plurality of sub-areas, and each of the sub-areas is designated to have one of a plurality of area designation security levels;
wherein the at least one authorized accessible area for the mobile device comprises a plurality of the sub-areas; and
wherein for at least one of the sub-areas, each of the plurality of user designation levels corresponds to different security changes in the area designation security level of the sub-area, and at least one user designation level corresponds to different security changes in different sub-areas having different area designation security levels;
wherein the mobile device security application installed on the mobile device, when executed by the processor of the mobile device, is further configured tomaintain the constant contact with the security control module;
make security changes to the camera device, the microphone device, and the telephone device when the constant contact is lost;
retrieve an evacuation destination from emergency messages broadcast by the security control module;
generate an evacuation route according to the current location of the mobile device and the evacuation destination; and
display the evacuation route on the mobile device.
3 Assignments
0 Petitions
Accused Products
Abstract
A location based mobile device security enforcement system includes: (a) a mobile device management (MDM) server, (b) a security control module, (c) an entry point security system, and (d) a mobile device security application, when installed and executed on a mobile device, configured to register the mobile device and its user to create a mobile device user profile for the mobile device user, when the mobile device and its user enter a secure area, authenticate the mobile device user, maintain constant contact with security control module, and make security adjustments to the mobile device if contact between mobile device and security control module is lost, mobile device security application becomes non-operational, current time is beyond the mobile device user authorized access time period, and current mobile device location is outside of mobile device user authorized access area or crosses borders between one area security level to another area security level.
28 Citations
16 Claims
-
1. A location based mobile device security enforcement system, comprising:
-
a mobile device; and a management system comprising; one or more non-transitory storage-devices storing computer executable instructions; and a processor configured to execute the computer executable instructions to; monitor the mobile device located in a secure area by receiving a report from the mobile device security application on the mobile device, wherein the secure area comprises at least one authorized accessible area for the mobile device; interact with the mobile device located in the secure area to register a mobile device user of the mobile device; in response to registering the mobile device user, create a mobile device user profile and a security policy for the mobile device based on the registration, and store the mobile device user profile and the security policy in a mobile device management (MDM) server, wherein the security policy comprises a user designation level of the mobile device selected from a plurality of user designation levels, information of the at least one authorized accessible area for the mobile device, and information of authorized period of time for the mobile device; and transmit the security policy to the mobile device; a security control module separate from the mobile device and configured to maintain a constant contact with the mobile device; one or more first computers at the secure area, separate from the mobile device, and each configured to, allow a user to install the mobile device security application on the mobile device through a connection established between the first computer and the mobile device; register, with the management system, the mobile device user and create the mobile device user profile based on the registration; assign the user designation level to the mobile device; assign the at least one authorized accessible area for the mobile device; and assign the authorized period of time for the mobile device; wherein the mobile device security application installed on the mobile device, when executed by a processor of the mobile device, is configured to; monitor a current location of the mobile device and a current time; and when the mobile device is located within the secure area, communicate wirelessly with the management system; interact with the management system to register the mobile device user; receive and store the security policy from the management system; determine whether the mobile device requires a security change to one or more functions on the mobile device by comparing the current location of the mobile device and the current time with the user designation level of the mobile device, the information of the at least one authorized accessible area for the mobile device and the information of the authorized period of time for the mobile device of the security policy; and in response to determining that the mobile device requires the security change to the one or more functions on the mobile device, perform the security change to each of the one or more functions on the mobile device, and disable or enable a respective driver of at least one of a camera device, a microphone device, and a telephone device of the mobile device; wherein the secure area comprises a plurality of sub-areas, and each of the sub-areas is designated to have one of a plurality of area designation security levels; wherein the at least one authorized accessible area for the mobile device comprises a plurality of the sub-areas; and wherein for at least one of the sub-areas, each of the plurality of user designation levels corresponds to different security changes in the area designation security level of the sub-area, and at least one user designation level corresponds to different security changes in different sub-areas having different area designation security levels; wherein the mobile device security application installed on the mobile device, when executed by the processor of the mobile device, is further configured to maintain the constant contact with the security control module; make security changes to the camera device, the microphone device, and the telephone device when the constant contact is lost; retrieve an evacuation destination from emergency messages broadcast by the security control module; generate an evacuation route according to the current location of the mobile device and the evacuation destination; and display the evacuation route on the mobile device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for performing location based mobile device security enforcement, comprising:
-
monitoring, by a mobile device security application installed on a mobile device, a current location of the mobile device and a current time; communicating wirelessly, by the mobile device security application installed on the mobile device, with a location based mobile device security enforcement system when the mobile device is located within a secure area; monitoring, by the location based mobile device security enforcement system, the mobile device located in the secure area by receiving a report from the mobile device security application installed on the mobile device, wherein the secure area comprises at least one authorized accessible area for the mobile device; interacting, by the mobile device security application installed on the mobile device, with the location based mobile device security enforcement system to register the mobile device user when the mobile device is located within the secure area; interacting, by the location based mobile device security enforcement system, with the mobile device located in the secure area to register a mobile device user of the mobile device; in response to registering the mobile device user, creating, at the location based mobile device security enforcement system, a mobile device user profile and a security policy for the mobile device based on the registration, and storing the mobile device user profile and the security policy in a mobile device management (MDM) server, wherein the security policy comprises a user designation level of the mobile device selected from a plurality of user designation levels, information of the at least one authorized accessible area for the mobile device, and information of authorized period of time for the mobile device; transmitting, by the location based mobile device security enforcement system, the security policy to the mobile device; maintaining, at a security control module separate from the mobile device, a constant contact with the mobile device; at a first computer separate from the mobile device and—
at the secure area,allowing a user to install the mobile device security application on the mobile device through a connection established between the first computer and the mobile device; registering, with the location based mobile device security enforcement system, the mobile device user and creating the mobile device user profile based on the registration; assigning the user designation level to the mobile device; assigning the at least one authorized accessible area for the mobile device; and assigning the authorized period of time for the mobile device; receiving and storing, by the mobile device security application installed on the mobile device, the security policy from the location based mobile device security enforcement system when the mobile device is located within the secure area; determining, by the mobile device security application installed on the mobile device, whether the mobile device requires a security change to one or more functions on the mobile device by comparing the current location of the mobile device and the current time with the user designation level of the mobile device, the information of the at least one authorized accessible area for the mobile device and the information of the authorized period of time for the mobile device of the security policy; in response to determining that the mobile device requires the security change to the one or more functions on the mobile device, performing, by the mobile device security application installed on the mobile device, the security change to each of the one or more functions on the mobile device, and disabling or enabling a respective driver of at least one of a camera device, a microphone device, and a telephone device of the mobile device, when the mobile device is located within the secure area; maintaining, at the mobile device security application installed on the mobile device, the constant contact with the security control module; making, at the mobile device security application installed on the mobile device, security changes to the camera device, the microphone device, and the telephone device when the constant contact is lost; retrieving, at the mobile device security application installed on the mobile device, an evacuation destination from emergency messages broadcast by the security control module; generating, at the mobile device security application installed on the mobile device, an evacuation route according to the current location of the mobile device and the evacuation destination; displaying, by the mobile device security application installed on the mobile device, the evacuation route on the mobile device; wherein the secure area comprises a plurality of sub-areas, and each of the sub-areas is designated to have one of a plurality of area designation security levels; wherein the at least one authorized accessible area for the mobile device comprises a plurality of the sub-areas; and wherein for at least one of the sub-areas, each of the plurality of user designation levels corresponds to different security changes in the area designation security level of the sub-area, and at least one user designation level corresponds to different security changes in different sub-areas having different area designation security levels. - View Dependent Claims (13, 14)
-
-
15. Non-transitory computer storage media storing computer-executable instructions, wherein the computer-executable instructions, when executed by a first processor of a mobile device or a second processor of a location based mobile device security enforcement system, are configured to instruct the first processor or the second processor to:
-
monitor the mobile device located in a secure area by receiving a report from a mobile device security application installed on the mobile device, wherein the secure area comprises at least one authorized accessible area for the mobile device; interact with the mobile device located in the secure area to register a mobile device user of the mobile device; in response to registering the mobile device user, create, at the location based mobile device security enforcement system, a mobile device user profile and a security policy for the mobile device based on the registration, and storing the mobile device user profile and the security policy in a mobile device management (MDM) server, wherein the security policy comprises a user designation level of the mobile device selected from a plurality of user designation levels, information of the at least one authorized accessible area for the mobile device, and information of authorized period of time for the mobile device; and transmit, by the location based mobile device security enforcement system, the security policy to the mobile device; maintain, at a security control module separate from the mobile device, a constant contact with the mobile device; wherein the computer-executable instructions, when executed at a first computer separate from the mobile device and at the secure area, are configured to, allow a user to install the mobile device security application on the mobile device through a connection established between the first computer and the mobile device; register, with the location based mobile device security enforcement system, the mobile device user and create the mobile device user profile based on the registration; assign the user designation level to the mobile device; assign the at least one authorized accessible area for the mobile device; and assign the authorized period of time for the mobile device; wherein the mobile device security application installed on the mobile device, when executed at a processor of the mobile device, is configured to; monitor a current location of the mobile device and a current time; when the mobile device is located within the secure area, communicate wirelessly with the location based mobile device security enforcement system; interact with the location based mobile device security enforcement system to register the mobile device user; receive and store the security policy from the location based mobile device security enforcement system; determine whether the mobile device requires a security change to one or more functions on the mobile device by comparing the current location of the mobile device and the current time with the user designation level of the mobile device, the information of the at least one authorized accessible area for the mobile device and the information of the authorized period of time for the mobile device of the security policy; and in response to determining that the mobile device requires the security change to the one or more functions on the mobile device, perform the security change to each of the one or more functions on the mobile device, and disable or enable a respective driver of at least one of a camera device, a microphone device, and a telephone device of the mobile device; maintain, at the mobile device security application installed on the mobile device, the constant contact with the security control module; make, at the mobile device security application installed on the mobile device, security changes to the camera device, the microphone device, and the telephone device when the constant contact is lost; retrieve an evacuation destination from emergency messages broadcast by the security control module; generate an evacuation route according to the current location of the mobile device and the evacuation destination; and display the evacuation route on the mobile device; wherein the secure area comprises a plurality of sub-areas, and each of the sub-areas is designated to have one of a plurality of area designation security levels; wherein the at least one authorized accessible area for the mobile device comprises a plurality of the sub-areas; and wherein for at least one of the sub-areas, each of the plurality of user designation levels corresponds to different security changes in the area designation security level of the sub-area, and at least one user designation level corresponds to different security changes in different sub-areas having different area designation security levels. - View Dependent Claims (16)
-
Specification