Claims
- 1. A computer-implemented method for administering protection of data accessible by a mobile computing device comprising:
defining one or more security policies by a server computer system for the mobile computing device based upon criteria, the criteria including a location associated with a network environment in which the mobile device is operating; and sending over a network the one or more security policies to the mobile device.
- 2. The method of claim 1 further comprising:
determining a current security policy by the mobile device from the one or more security policies received over the network from the server computer system based upon criteria, the criteria including a detected location associated with a network environment in which the mobile device is operating; and enforcing the current security policy.
- 3. The method of claim 1 further comprising encrypting the one or more security policies.
- 4. The method of claim 2 further comprising decrypting the one or more received security policies and authenticating that each received security policy is from an authorized server computer system.
- 5. The method of claim 1 further comprising:
monitoring diagnostic data received over the network from one or more mobile client devices; analyzing the diagnostic data; and transmitting support information to the one or more mobile devices.
- 6. A computer-implemented method for providing protection of data accessible by a mobile computing device comprising:
defining one or more security policies by a server computer system for the mobile computing device based upon criteria, the criteria including a security feature associated with a network environment in which the mobile device is operating; and sending over a network the one or more security policies to the mobile device.
- 7. The method of claim 6 further comprising:
determining a current security policy by the mobile device from the one or more security policies received over the network from the server computer system based upon criteria, the criteria including a detected activity status of the security feature; and enforcing the current security policy.
- 8. The method of claim 6 further comprising:
determining a current security policy for the client mobile device from the one or more security policies received from the server system based upon criteria including the detected location.
- 9. The method of claim 6 further comprising:
enforcing the current security policy on the client mobile device by sending commands over the network to the client device
- 10. A computer-implemented system for providing protection of data accessible by a client mobile computing device comprising:
a policy management module for managing one or more security policies for execution on the client mobile device, the security policies being defined based upon criteria, the criteria including a location associated with a network environment in which the mobile device is operating; and a policy distribution module for sending over the network the one or more security policies to the mobile device, the policy distribution module having a communication interface with the policy management module for receiving information regarding policies.
- 11. The system of claim 10 further comprising:
an authorization module for authorizing a communication exchange with the client mobile device based upon information received from the mobile device over the network in accordance with a cryptographic authentication protocol.
- 12. The system of claim 10 wherein the one or more security policies are defined as XML documents.
- 13. The system of claim 10 wherein the one or more security policies are encrypted.
- 14. The system of claim 10 wherein, responsive to an update request from a client, the distribution module transmits over a network to the mobile client device, security information.
- 15. The system of claim 10 further comprising a remote diagnostics module comprising:
a monitoring module for monitoring diagnostic data received over a network from one or more remotely located mobile client devices; a diagnosis module for analyzing the diagnostic data; and a distribution module for transmitting support information to the one or more mobile devices.
- 16. The system of claim 10 further comprising: a policy setting module for determining a current security policy for the client mobile device from the one or more security policies received from the policy management module based upon criteria including the detected location.
- 17. The system of claim 10 wherein the criteria further comprises an activity status of a security feature.
- 18. The system of claim 16 further comprising a policy enforcement control module being communicatively coupled with the policy setting module for communication of the current security policy to be enforced, the enforcement control module comprising one or more enforcement mechanism modules for enforcing the current security policy on the client mobile device by sending commands over the network to the client device.
- 19. In a mobile computing device, a computer-implemented system for providing protection of data accessible by a mobile computing device comprising:
a location detection module for detecting the location associated with the network environment in which the mobile device is operating; a policy setting module being communicatively coupled with the location detection module for communication of the detected location and being communicatively coupled over a network to a policy management module, the policy setting module determining a current security policy from the one or more security policies received from the policy management module based upon criteria including the detected location; and a policy enforcement control module being communicatively coupled with the policy setting module for communication of the current security policy to be enforced, the enforcement control module comprising one or more enforcement mechanism modules for enforcing the current security policy.
- 20. The system of claim 19 wherein the policy setting module sends an update request to the policy management module, the update request requesting any new versions of the one or more policies used by the mobile device.
- 21. The system of claim 19 further comprising
a security features module for determining whether one or more security features have an activity status of inactive or active in a communication session between the mobile device and another computer; and the policy setting module having a communication interface with the security features module for communication of the activity status of the one or more security features, the policy setting module determining the current security policy from the one or more security policies received from the policy management module based upon criteria further including the activity status of the one or more security features.
- 22. The system of claim 19 wherein the mobile device is operating in an unmanaged mode, the policy setting module having a communication interface with the user interface module wherein the policy setting module defines an aspect of a security policy based on input received from the user interface module.
- 23. The system of claim 19 wherein the location detection module continuously detects the location in which the mobile device is operating;
responsive to a new location being detected, notifying the policy setting module via the communication interface of the new detected location; responsive to the notification of the new detected location, the policy setting module determining whether the current security policy is to be changed to another policy; and responsive to the change in policy being indicated, automatically making the other policy the current security policy; and responsive to the other policy being made the current security policy, the policy enforcement module automatically enforcing the other policy as the current policy.
- 24. In a mobile computing device, a computer-implemented system for providing protection of data accessible by a mobile computing device comprising:
a security features module for determining whether one or more security features have an activity status of inactive or active in a communication session between the mobile device and another computer; a policy setting module having a communication interface with the security features module for communication of the activity status of the one or more security features and being communicatively coupled over a network to a policy management module, the policy setting module determining a current security policy from the one or more security policies received from the policy management module based upon criteria including the activity status of the one or more security features; and a policy enforcement control module being communicatively coupled with the policy setting module for communication of the current security policy to be enforced, the enforcement control module comprising one or more enforcement mechanism modules for enforcing the current security policy.
- 25. The system of claim 24 wherein at least one of the security features is a connection type of wired or wireless.
- 26. The system of claim 24 wherein at least one of the security features is a security software program.
- 27. The system of claim 24 wherein at least one of the security features is a network class.
- 28. The system of claim 27 wherein the network class is a type of mobile communications system.
- 29. The system of claim 28 wherein the type of mobile communications system is a type of wireless communications system.
- 30. The system of claim 29 wherein the network class is a Global System for Mobile Communications system.
- 31. The system of claim 28 wherein the network class is 802.3.
- 32. The system of claim 28 wherein the network class is 802.15.
- 33. The system of claim 28 wherein the network class is 802.16.
- 34. The system of claim 27 wherein the network class is a variation of 802.11.
- 35. The system of claim 27 wherein the network class is 3G.
- 36. The system of claim 27 wherein the network class is General Packet Radio Service.
- 37. A system for remotely diagnosing one or more mobile devices comprising:
a monitoring module for monitoring diagnostic data received over a network from one or more remotely located mobile client devices; a diagnosis module for analyzing the diagnostic data; and a distribution module for transmitting support information to the one or more mobile devices.
- 38. A method for remotely diagnosing one or more mobile devices comprising:
monitoring diagnostic data received over a network from one or more mobile client devices; analyzing the diagnostic data; and transmitting support information to the one or more mobile devices.
- 39. A method for remotely diagnosing one or more mobile computing devices comprising:
one or more mobile computing devices transmitting diagnostic data over a network to the server computer system; the mobile device receiving support information including instructions from the server computer system; and the mobile device executing the instructions.
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims priority under 35 U.S.C. § 120 as a continuation-in-part of pending U.S. patent application Ser. No. 10/377, 265 entitled “Protection of Data Accessible by a Mobile Device,” filed on Feb. 28, 2003, having inventors Michael Wright, Peter Boucher, Gabe Nault, Merrill Smith, Sterling Jacobsen, Jonathan Wood and Robert Mims, which is hereby incorporated by reference.
[0002] This application claims the benefit of priority under 35 U.S.C. § 119(e) to U.S. provisional patent application No. 60/434,485, filed on Dec. 18, 2002, entitled “System And Method For Protecting Data Based On Location Of Mobile Devices” having inventors Michael Wright, Peter Boucher, Gabe Nault, Merrill Smith, Sterling Jacobsen, and Jonathan Wood, which is hereby incorporated by reference.
[0003] This application also claims the benefit of priority under 35 U.S.C. § 119(e) to U.S. provisional patent application No. 60/438,556, filed on Jan. 6, 2003, entitled “Remote Management For Protecting And Accessing Data Based On A Connection Type Or An Environment Of A Mobile Device” having inventors Michael Wright, Peter Boucher, Gabe Nault, Merrill Smith, Sterling Jacobsen, Jonathan Wood and Robert Mims, which is hereby incorporated by reference.
Provisional Applications (2)
|
Number |
Date |
Country |
|
60434485 |
Dec 2002 |
US |
|
60438556 |
Jan 2003 |
US |
Continuation in Parts (1)
|
Number |
Date |
Country |
Parent |
10377265 |
Feb 2003 |
US |
Child |
10413443 |
Apr 2003 |
US |