Secure management of devices
US-2021281481-A1 · Sep 9, 2021 · US
Remotely configuring communication restrictions
US12574373B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12574373-B2 |
| Application number | US-202016862957-A |
| Country | US |
| Kind code | B2 |
| Filing date | Apr 30, 2020 |
| Priority date | May 6, 2019 |
| Publication date | Mar 10, 2026 |
| Grant date | Mar 10, 2026 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In some implementations, a controller device can implement communication restriction configurations on a managed device operated by a first user with a first account identifier, the configurations designed to limit a feature or functionality of the managed device. For example, the controller device can remotely cause the managed device to limit the communication capabilities of the first device. For example, the first device receives a message including the configuration. The managed device determines that the communication restriction configuration is created by a second user of the controller device. The first device identifies a second account identifier for the controller device. The first device determines that the second account identifier represents a member of a family group that includes the first account identifier. The managed device then automatically configures itself based on the first communication restriction configuration, including restricting access to one or more communication features of the managed device.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method implemented by a management application on a managed device associated with a first account identifier corresponding to a first user, the method comprising: receiving, at the managed device, a first message including a first communication restriction configuration for managing the managed device from a controller device, the first configuration defined by a second user of the controller device, the second user corresponding to a second user account, wherein the communication restriction configuration is encrypted such that only the controller device and the managed device can access the communication restriction configuration; identifying, based on the first message, the second account identifier associated with the controller device; determining that the second account identifier is a member of a trusted group of account identifiers that includes the first account identifier; and in response to the determination, automatically configuring the managed device based on the first communication restriction configuration and a contacts database, including restricting access to one or more communication features of the managed device, wherein configuring the managed device based on the first communication restriction configuration comprises restricting the first user from configuring the contacts database on the managed device, wherein the contacts database defines account identifiers associated with user devices with which the managed device is allowed to communicate. 2 . The method of claim 1 , further comprising: identifying that the first communication restriction configuration authorizes a first communication feature and deauthorizes a second communication feature; allowing access to the first communication feature; and preventing access to the second communication feature. 3 . The method of claim 2 , wherein the first communication feature corresponds to a first application installed on the managed device and the second communication feature corresponds to a second application installed on the managed device. 4 . The method of claim 2 , wherein the first communication feature corresponds to a first application feature of a first application installed on the managed device and the second communication feature corresponds to a second application feature of the first application. 5 . The method of claim 1 , further comprising: receiving, at the managed device, a first communication from a third device associated with a third account identifier; based on the first communication restriction configuration and the third account identifier, determining that the managed device is configured to prevent communication with the third device; and suppressing the first communication with the third device. 6 . The method of claim 1 , further comprising: determining that the first communication restriction configuration restricts communication with a third device associated with a third account identifier during a first time period; detecting an active communication session involving the managed device and the third device; and determining that a current time is within the first time period; and terminating the active communication session with the third device. 7 . The method of claim 1 , further comprising: receiving the first communication restriction configuration including a first communication restriction setting and a second communication restriction setting; determining, by the managed device, an age of the first user of the managed device; when the age is less than a threshold value, configuring the managed device based on the first communication restriction setting and the second communication restriction setting; and when the age is greater than or equal to the threshold value, configuring the managed device based on the first communication restriction setting while disregarding the second communication restriction setting. 8 . The method of claim 1 , further comprising: receiving, at the managed device, user input to add a new contact to the contacts database while access to the one or more communication features is restricted; and responsive to the user input to add the new contact to the contacts database, displaying, by the managed device, a message denying addition of the new contact. 9 . A non-transitory computer readable medium storing a program for execution by at least one processor of a managed device associated with a first account identifier corresponding to a first user, the program comprising sets of instructions for: receiving, at the managed device, a first message including a first communication restriction configuration for managing the managed device from a controller device, the first configuration defined by a second user of the controller device, the second user corresponding to a second user account, wherein the communication restriction configuration is encrypted such that only the controller device and the managed device can access the communication restriction configuration; identifying, based on the first message, the second account identifier associated with the controller device; determining that the second account identifier is a member of a trusted group of account identifiers that includes the first account identifier; and in response to the determination, automatically configuring the managed device based on the first communication restriction configuration and a contacts database, including restricting access to one or more communication features of the managed device, wherein configuring the managed device based on the first communication restriction configuration comprises restricting the first user from configuring the contacts database on the managed device, wherein the contacts database defines account identifiers associated with user devices with which the managed device is allowed to communicate. 10 . The non-transitory computer readable medium of claim 9 , wherein the program further comprises sets of instructions for: identifying that the first communication restriction configuration authorizes a first communication feature and deauthorizes a second communication feature; allowing access to the first communication feature; and preventing access to the second communication feature. 11 . The non-transitory computer readable medium of claim 10 , wherein the first communication feature corresponds to a first application installed on the managed device and the second communication feature corresponds to a second application installed on the managed device. 12 . The non-transitory computer readable medium of claim 10 , wherein the first communication feature corresponds to a first application feature of a first application installed on the managed device and the second communication feature corresponds to a second application feature of the first application. 13 . The non-transitory computer readable medium of claim 9 , wherein the program further comprises sets of instructions for: receiving, at the managed device, a first communication from a third device associated with a third account identifier; based on the first communication restriction configuration and the third account identifier, determining that the managed device is configured to prevent communication with the third device; and suppressing the first communication with the third device. 14 . The non-transitory computer readable medium of claim 9 , wherein the program further comprises sets of instructions for: determining that the first communication restriction configuration restricts communication with a third device associated with a t
Assignees
Inventors
Classifications
when the policy decisions are valid for a limited amount of time · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Entity profiles · CPC title
using wearable devices, e.g. using a smartwatch or smart-glasses · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12574373B2 cover?
- In some implementations, a controller device can implement communication restriction configurations on a managed device operated by a first user with a first account identifier, the configurations designed to limit a feature or functionality of the managed device. For example, the controller device can remotely cause the managed device to limit the communication capabilities of the first device…
- Who is the assignee on this patent?
- Apple Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0876. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Mar 10 2026 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).