Who is the assignee on this patent?

Roach Kyle J, Hrybyk Alex, Morrison John S, and 5 more

What technology area does this patent fall under?

Primary CPC classification H04L63/20. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue May 05 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Method and apparatus for context aware mobile security

US9027076B2 · US · B2

Patent metadata
Field	Value
Publication number	US-9027076-B2
Application number	US-201213428859-A
Country	US
Kind code	B2
Filing date	Mar 23, 2012
Priority date	Mar 23, 2012
Publication date	May 5, 2015
Grant date	May 5, 2015

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

An approach is provided for causing a change in a security policy of a device based on contextual information. The approach involves determining context information associated with a device. The approach also involves determining a security policy of the device. The approach further involves determining a change of the context information. The approach additionally involves processing the determined change of the context information to cause, at least in part, a revision of the security policy of the device.

First claim

Opening claim text (preview).

What is claimed is: 1. A method for modifying a security policy executed on a mobile device, comprising: first determining, by a processor, first context parameters associated with the mobile device, the mobile device being operated according to one of a plurality of separate and distinct context aware security policies stored in a memory in the mobile device for execution; automatically operating the mobile device according to a first security policy among the plurality of security policies based on the first determined first context parameters associated with the mobile device; second determining, by the processor, a change in at least one of the first context parameters to a second context parameter that affects the automatically operating the mobile device according to the first security policy; automatically selecting, by the processor, a second security policy among the plurality of security policies based on the second determining; automatically operating the mobile device according to the second security policy of the mobile device based on the second determined change in the at least one of the first context parameters to the second context parameter, a particular network being accessible by the mobile device, the second security policy enabling connectivity of the mobile device to the particular network according to a separate security policy of the particular network; adapting, by the processor, a third security policy among the plurality of security policies of the mobile device and one or more application services accessible via the mobile device to the separate security policy of the particular network by implementing the separate security policy of the particular network as the third security policy on the mobile device; third determining, by the processor, a change in at least one other of the first context parameters and a change in the separate security policy of the particular network; and automatically selecting, by the processor, a fourth security policy among the plurality of security policies based on the third determining, the fourth security policy processing the change in the at least one other of the first context parameters and the change in the separate security policy of the particular network to disable the connectivity of the mobile device to the particular network, wherein the processor employs a context aware mobile security policy application stored in the memory in the mobile device, and the first context parameters comprise at least one of a date, a time, a temperature, a user command, a communication of the mobile device with a network access node and user credentials associated with the mobile device. 2. The method of claim 1 , the adapting by the processor of the one or more application services comprising one or more of (1) a limiting of access rights to the one or more application services, (2) a limiting of access rights of the one or more application services to access the particular network, (3) a limiting of a functionality of the one or more application services, and (4) a clearing of a memory that is accessible by the one or more application services. 3. The method of claim 1 , at least the second security policy implementing a change over the first security policy of at least one of (1) a limiting of access rights to one or more application services accessible via the mobile device, (2) a limiting of access rights of the one or more application services to data processed by the mobile device, (3) a limiting of a functionality of the one or more application services, (4) a clearing of a separate memory that is accessible by the one or more application services, and (5) an accessing of one or more secure applications that are not accessible by the mobile device executing the first security policy. 4. The method of claim 1 , the plurality of separate and distinct context aware security policies each implementing a different one or more of operational limits, security limits, threat limits, network connectivity allowances, sensor availability allowances, cryptographic protection protocols, memory accessibility allowances, application service accessibility allowances, and user accessibility allowances. 5. A mobile communicating device, comprising: at least a first memory storing a plurality of separate and distinct context aware security policies by which the mobile communicating device is operated; a sensor that determines at least one of a plurality of context parameters associated with the mobile communicating device; and a processor that is programmed to: execute a first security policy among the plurality of security policies based on first context parameters associated with the mobile communicating device; execute a first determining of a change in at least one of the first context parameters to a second context parameter that affects operation of the mobile communicating device according to the first security policy; automatically select a second security policy among the plurality of security policies based on the first determining; automatically control operation of the mobile communicating device according to the second security policy of the mobile communicating device based on the first determining of the change in the at least one of the first context parameters, a particular network being accessible by the mobile communicating device and the second security policy enabling connectivity of the mobile communicating device to the particular network according to a separate security policy of the particular network; adapt a third security policy among the plurality of security policies of the mobile communicating device and one or more application services accessible via the mobile communicating device to the separate security policy of the particular network by implementing the separate security policy of the particular network as the third security policy on the mobile communicating device; execute a second determining of a change in at least one other of the first context parameters and a change in the separate security policy of the particular network; and automatically selecting a fourth security policy among the plurality of security policies based on the second determining, the fourth security policy processing the change in the at least one other of the first context parameters and the change in the separate security policy of the particular network to disable the connectivity of the mobile device to the particular network, wherein the processor applies a context aware mobile security policy application stored in at least a second memory in the mobile communicating device to process the second determined change in the at least one of the first context parameters, and the first context parameters comprise at least one of a date, a time, a temperature, a user command, a communication of the mobile device with a network access node and user credentials associated with the mobile communicating device. 6. The mobile communicating device of claim 5 , the adapting of the one or more application services comprising one or more of (1) a limiting of access rights to the one or more application services, (2) a limiting of access rights of the one or more application services to access the network, (3) a limiting of a functionality of the one or more application services, and (4) a clearing of a memory that is accessible by the one or more application services. 7. The mobile communicating device of claim 5 , at least the second security policy implementing a change over the first security policy of at least one of (1) a limiting of access rights to one or more application services accessible via the mobile communicating device, (2) a limiting of access rights of the one or more application services to data proc

Assignees

Inventors

Classifications

H04L63/20Primary
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
H04L63/107
wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals · CPC title
H04W12/08
Access security · CPC title
H04W12/082
using revocation of authorisation · CPC title

Patent family

Related publications grouped by family.

View patent family 49213588

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9027076B2 cover?: An approach is provided for causing a change in a security policy of a device based on contextual information. The approach involves determining context information associated with a device. The approach also involves determining a security policy of the device. The approach further involves determining a change of the context information. The approach additionally involves processing the deter…
Who is the assignee on this patent?: Roach Kyle J, Hrybyk Alex, Morrison John S, and 5 more
What technology area does this patent fall under?: Primary CPC classification H04L63/20. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue May 05 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).