US2023071193A1PendingUtilityA1

System and method for providing network security to mobile devices

79
Assignee: CUPP COMPUTING ASPriority: Dec 13, 2005Filed: Nov 4, 2022Published: Mar 9, 2023
Est. expiryDec 13, 2025(expired)· nominal 20-yr term from priority
Inventors:Shlomo Touboul
H04L 63/145H04L 63/1441H04L 63/02H04L 63/20H04W 12/128H04L 63/1416H04L 63/0263G06F 21/562H04W 12/00H04W 12/12
79
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.

Claims

exact text as granted — not AI-modified
1 . A security system, comprising:
 security system memory; and   a security system processor configured to:
 store in the security system memory at least a portion of security code, at least a portion of a security policy, and at least a portion of security data,
 the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data configured to be executed by the security system processor to evaluate potentially malicious code on behalf of a mobile device coupled to the security system, the mobile device having at least one mobile device processor different than the security system processor of the security system, 
 the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data being managed by one or more information technology (IT) administrators using an IT administrator system on a trusted enterprise network, the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data being configured based on a server security policy being executed on a server system within the trusted enterprise network, the mobile device being a first computer system, the security system being a second computer system, and the IT administrator system being a third computer system, the first computer system, the second computer system and the third computer system being separate computer systems; 
 
 store in the security system memory at least a portion of remote management code configured to process an update command, the update command being an instruction to update at least one of the security code, the security policy, or the security data based on a revised security policy being executed on the server system within the trusted enterprise network; 
 receive a particular update command to update a particular one of the security code, the security policy, or the security data, the particular update command having originated from the IT administrator system and having been forwarded to the security system; and 
 execute the update command using the remote management code to update the particular one of the security code, the security policy, or the security data. 
   
     
     
         2 . The security system of  claim 1 , wherein the security system is on a separate appliance removably coupled to the mobile device. 
     
     
         3 . The security system of  claim 1 , wherein the security code, the security policy, and the security data are further configured to implement gateway-level security services. 
     
     
         4 . The security system of  claim 1 , wherein the security code, the security policy, and the security data are further configured to implement a firewall. 
     
     
         5 . The security system of  claim 1 , wherein the security code, the security policy, and the security data are further configured to implement malware protection security services. 
     
     
         6 . The security system of  claim 1 , wherein the security code, the security policy, and the security data are further configured to implement content-based security services. 
     
     
         7 . The security system of  claim 1 , wherein the IT administrator system includes an update authorities device configured to automatically generate and send update commands. 
     
     
         8 . The security system of  claim 1 , wherein the security code, the security policy, and the security data are configured to mirror security policies of a gateway being implemented on the server system within the trusted enterprise network. 
     
     
         9 . The security system of  claim 1 , wherein the particular update command includes a command to update configuration parameters of one of the security code, the security policy, or the security data of the security system. 
     
     
         10 . A non-transitory computer readable storage device of a security system storing:
 program instructions;   at least a portion of security code, at least a portion of a security policy, and at least a portion of security data,
 the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data configured to be executed by the security system processor to evaluate potentially malicious code on behalf of a mobile device coupled to the security system, the mobile device having at least one mobile device processor different than the security system processor of the security system, 
 the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data being managed by one or more information technology (IT) administrators using an IT administrator system on a trusted enterprise network, the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data being configured based on a server security policy being executed on a server system within the trusted enterprise network, the mobile device being a first computer system, the security system being a second computer system, and the IT administrator system being a third computer system, the first computer system, the second computer system and the third computer system being separate computer systems; and 
   at least a portion of remote management code configured to process an update command, the update command being an instruction to update at least one of the security code, the security policy, or the security data based on a revised security policy being executed on the server system within the trusted enterprise network;
 the program instructions when executed by the security system processor causing the security system to receive a particular update command to update a particular one of the security code, the security policy, or the security data, the particular update command having originated from the IT administrator system and having been forwarded to the security system; and 
 the remote management code when executed by the security system processor causing the system to process the update command using the remote management code to update the particular one of the security code, the security policy, or the security data. 
   
     
     
         11 . The non-transitory computer readable storage device of  claim 10 , wherein the security system is on a separate appliance removably coupled to the mobile device. 
     
     
         12 . The non-transitory computer readable storage device of  claim 10 , wherein the security code, the security policy, and the security data are further configured to implement gateway-level security services. 
     
     
         13 . The non-transitory computer readable storage device of  claim 10 , wherein the security code, the security policy, and the security data are further configured to implement a firewall. 
     
     
         14 . The non-transitory computer readable storage device of  claim 10 , wherein the security code, the security policy, and the security data are further configured to implement malware protection security services. 
     
     
         15 . The non-transitory computer readable storage device of  claim 10 , wherein the security code, the security policy, and the security data are further configured to implement content-based security services. 
     
     
         16 . The non-transitory computer readable storage device of  claim 10 , wherein the IT administrator system includes an update authorities device configured to automatically generate and send update commands. 
     
     
         17 . The non-transitory computer readable storage device of  claim 10 , wherein the security code, the security policy, and the security data are configured to mirror security policies of a gateway being implemented on the server system within the trusted enterprise network. 
     
     
         18 . The non-transitory computer readable storage device of  claim 10 , wherein the particular update command includes a command to update configuration parameters of one of the security code, the security policy, or the security data of the security system. 
     
     
         19 . A method by a security system, the method comprising:
 storing in a security system memory of the security system at least a portion of security code, at least a portion of a security policy, and at least a portion of security data,
 the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data configured to be executed by a security system processor to evaluate potentially malicious code on behalf of a mobile device coupled to the security system, the mobile device having at least one mobile device processor different than the security system processor of the security system, 
 the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data being managed by one or more information technology (IT) administrators using an IT administrator system on a trusted enterprise network, the at least a portion of the security code, the at least a portion of the security policy, and the at least a portion of the security data being configured based on a server security policy being executed on a server system within the trusted enterprise network, the mobile device being a first computer system, the security system being a second computer system, and the IT administrator system being a third computer system, the first computer system, the second computer system and the third computer system being separate computer systems; 
   storing in the security system memory at least a portion of remote management code configured to process an update command, the update command being an instruction to update at least one of the security code, the security policy, or the security data based on a revised security policy being executed on the server system within the trusted enterprise network;   receiving a particular update command to update a particular one of the security code, the security policy, or the security data, the particular update command having originated from the IT administrator system and having been forwarded to the security system; and   executing the update command using the remote management code to update the particular one of the security code, the security policy, or the security data.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.