P
USRE48679EExpiredUtilityPatentIndex 63

System and method for handling data transfers

Assignee: BLACKBERRY LTDPriority: Apr 30, 2004Filed: Jun 9, 2016Granted: Aug 10, 2021
Est. expiryApr 30, 2024(expired)· nominal 20-yr term from priority
Inventors:ADAMS NEIL PATRICKLITTLE HERBERT ANTHONYKIRKUP MICHAEL GRANT
H04L 51/214H04L 51/58H04W 12/30H04W 12/63H04W 12/08H04W 12/37H04M 7/0078H04W 12/02H04W 12/033H04M 2203/609H04L 63/107H04L 63/04H04L 63/105H04L 63/0428H04M 3/205H04L 51/04H04L 51/14H04W 12/00503H04L 51/38H04W 12/0027H04W 12/0013
63
PatentIndex Score
0
Cited by
561
References
46
Claims

Abstract

Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method of handling data transfers on a device, comprising:
 receiving, from an application that accesses data associated with a first location, a request to open a connection with a second location;   retrieving, from a data store on the device, one or more data transfer settings responsive to receiving the request;   wherein the one or more data transfer settings are indicative of a security-related policy for data transfers associated with the first location; and   determining whether to permit the request or not permit the request based upon the one or more data transfer settings.   
     
     
       2. The method of  claim 1 , wherein the first location comprises a server, wherein the second location comprises a server, and wherein the request is to open the connection via a network. 
     
     
       3. The method of  claim 1 , wherein the application is a first application, wherein the second location comprises a second application, wherein the request is to open the connection for Inter-Process Communication (IPC) from the first application to the second application. 
     
     
       4. The method of  claim 1 , wherein the determining comprises using a level of security associated with the first location, and using a level of security associated with the second location. 
     
     
       5. The method of  claim 1 , wherein receiving the request comprises receiving a request to transfer data from the application running on the device to another application on the device. 
     
     
       6. The method of  claim 1 , wherein receiving the request comprises receiving a request to transfer data from the device to another device. 
     
     
       7. The method of  claim 1 , further comprising:
 receiving the one or more data transfer settings from a server via a wireless network.   
     
     
       8. A device, comprising:
 a data store that stores a data transfer setting, wherein the data transfer setting is indicative of a security-related policy for data transfers associated with a first location; and   a processor configured to perform operations comprising:
 receiving, from an application that accesses data associated with the first location, a request to open a connection with a second location; 
 retrieving, from the data store, the data transfer setting responsive to receiving the request; and 
 determining whether to permit the request or not permit the request based upon the data transfer setting. 
   
     
     
       9. The device of  claim 8 , wherein the first location comprises a server, wherein the second location comprises a server, and wherein the request is to open the connection via a network. 
     
     
       10. The device of  claim 8 , wherein the application is a first application, wherein the second location comprises a second application, wherein the request is to open the connection for Inter-Process Communication (IPC) from the first application to the second application. 
     
     
       11. The device of  claim 8 , wherein the determining comprises using a level of security associated with the first location, and using a level of security associated with the second location. 
     
     
       12. The device of  claim 8 , wherein receiving the request comprises receiving a request to transfer data from the application running on the device to another application on the device. 
     
     
       13. The device of  claim 8 , wherein receiving the request comprises receiving a request to transfer data from the device to another device. 
     
     
       14. The device of  claim 8 , the operations further comprising:
 receiving the data transfer setting from a server via a wireless network; and   storing the data transfer setting in the data store.   
     
     
       15. A computer storage device encoded with a computer program, the program comprising instructions that when executed by a communication device cause the communication device to perform operations comprising:
 receiving, from an application that accesses data associated with a first location, a request to open a connection with a second location;   retrieving, in response to receiving the request, one or more data transfer settings, which are indicative of a security-related policy for data transfers associated with the first location; and   determining whether to permit the request or not permit the request based upon the one or more data transfer settings.   
     
     
       16. The computer storage device of  claim 15 , wherein the first location comprises a server, wherein the second location comprises a server, and wherein the request is to open the connection via a network. 
     
     
       17. The computer storage device of  claim 15 , wherein the application is a first application, wherein the second location comprises a second application, wherein the request is to open the connection for Inter-Process Communication (IPC) from the first application to the second application. 
     
     
       18. The computer storage device of  claim 15 , wherein the determining comprises using a level of security associated with the first location, and using a level of security associated with the second location. 
     
     
       19. The computer storage device of  claim 15 , wherein receiving the request comprises receiving a request to transfer data from the application running on the communication device to another application on the communication device. 
     
     
       20. The computer storage device of  claim 15 , wherein receiving the request comprises receiving a request to transfer data from the communication device to another communication device. 
     
     
       21. The computer storage device of  claim 15 , the operations further comprising:
 receiving the one or more data transfer settings from a server via a wireless network.   
     
     
       22. A method of handling data transfers on a device, comprising:
 receiving a request to transfer data from a first application on the device to a second application on the device, wherein the first application is associated with an enterprise service and the second application is associated with a personal service;   retrieving, from a data store on the device, one or more data transfer settings responsive to receiving the request;   determining that the request to transfer data from the first application on the device to the second application on the device is not to be executed based on the one or more data transfer settings, wherein the one or more data transfer settings represent a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and   prohibiting the requested data transfer in response to the determining.   
     
     
       23. The method of claim 22, wherein the first application is associated with a company e-mail service and the second application is associated with a personal e-mail service. 
     
     
       24. The method of claim 22, wherein the data transfer includes pasting data cut or copied from the first application to the second application. 
     
     
       25. The method of claim 22, wherein the data transfer includes communicating using Inter-Process Communication (IPC) between the first application and the second application. 
     
     
       26. The method of claim 22, wherein the determining is based on a first security level associated with the first application and a second security level associated with the second application. 
     
     
       27. The method of claim 22, wherein prohibiting the data transfer comprises preventing the first application from establishing a connection with a first network while the second application is connected with a second network. 
     
     
       28. The method of claim 27, wherein the first network has a first security level higher than a second security level of the second network. 
     
     
       29. The method of claim 22, wherein prohibiting the data transfer comprises preventing transfer of the data between a first service book associated with the first application and a second service book associated with the second application. 
     
     
       30. A device, comprising:
 a memory; and   at least one hardware processor communicatively coupled with the memory and configured to:
 receive a request to transfer data from a first application on the device to a second application on the device, wherein the first application is associated with an enterprise service and the second application is associated with a personal service; 
 retrieve, from a data store on the device, one or more data transfer settings responsive to receiving the request; 
 determine that the request to transfer data from the first application on the device to the second application on the device is not to be executed based on the one or more data transfer settings, wherein the one or more data transfer settings represent a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and 
 prohibit the requested data transfer in response to the determination. 
   
     
     
       31. The device of claim 30, wherein the first application is associated with a company e-mail service and the second application is associated with a personal e-mail service. 
     
     
       32. The device of claim 30, wherein the data transfer includes a paste of data cut or copied from the first application to the second application. 
     
     
       33. The device of claim 30, wherein the data transfer includes a communication that uses Inter-Process Communication (IPC) between the first application and the second application. 
     
     
       34. The device of claim 30, wherein the determination is based on a first security level associated with the first application and a second security level associated with the second application. 
     
     
       35. The device of claim 30, wherein the prohibition of the data transfer comprises preventing the first application from establishing a connection with a first network while the second application is connected with a second network. 
     
     
       36. The device of claim 35, wherein the first network has a first security level higher than a second security level of the second network. 
     
     
       37. The device of claim 30, wherein the prohibition of the data transfer comprises preventing transfer of the data between a first service book associated with the first application and a second service book associated with the second application. 
     
     
       38. A non-transitory computer-readable medium containing instructions which, when executed, cause a device to perform operations comprising:
 receiving a request to transfer data from a first application on the device to a second application on the device, wherein the one or more data transfer settings represent a security policy that indicates whether data transferring from the enterprise service to the personal service is enabled or disabled;   retrieving, from a data store on the device, one or more data transfer settings responsive to receiving the request;   determining that the request to transfer data from the first application on the device to the second application on the device is not to be executed based on the one or more data transfer settings, wherein the one or more data transfer settings represent a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and   prohibiting the requested data transfer in response to the determining.   
     
     
       39. The non-transitory computer-readable medium of claim 38, wherein the first application is associated with a company e-mail service and the second application is associated with a personal e-mail service. 
     
     
       40. The non-transitory computer-readable medium of claim 38, wherein the data transfer includes pasting data cut or copied from the first application to the second application. 
     
     
       41. The non-transitory computer-readable medium of claim 38, wherein the data transfer includes communicating using Inter-Process Communication (IPC) between the first application and the second application. 
     
     
       42. The non-transitory computer-readable medium of claim 38, wherein the determining is based on a first security level associated with the first application and a second security level associated with the second application. 
     
     
       43. The non-transitory computer-readable medium of claim 38, wherein prohibiting the data transfer comprises preventing the first application from establishing a connection with a first network while the second application is connected with a second network. 
     
     
       44. The non-transitory computer-readable medium of claim 43, wherein the first network has a first security level higher than a second security level of the second network. 
     
     
       45. The non-transitory computer-readable medium of claim 38, wherein prohibiting the data transfer comprises preventing transfer of the data between a first service book associated with the first application and a second service book associated with the second application. 
     
     
       46. A method of handling data transfers on a device, comprising:
 receiving a request to transfer data from a first application on the device to a second application on the device, wherein the first application is associated with an enterprise service and the second application is associated with a personal service;   retrieving, from a data store on the device, one or more data transfer settings responsive to receiving the request;   determining that the request to transfer data from the first application on the device to the second application on the device is to be executed based on the one or more data transfer settings, wherein the one or more data transfer settings represent a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and   allowing the requested data transfer in response to the determining.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.