USRE49721EExpiredUtility

System and method for handling data transfers

74
Assignee: BLACKBERRY LTDPriority: Apr 30, 2004Filed: Jul 14, 2021Granted: Nov 7, 2023
Est. expiryApr 30, 2024(expired)· nominal 20-yr term from priority
H04L 63/04H04L 51/214H04L 63/105H04M 7/0078H04W 12/02H04W 12/033H04W 12/08H04W 12/30H04W 12/37H04L 51/58H04M 3/205H04M 2203/609H04W 12/63H04L 63/107H04L 63/0428H04L 51/04
74
PatentIndex Score
0
Cited by
583
References
41
Claims

Abstract

Systems and methods for managing data transfers between a secure location and a less secure location. A data transfer checker operating on a mobile device determines whether an attempted data transfer between two locations is permitted. If it is not permitted, then the data transfer is prevented and the user may be notified of the data transfer prevention.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method of handling data transfers on a device, comprising:
 receiving, from an application that accesses data associated with a first location, a request to open a connection with a second location;   retrieving, from a data store on the device, one or more data transfer settings responsive to receiving the request;   wherein the one or more data transfer settings are indicative of a security-related policy for data transfers associated with the first location; and   determining whether to permit the request or not permit the request based upon the one or more data transfer settings.   
     
     
       2. The method of  claim 1 , wherein the first location comprises a server, wherein the second location comprises a server, and wherein the request is to open the connection via a network. 
     
     
       3. The method of  claim 1 , wherein the application is a first application, wherein the second location comprises a second application, wherein the request is to open the connection for Inter-Process Communication (IPC) from the first application to the second application. 
     
     
       4. The method of  claim 1 , wherein the determining comprises using a level of security associated with the first location, and using a level of security associated with the second location. 
     
     
       5. The method of  claim 1 , wherein receiving the request comprises receiving a request to transfer data from the application running on the device to another application on the device. 
     
     
       6. The method of  claim 1 , wherein receiving the request comprises receiving a request to transfer data from the device to another device. 
     
     
       7. The method of  claim 1 , further comprising:
 receiving the one or more data transfer settings from a server via a wireless network.   
     
     
       8. A device, comprising:
 a data store that stores a data transfer setting, wherein the data transfer setting is indicative of a security-related policy for data transfers associated with a first location; and   a processor configured to perform operations comprising:
 receiving, from an application that accesses data associated with the first location, a request to open a connection with a second location; 
 retrieving, from the data store, the data transfer setting responsive to receiving the request; and 
 determining whether to permit the request or not permit the request based upon the data transfer setting. 
   
     
     
       9. The device of  claim 8 , wherein the first location comprises a server, wherein the second location comprises a server, and wherein the request is to open the connection via a network. 
     
     
       10. The device of  claim 8 , wherein the application is a first application, wherein the second location comprises a second application, wherein the request is to open the connection for Inter-Process Communication (IPC) from the first application to the second application. 
     
     
       11. The device of  claim 8 , wherein the determining comprises using a level of security associated with the first location, and using a level of security associated with the second location. 
     
     
       12. The device of  claim 8 , wherein receiving the request comprises receiving a request to transfer data from the application running on the device to another application on the device. 
     
     
       13. The device of  claim 8 , wherein receiving the request comprises receiving a request to transfer data from the device to another device. 
     
     
       14. The device of  claim 8 , the operations further comprising:
 receiving the data transfer setting from a server via a wireless network; and   storing the data transfer setting in the data store.   
     
     
       15. A computer storage device encoded with a computer program, the program comprising instructions that when executed by a communication device cause the communication device to perform operations comprising:
 receiving, from an application that accesses data associated with a first location, a request to open a connection with a second location;   retrieving, in response to receiving the request, one or more data transfer settings, which are indicative of a security-related policy for data transfers associated with the first location; and   determining whether to permit the request or not permit the request based upon the one or more data transfer settings.   
     
     
       16. The computer storage device of  claim 15 , wherein the first location comprises a server, wherein the second location comprises a server, and wherein the request is to open the connection via a network. 
     
     
       17. The computer storage device of  claim 15 , wherein the application is a first application, wherein the second location comprises a second application, wherein the request is to open the connection for Inter-Process Communication (IPC) from the first application to the second application. 
     
     
       18. The computer storage device of  claim 15 , wherein the determining comprises using a level of security associated with the first location, and using a level of security associated with the second location. 
     
     
       19. The computer storage device of  claim 15 , wherein receiving the request comprises receiving a request to transfer data from the application running on the communication device to another application on the communication device. 
     
     
       20. The computer storage device of  claim 15 , wherein receiving the request comprises receiving a request to transfer data from the communication device to another communication device. 
     
     
       21. The computer storage device of  claim 15 , the operations further comprising:
 receiving the one or more data transfer settings from a server via a wireless network.   
     
     
       22. A method, comprising:
 receiving a request to transfer data from a first application on a device to a second application on the device, wherein the first application is associated with an enterprise service and the second application is associated with a personal service;   determining that the request to transfer data from the first application on the device to the second application on the device is not to be executed based on a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and   prohibiting the requested data transfer in response to the determining.   
     
     
       23. The method of claim 22, wherein the security policy comprises one or more data transfer settings, and the request is determined not to be executed based on the one or more data transfer settings. 
     
     
       24. The method of claim 22, wherein the first application is associated with a company e-mail service and the second application is associated with a personal e-mail service. 
     
     
       25. The method of claim 22, wherein the data transfer includes pasting data cut or copied from the first application to the second application. 
     
     
       26. The method of claim 22, wherein the data transfer includes communicating using Inter-Process Communication (IPC) between the first application and the second application. 
     
     
       27. The method of claim 22, wherein the determining is based on a first security level associated with the first application and a second security level associated with the second application. 
     
     
       28. The method of claim 22, wherein prohibiting the data transfer comprises preventing the first application from establishing a connection with a first network while the second application is connected with a second network. 
     
     
       29. The method of claim 22, wherein prohibiting the data transfer comprises preventing transfer of the data between a first service book associated with the first application and a second service book associated with the second application. 
     
     
       30. A device, comprising:
 at least one hardware processor;   one or more non-transitory computer-readable storage medium coupled to the at least one hardware processor and storing programming instructions for execution by the at least one hardware processor, wherein the programming instructions, when executed, cause the device to perform operations comprising:
 receiving a request to transfer data from a first application on the device to a second application on the device, wherein the first application is associated with an enterprise service and the second application is associated with a personal service; 
 determining that the request to transfer data from the first application on the device to the second application on the device is not to be executed based on a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and 
 prohibiting the requested data transfer in response to the determining. 
   
     
     
       31. The device of claim 30, wherein the security policy comprises one or more data transfer settings, and the request is determined not to be executed based on the one or more data transfer settings. 
     
     
       32. The device of claim 30, wherein the first application is associated with a company e-mail service and the second application is associated with a personal e-mail service. 
     
     
       33. The device of claim 30, wherein the data transfer includes a paste of data cut or copied from the first application to the second application. 
     
     
       34. The device of claim 30, wherein the data transfer includes a communication that uses Inter-Process Communication (IPC) between the first application and the second application. 
     
     
       35. The device of claim 30, wherein the determination is based on a first security level associated with the first application and a second security level associated with the second application. 
     
     
       36. The device of claim 30, wherein the prohibition of the data transfer comprises preventing the first application from establishing a connection with a first network while the second application is connected with a second network. 
     
     
       37. The device of claim 30, wherein the prohibition of the data transfer comprises preventing transfer of the data between a first service book associated with the first application and a second service book associated with the second application. 
     
     
       38. A non-transitory computer-readable medium containing instructions which, when executed, cause a device to perform operations comprising:
 receiving a request to transfer data from a first application on the device to a second application on the device, wherein the first application is associated with an enterprise service and the second application is associated with a personal service;   determining that the request to transfer data from the first application on the device to the second application on the device is not to be executed based on a security policy that indicates whether data transferring from the enterprise service to the personal service on the same device is enabled or disabled; and   prohibiting the requested data transfer in response to the determining.   
     
     
       39. The non-transitory computer-readable medium of claim 38, wherein the security policy comprises one or more data transfer settings, and the request is determined not to be executed based on the one or more data transfer settings. 
     
     
       40. The non-transitory computer-readable medium of claim 38, wherein the first application is associated with a company e-mail service and the second application is associated with a personal e-mail service. 
     
     
       41. The non-transitory computer-readable medium of claim 38, wherein the data transfer includes pasting data cut or copied from the first application to the second application.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.