WO2006125112A2 - Remote cell phone auto destruct - Google Patents

Remote cell phone auto destruct Download PDF

Info

Publication number
WO2006125112A2
WO2006125112A2 PCT/US2006/019312 US2006019312W WO2006125112A2 WO 2006125112 A2 WO2006125112 A2 WO 2006125112A2 US 2006019312 W US2006019312 W US 2006019312W WO 2006125112 A2 WO2006125112 A2 WO 2006125112A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
mobile device
information
personal information
application
Prior art date
Application number
PCT/US2006/019312
Other languages
French (fr)
Other versions
WO2006125112A3 (en
Inventor
Richard Onyon
Liam Stannard
Leighton Ridgard
Original Assignee
Fusionone, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fusionone, Inc. filed Critical Fusionone, Inc.
Priority to EP06770601A priority Critical patent/EP1882242A4/en
Priority to JP2008512514A priority patent/JP2008546253A/en
Publication of WO2006125112A2 publication Critical patent/WO2006125112A2/en
Publication of WO2006125112A3 publication Critical patent/WO2006125112A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/082Access security using revocation of authorisation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • Wireless telephones have become more powerful with the inclusion of such features as cameras, address books, calendars and games. Many now include microprocessors, operating systems and memory which allow developers to provide limited applications for the phones. Phones now include the ability to play multimedia files including polyphonic ringtones, MP3 files, MPEG, AVI and QuickTime movies, and the like, in addition to displaying pictures taken on or downloaded to the phone.
  • Wireless phones have long been able to access the Internet via a Wireless Access Protocol (WAP) browser, and receive messages via SMS.
  • WAP Wireless Access Protocol
  • a user on a wireless telephone connects via the wireless network to a server which enables the phone to read WAP enabled content.
  • Most providers enable a user to access an email message account via the WAP browser, and/or provide short message service (SMS) messages directly to the user's phone. SMS allows users to receive abbreviated text messaging directly on the phone. Messages can actually be stored on the phone, but the storage available is limited to a very small amount of memory. In addition, no provision for handling attachments in SMS is available.
  • SMS short message service
  • the technology provides a mechanism to secure personal information stored on a wireless device after the device is lost or stolen by encrypting or destroying the information.
  • the invention includes a method for securing a mobile device having an information store. The method includes the steps of providing a mobile device application on a mobile device; and signaling the mobile application instructing the mobile application to render any user information stored on the mobile device useless.
  • a method for securing personal information on a mobile device includes receiving an signal from a user to render personal information stored on the mobile device useless; and upon receipt of said signal, interacting with said user information to render at least a portion of the personal information inaccessible on the mobile device.
  • the invention is a method for providing an information service implemented on one or more processing devices coupled to a communication network.
  • the information service includes storing personal information for a plurality of users; providing a mobile device application to one or more users, the application including an information purge function enabled by a signal from the information service; upon installation of the mobile device application, receiving a set of configuration data for the mobile application from at least one user; and upon receiving an instruction from the at least one user to enable the information purge function, outputting a signal to the mobile application.
  • Figure 1 is a block diagram of a system suitable for implementing the identification system of present invention.
  • FIGS 2 and 3 are block diagrams of methods of the present invention. DETAILED DESCRIPTION
  • the present invention allows the automatic destruction of personal information of a user stored on a phone or other mobile device via a remote signal.
  • a user can configure a remote activated destruction sequence on the phone via a number of mechanisms.
  • FIG. 1 illustrates a general overview of a system for implementing the present invention.
  • a wireless communication device such as a phone 100
  • a wireless communications link such as a cellular network 150
  • the wireless link may be a wireless internet link or a cellular network maintained by a cellular carrier, a GSM or CDMA network, or some other wireless communications link.
  • the carrier may comprise the enterprise service provider or may be separate from the enterprise service provider. Data may be transmitted over the network in any number of known formats.
  • a communications enterprise service 1010 which may include an advanced ID server 160, Web Server 180 and SyncML Server 195.
  • An advanced ID server 160 communicates with the phone 100 via wireless network 150 directly over a data connection or via a SyncML server 195.
  • the ID server 160 communicates directly with the phone 100.
  • the ID system is implemented on top of a synchronization system such as that described in U.S. Patent Nos. 6,671,757, 6,694,336 or 6,757,696 and communicates with phone 100 via that synchronization system.
  • Phone 100 may be provided with a system application or agent 140.
  • System agent 140 can include a SyncML communication client designed to interact with a SyncML server 195 in accordance with approved and proposed versions of the SyncML OMA DS specification, including proposed extensions, (available at http://www.openmobilealliance.org).
  • agent 140 can be an application designed to communicate with server 160 using an existing SyncML client on the phone provided by the phone's manufacturer (as well as any custom extensions supported by such client), or an application specifically designed to communicate with server 160 via another protocol, including a proprietary protocol.
  • the agent 140 is a fully implemented SyncML client and server 160 includes a SyncML server.
  • the application 140 is a client application device sync agent such as that disclosed in United States Patent Number 6,671,757.
  • client application 140 are set forth below.
  • a phone 100 includes a system memory 122 which may further include an operating system 124 having operating system services including telephony and linking services, networking services, multimedia and graphics display services all provided to a user interface 120.
  • System memory 122 includes both volatile and non- volatile memory components OS services and running application are provided in volatile memory, while data store 170 is provided in non- volatile system memory.
  • OS 125 my be the phone's proprietary OS, BREW, or any other device or operating system suitable for a phone (such as the Symbian Operating system). Additional base services 135 and an operating system kernel may also be provided.
  • the operating system may additionally provide an SMS client 145 built into the operating system allowing short messages to be provided across the wireless communications line 150 to other users.
  • a SyncML client 132 may be provided and supported by the operating system services 124.
  • the phone 100 includes a native phone data store 170 which contains address book contact and other information which may be provided by a subscriber. Such information can further include ringtones, pictures, sounds, and movies, all dependent on the functional capabilities of the phone 100, the space allowed in the system memory, and the services provided by the operating system 124.
  • agent 140 is loaded into memory 122 of phone 100.
  • agent 140 can be provided by the phone manufacturer or downloaded by a user at a later time.
  • the user selects a download area of the phone operating system services 124, selects the application from offerings provided by the service provider or carrier who maintains the wireless communications line 150, or an enterprise service provider who maintains the system server 160, and installs the application onto phone 100.
  • agent 140 is a self- supporting application designed to run as a JAVA or BREW agent, or any other device or operating system specific agent (such as an agent operable on the Symbian Operating system).
  • This agent can either include its own SyncML client, or interact with an existing SyncML client on the telephone.
  • Alternative embodiments can communicate via alternative protocols via the wireless communications link to store information on the System data base 510.
  • Client 100 includes at least a user interface 120, the application 140 having a communication or sync engine and data store manager, a SyncML client 132 and a local database 150.
  • the client application 140 provides an appropriate application user interface to the phone's UI 120 which provides the user an alternative point of interaction with the system and service provided by the enterprise service provider.
  • the application user interface allows the user to define and manage personas and buddies as well as other tasks as specified in the case definition described herein. Interaction with the system can be via this client user interface or via the server user interface provided by the web server 180.
  • the engine and data store manager is responsible for maintaining the user settings and options in the device's persistent storage as well as automatically pushing and retrieving changes to those object to the system server.
  • the client datastore includes account information, persona data, buddy information, data for other users who have true links with the subscriber, and multimedia content
  • the storage server 160 is a centralized storage location for all system service information, including buddy, persona, relationship, and user data. Clients 140 can connect to and synchronized with the server information to update their local copy of this data as well as publish any changed information or retrieve any new available information from the server.
  • the persona information belonging to a user's buddy is primarily stored in the native address book or a separate address book provided by the client. As some devices will not support all the published buddy information including the extended information such as geo location and presence information, the client can store this information in a local database and provide access to it via the phone interface.
  • a hardware structure suitable for implementing server 160, webserver 180 or SyncML server 195 includes a processor 114, memory 104, nonvolatile storage device 106, portable storage device 110, network interface 112 and I/O device(s) 116.
  • the choice of processor is not critical as long as a suitable processor with sufficient speed is chosen.
  • Memory 104 could be any conventional computer memory known in the art.
  • Nonvolatile storage device 106 could include a hard drive, CDROM, CDRW, flash memory card, or any other nonvolatile storage device.
  • Portable storage 108 could include a floppy disk drive or another portable storage device.
  • the computing system may include one or more network interfaces 102.
  • An example of a network interface includes a network card connected to an Ethernet or other type of LAN.
  • I/O device(s) 116 can include one or more of the following: keyboard, mouse, monitor, display, printer, modem, etc.
  • Software used to perform the methods of the present invention are likely to be stored in memory 104 which include nonvolatile storage and volatile memory as well as , portable storage media 110.
  • the computing system also includes a database 106.
  • database 106 is stored in memory 104, portable storage 110 or another storage device that is part of the system of Figure 1 or is in communication with the system of Figure 1.
  • Other alternative architectures can also be used that are different from that depicted in Figure 1.
  • FIG. 1 Various embodiments, versions and modifications of systems of Figure 1 can be used to implement a computing device that performs all or part of the present invention.
  • suitable computing devices include a personal computer, computer workstation, mainframe computer, handheld computer, personal digital assistant, pager, cellular telephone, smart appliance or multiple computers, a storage area network, a server farm, or any other suitable computing device.
  • server 160 Also provided on server 160 is a system data store 310.
  • the data store is provided in the non- volatile memory space of server 160. While only one data store 160 is shown, it should be recognized that the store 160 may be replicated to or stored over a plurality of computers to ensure that the data thereon is protected from accidental loss. It should be understood that the representation of the SyncML server 195 and web sever 180 need not require that such servers be provided on different physical hardware than the System server 160.
  • the system of Figure 1 illustrates one server and client system suitable for use in the present invention.
  • the advanced ID system can be constructed using a synchronization server described in Patent Nos. 6,671,757, 6,694,336 or 6,757,696.
  • a synchronization system described with respect to Patent Nos. 6,671,757, 6,694,336 or 6,757,696 comprises client software which provides the functions of a differencing transmitter/receiver/engine, and differencing synchronizer in the form of a device engine.
  • the device engine may include at least one component particular to the type of device on which the device engine runs, which enables extraction of information from the device and conversion of the information to difference information, and transmission of the difference information to the storage server.
  • the storage servers utilized in the may be any type of storage server, such as an Internet server or an FTP server, and may be provided from any source, such as any Internet service provider.
  • the Internet connection between the devices or between the devices and a server need not exist at the same point in time.
  • only those changes to the information which are required to be forwarded to other systems on the system of the present invention are transmitted to enable fast response times.
  • Data from each of the sync client devices is coupled with a storage server.
  • each device engine implements all processing required to keep all the systems fully synchronized. Only one device engine needs to be coupled to the sync server at one particular point in time. This permits synchronization of multiple systems in a disconnected fashion.
  • Each device engine will download all transactions encapsulating changes that have occurred since the last synchronization from the server and apply them to the particular device.
  • the change or difference information (termed a "data package” or "change log”) is provided in one or more data packages.
  • Each data package describes changes to any and all transfer information across all device engines, including but not limited to application data, files, folders, application settings, and the like.
  • Each device engine can control the download of data packages that include classes of information that apply to the specified local device. For example, contact names and phone numbers while another needs only changes to e-mail, changes to document files. [0026] Compression and encryption of the data packages may be optionally provided. Each device engine performs mapping and translation steps necessary for applying the data packages to the local format required for that type of information in the application data stores. The device engine also includes components which allow it to track ambiguous updates in cases where users have changed data to a particular data field on two different systems simultaneously since the last update. The output of the device engine comprises a data package which is output to sync server database. As noted above, only one device engine need be connected to the storage server 850 at a given time.
  • the data package can be stored on the storage server until a request is made to a particular location of the storage server by another device engine. Access to areas of the storage server is controlled by a management server (MS).
  • MS management server
  • each sync operation requires that the device engine for each device login to the management server to authenticate the device and provide the device engine with the location of the individual device's data packages on the storage server.
  • the delta module When data is returned to the delta module from the storage server, the delta module returns differenced data to the application object for the particular application which then translates the delta information into the particular interface utilized for application.
  • a device engine Once a device engine has been fully applied all data packages from an input stream, it generates a series of data packages that describe the changes made on the local system. The device engine uses the local application objects to keep track of the last synchronized version of each application's actual data, which is then used for the next data comparison by the delta module on the next sync request. Generated data packages can include operations and encode changes generated from resolving ambiguous cases as described above.
  • the sync server uses the concept of a universal data record in its internal sync differencing engine and when sending data to and retrieving from external
  • the management server supports an authentication interface that requires each device engine to authenticate with the management server before performing synchronization.
  • Certain storage server implementations may utilize locking semantics to control read and write access to storage for multiple device engines. For example, in a generic FTP request, if two device engines attempt to connect to the same data at the same time, there must be some form of locking control to prevent device engines accessing the same data at the same time, hi this instance, the management server controls the device engine acquisition, renewal, and releasing of locks against data stored in the network.
  • Each device engine is uniquely identified and tracked by the management server. This allows for tailoring behavior between the management server and specific types of storage systems and device engine components. All device engine components are tagged and version stamped for management via the management server.
  • a server-side application ID service controller application 170 which includes a persona management component 162, a buddy management component 164, a user interface 166, and a digital rights manager 168.
  • the functional components operating within the service-side application 170 can come in one case, push information maintained by the system of the present invention directly into phone 100 via a SyncML server 195 interacting with a fully robust SyncML client.
  • certain aspects of the control are handled by either the server-side application 170 or the client- side application 140, as described herein.
  • application agent 140 communicates personification information and changes made to the personification information stored in the data store of the telephone 100 to server 160 via the wireless network.
  • Communication of user data from the device may take several forms. Where the client utilized SyncML communications with the server 160, communication may take place using the standards set forth in the SyncML specification. Changes are transmitted on a record-by-record basis or field-by-field basis. Alternatively, communication may occur via another protocol.
  • the SyncML client is utilized to update the phone's native address book with buddy published information as well as to retrieve persona and link information from the server. Information can be exchanged via the SyncML protocol, or via a direct data link with the server 160.
  • the system server stores and maintains each user account, link personal and buddy information as well as multimedia content, both system provided and user created.
  • the server is a stand alone server and may be incorporated with the features of a synchronization system such as that described in U.S. patent 6,671,757. Details of this integration are described in further detail below.
  • a management interface is provided via the web server 180. Description of this interface is shown below.
  • the server 160 stores backup user data in a backup store 510 in a manner which associates the data with the user of the phone.
  • the data is stored in bulk - that is all records and information for the user are stored in simple text form, or a copy of the entire database from the phone is stored on the server.
  • the server may store any number of copies of the data on a date-identified basis.
  • the server 160 translates this information into change logs, in one embodiment, in accordance with the teachings of United States Patent Number . 6,671,757, 6,694,336 or 6,757,696.. This information is stored in backup data store 510 on server 160.
  • This information is stored in the data store using a unique identifier (UID) associating the data with the individual user.
  • the identifier may be any randomly selected identifier, so long as the user is uniquely identified, and the data is associated with the user.
  • this user UID may be a universally unique identifier (UUID), created in a manner described in the aforementioned 6,671,757, 6,694,336 or 6,757,696 patents or other manners to create a single ID for a given user.
  • Data store 510 can be any form of data storage for the user data.
  • the data store is a simple copy of the information stored on the device 100.
  • the data store is a database, such as an object database or a relational database.
  • the data store is simply a storage container for change logs created in accordance with United States Patent Number 6,671,757.
  • a web server 180 allowing a user on a computer or other device 190 having a web browser may optionally be provided to allow a user to configure aspects of the system of the invention.
  • Server 180 may have a hardware configuration similar to computer 160 and may comprise one or more physical computers. Additionally, web server 180 may be integrated with server 160.
  • aspects of the system of the present invention are configured via a phone interface.
  • the system can alternatively be configured by a user via a web interface provided by the web server 180 via the user device 190.
  • the technology provides an auto-purge function for information stored in the data store 170 of the mobile device.
  • the purpose of auto-purge is to ensure the privacy of a users' personal information on their mobile device in the event the device is lost, stolen, or otherwise compromised.
  • Auto-purge deletes (or scrambles) the user's personal information contained in their address book, calendar, task list, photo gallery, downloaded media, and other on-device data stores.
  • auto-purge may remove passwords, application settings, device configuration information, and other data present in volatile or non- volatile system memory 122, depending on a configuration defined by the user or the auto-purge system.
  • auto-purge may render the device inoperable by disabling the device's operating system, access points, network identification, BIOS, or other system software.
  • the device may silently relay its GPS position to the server when it receives an auto-purge command.
  • FIG. 1 Shown in Figure 1 is an auto-purge engine 1000 running in memory of server 60.
  • client application 140 and engine 1000 cooperate to enable an automatic purge of any user information stored in the phone data store 170 and a memory 140.
  • the auto- purge function is performed entirely by the client application 140.
  • a user's phone data store may include phone numbers and information that the user would prefer not be accessible to other should the phone be lost or stolen.
  • the method of Figure 2 accomplishes a scramble or remove purging process.
  • a user logs into the web server 180 to configure the auto purge process.
  • the auto-purge process may be enabled via the device 100.
  • the auto-purge service may be configured. Configuration of auto-purge may be done on the mobile device 100 via auto- purge in client 140, via a web interface 180, via a program installed on a personal computer, via a telephony server (e.g., user can make a voice call to a server and use key tones to enter their authentication information), or via some other interface capable of accepting user input and relaying that input to the auto-purge server.
  • Configuration options include an auto-purge password, an override code, and specification of which applications, settings, datastores, or other data are subject to auto-purge.
  • the user may select different codes and settings on a per-application, per-serting, per-datastore, or per-object basis.
  • the user may use a single "Master auto-purge” setting which will remove or scramble all information possible from the device 100. Users may select the level of purge for such a "Master auto-purge” configruation (e.g., only remove the address book data, passwords, etc - but leave the device functioning).
  • Configuration 301 is optional; in one embodiment, the user may simply enable the auto-purge functions and be provided with standard, pre-configured service.
  • auto-purge is "armed" for that device at step 302.
  • Auto-purge is then enabled in the client application at step 304.
  • An auto-purge password and override setting may be stored on the device at step 304 in an obfuscated or encrypted form, or they may be stored only on the server 160. Note that the over-ride function is optional.
  • the user activates the auto-purge feature at 306 by relaying a command to the server 160 by accessing the enterprise service 1010 via one of the mechanisms described above.
  • the user may send a signal directly to the application from another mobile device or processing device.
  • the server 160 at step 307, relays an auto-purge command to the device via a mechanism such as a specially formatted SMS, a direct socket connection, or a specially formatted email.
  • the device 100 may poll the server at an interval to determine if any auto-purge command is pending for the device.
  • the user may be prompted to enter the override code. This allows the user to prevent the auto-purge if they regain control of the device after sending the auto-purge command. If the user does not successfully enter the override code (optionally, after a number of retries), the auto-purge will take place at step 308.
  • the device may notify the server that the override code was entered successfully. In such an embodiment, the server will not resend auto-purge commands to the device if the code has been entered successfully. Without an override code ⁇ or upon receiving a signal which indicates the device should ignore any configured override code — the device will automatically delete or scramble data without user notification or intervention.
  • the user information may be recovered or restored at step 310. If the user information is encrypted or deleted, the information may be loaded into the device from the data store 510 on server 1010. Alternatively, encrypted information still resident on the phone may be decrypted by a decrypt command, by providing an appropriate decryption key, or by entering a password (or restore code) to application 140 directly or from server 1010 once the device is recovered.
  • the device may keep track of the number received and auto-purge without user intervention after a certain number of valid auto-purge commands have been reached (this will prevent an attacker from repeatedly power-cycling the device upon receipt of an auto-purge command).
  • the auto-purge application will take control of the device's UI and require the entry of the override command.
  • different auto-purge codes may be configured by the user for different functions on the purge features. For example, a user may configure a first code to delete information and a second to scramble information on the phone with a reversible encryption technique. This is useful where a user is unsure whether they have lost the phone or whether it has been stolen. These signals may be used in conjunction, such that scrambled data may later be deleted; "unscramble" code may also be configured.
  • standard public key encryption techniques may be used to verify the identity of the command initiator (similarly to how SSL clients verify the SSL server's certificate is valid).
  • the client may be configured with the server's certificate at the time the auto-purge application is installed on the device.
  • the server may transmit an auto-purge password (or password proxy such as a nonce/digest pair) in the auto-purge message. That will allow the device to validate the authenticity of the auto-purge command.
  • Scrambling of data may be accomplished by overwriting records, settings, files, or data structures on the device with randomly generated data, a data pattern (such as all O's or 1 's).
  • FIG. 3 illustrates an alternative embodiment of the technology wherein the auto purge function is enabled by application 140 entirely on phone 100.
  • the user accesses an appropriate user interface provided by application 140 on phone UI 120.
  • Configuration options such as those discussed above are provided by the interface and the application optionally configured (step 301) and armed (step 302) in accordance with the description of the method of Figure 2.
  • the signal to activate the auto purge at step 306 may be provided by server 1010 or another wireless device directly to the device 100.
  • requests and responses can be compressed and encrypted.

Abstract

Technology to secure personal information stored on a wireless device after the device is lost or stolen by encrypting or destroying the information is provided. A method for securing a mobile device having an information store includes the steps of providing a mobile device application on a mobile device; and signaling the mobile application instructing the mobile application to render any user information stored on the mobile device useless.

Description

REMOTE CELL PHONE AUTO DESTRUCT Inventors
Richard Onyon
Liam Stannard
Leighton Ridgard
CLAIM OF PRIORITY
[0001] This application claims priority to U.S. Provisional Application
No. 60/682,951 filed May 19, 2005, entitled "Remote Cell Phone Auto Destruct," which is incorporated herein by reference.
BACKGROUND OF THE INVENTION
Description of the Related Art
[0002] Wireless telephones have become more powerful with the inclusion of such features as cameras, address books, calendars and games. Many now include microprocessors, operating systems and memory which allow developers to provide limited applications for the phones. Phones now include the ability to play multimedia files including polyphonic ringtones, MP3 files, MPEG, AVI and QuickTime movies, and the like, in addition to displaying pictures taken on or downloaded to the phone.
[0003] Wireless phones have long been able to access the Internet via a Wireless Access Protocol (WAP) browser, and receive messages via SMS. A user on a wireless telephone connects via the wireless network to a server which enables the phone to read WAP enabled content. Most providers enable a user to access an email message account via the WAP browser, and/or provide short message service (SMS) messages directly to the user's phone. SMS allows users to receive abbreviated text messaging directly on the phone. Messages can actually be stored on the phone, but the storage available is limited to a very small amount of memory. In addition, no provision for handling attachments in SMS is available.
[0004] More recently, phones themselves have become powerful enough to utilize data connections over a carrier's network to manipulate data. For example, users of a carrier's network can download multimedia content to their phone, shop and download phone specific applications, and send and receive more robust messaging. Devices which have been combined with wireless phones, such as Research In Motion's Blackberry device, provide a user with enhanced message capabilities and attachment handling. These devices are specifically configured to provide contact and message applications over a wireless network.
[0005] When the phone is lost, a user's information may be subject to use by others.
SUMMARY
[0006] In one aspect, the technology provides a mechanism to secure personal information stored on a wireless device after the device is lost or stolen by encrypting or destroying the information. In one embodiment, the invention includes a method for securing a mobile device having an information store. The method includes the steps of providing a mobile device application on a mobile device; and signaling the mobile application instructing the mobile application to render any user information stored on the mobile device useless. [0007] In an alternative embodiment, a method for securing personal information on a mobile device includes receiving an signal from a user to render personal information stored on the mobile device useless; and upon receipt of said signal, interacting with said user information to render at least a portion of the personal information inaccessible on the mobile device.
[0008] In a further aspect, the invention is a method for providing an information service implemented on one or more processing devices coupled to a communication network. The information service includes storing personal information for a plurality of users; providing a mobile device application to one or more users, the application including an information purge function enabled by a signal from the information service; upon installation of the mobile device application, receiving a set of configuration data for the mobile application from at least one user; and upon receiving an instruction from the at least one user to enable the information purge function, outputting a signal to the mobile application.
[0009] This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
BRIEF DESCRIPTION OF THE DRAWINGS
[0010] Figure 1 is a block diagram of a system suitable for implementing the identification system of present invention.
[0011] Figures 2 and 3 are block diagrams of methods of the present invention. DETAILED DESCRIPTION
[0012] The present invention allows the automatic destruction of personal information of a user stored on a phone or other mobile device via a remote signal. A user can configure a remote activated destruction sequence on the phone via a number of mechanisms.
[0013] Figure 1 illustrates a general overview of a system for implementing the present invention. As shown in Figure 1, a wireless communication device, such as a phone 100, is connected to a wireless communications link, such as a cellular network 150, to transmit voice and data communications to other devices coupling to the wireless network. It will be understood that the wireless link may be a wireless internet link or a cellular network maintained by a cellular carrier, a GSM or CDMA network, or some other wireless communications link. The carrier may comprise the enterprise service provider or may be separate from the enterprise service provider. Data may be transmitted over the network in any number of known formats.
[0014] Also shown in Figure 1 is a communications enterprise service 1010 which may include an advanced ID server 160, Web Server 180 and SyncML Server 195. An advanced ID server 160 communicates with the phone 100 via wireless network 150 directly over a data connection or via a SyncML server 195. Various embodiments of a system for implementing the advanced ID service are discussed herein. In Figure 1, the ID server 160 communicates directly with the phone 100. In alternative embodiments, discussed below, the ID system is implemented on top of a synchronization system such as that described in U.S. Patent Nos. 6,671,757, 6,694,336 or 6,757,696 and communicates with phone 100 via that synchronization system.
[0015] Phone 100 may be provided with a system application or agent 140. System agent 140 can include a SyncML communication client designed to interact with a SyncML server 195 in accordance with approved and proposed versions of the SyncML OMA DS specification, including proposed extensions, (available at http://www.openmobilealliance.org). Alternatively, agent 140 can be an application designed to communicate with server 160 using an existing SyncML client on the phone provided by the phone's manufacturer (as well as any custom extensions supported by such client), or an application specifically designed to communicate with server 160 via another protocol, including a proprietary protocol. In one embodiment, the agent 140 is a fully implemented SyncML client and server 160 includes a SyncML server. In another embodiment, the application 140 is a client application device sync agent such as that disclosed in United States Patent Number 6,671,757. Various embodiments of the client application 140 are set forth below.
[0016] In accordance with the present invention, a phone 100 includes a system memory 122 which may further include an operating system 124 having operating system services including telephony and linking services, networking services, multimedia and graphics display services all provided to a user interface 120. System memory 122 includes both volatile and non- volatile memory components OS services and running application are provided in volatile memory, while data store 170 is provided in non- volatile system memory. OS 125 my be the phone's proprietary OS, BREW, or any other device or operating system suitable for a phone (such as the Symbian Operating system). Additional base services 135 and an operating system kernel may also be provided. The operating system may additionally provide an SMS client 145 built into the operating system allowing short messages to be provided across the wireless communications line 150 to other users. Still further, a SyncML client 132 may be provided and supported by the operating system services 124. The phone 100 includes a native phone data store 170 which contains address book contact and other information which may be provided by a subscriber. Such information can further include ringtones, pictures, sounds, and movies, all dependent on the functional capabilities of the phone 100, the space allowed in the system memory, and the services provided by the operating system 124.
[0017] The system agent 140, various embodiments of which are discussed herein, is loaded into memory 122 of phone 100. As will be well understood by one of average skill in the art, agent 140 can be provided by the phone manufacturer or downloaded by a user at a later time. To download and install the application, the user selects a download area of the phone operating system services 124, selects the application from offerings provided by the service provider or carrier who maintains the wireless communications line 150, or an enterprise service provider who maintains the system server 160, and installs the application onto phone 100. In an alternative embodiment, agent 140 is a self- supporting application designed to run as a JAVA or BREW agent, or any other device or operating system specific agent (such as an agent operable on the Symbian Operating system). This agent can either include its own SyncML client, or interact with an existing SyncML client on the telephone. Alternative embodiments can communicate via alternative protocols via the wireless communications link to store information on the System data base 510.
[0018] Client 100 includes at least a user interface 120, the application 140 having a communication or sync engine and data store manager, a SyncML client 132 and a local database 150. The client application 140 provides an appropriate application user interface to the phone's UI 120 which provides the user an alternative point of interaction with the system and service provided by the enterprise service provider. The application user interface allows the user to define and manage personas and buddies as well as other tasks as specified in the case definition described herein. Interaction with the system can be via this client user interface or via the server user interface provided by the web server 180. The engine and data store manager is responsible for maintaining the user settings and options in the device's persistent storage as well as automatically pushing and retrieving changes to those object to the system server. The client datastore includes account information, persona data, buddy information, data for other users who have true links with the subscriber, and multimedia content
,[0019] The storage server 160 is a centralized storage location for all system service information, including buddy, persona, relationship, and user data. Clients 140 can connect to and synchronized with the server information to update their local copy of this data as well as publish any changed information or retrieve any new available information from the server. In the mobile device, the persona information belonging to a user's buddy is primarily stored in the native address book or a separate address book provided by the client. As some devices will not support all the published buddy information including the extended information such as geo location and presence information, the client can store this information in a local database and provide access to it via the phone interface.
[0020] In general, a hardware structure suitable for implementing server 160, webserver 180 or SyncML server 195 includes a processor 114, memory 104, nonvolatile storage device 106, portable storage device 110, network interface 112 and I/O device(s) 116. The choice of processor is not critical as long as a suitable processor with sufficient speed is chosen. Memory 104 could be any conventional computer memory known in the art. Nonvolatile storage device 106 could include a hard drive, CDROM, CDRW, flash memory card, or any other nonvolatile storage device. Portable storage 108 could include a floppy disk drive or another portable storage device. The computing system may include one or more network interfaces 102. An example of a network interface includes a network card connected to an Ethernet or other type of LAN. I/O device(s) 116 can include one or more of the following: keyboard, mouse, monitor, display, printer, modem, etc. Software used to perform the methods of the present invention are likely to be stored in memory 104 which include nonvolatile storage and volatile memory as well as , portable storage media 110. [0021] The computing system also includes a database 106. In alternative embodiments, database 106 is stored in memory 104, portable storage 110 or another storage device that is part of the system of Figure 1 or is in communication with the system of Figure 1. Other alternative architectures can also be used that are different from that depicted in Figure 1. Various embodiments, versions and modifications of systems of Figure 1 can be used to implement a computing device that performs all or part of the present invention. Examples of suitable computing devices include a personal computer, computer workstation, mainframe computer, handheld computer, personal digital assistant, pager, cellular telephone, smart appliance or multiple computers, a storage area network, a server farm, or any other suitable computing device. There may be any number of servers 16On, n+1 managed by a system administrator providing a back up service in accordance with the present invention.
[0022] Also provided on server 160 is a system data store 310. The data store is provided in the non- volatile memory space of server 160. While only one data store 160 is shown, it should be recognized that the store 160 may be replicated to or stored over a plurality of computers to ensure that the data thereon is protected from accidental loss. It should be understood that the representation of the SyncML server 195 and web sever 180 need not require that such servers be provided on different physical hardware than the System server 160.
[0023] The system of Figure 1 illustrates one server and client system suitable for use in the present invention. In an alternative embodiment of the invention, the advanced ID system can be constructed using a synchronization server described in Patent Nos. 6,671,757, 6,694,336 or 6,757,696.
[0024] A synchronization system described with respect to Patent Nos. 6,671,757, 6,694,336 or 6,757,696 comprises client software which provides the functions of a differencing transmitter/receiver/engine, and differencing synchronizer in the form of a device engine. The device engine may include at least one component particular to the type of device on which the device engine runs, which enables extraction of information from the device and conversion of the information to difference information, and transmission of the difference information to the storage server. The storage servers utilized in the may be any type of storage server, such as an Internet server or an FTP server, and may be provided from any source, such as any Internet service provider. In a key aspect of the sync system, the Internet connection between the devices or between the devices and a server, need not exist at the same point in time. In addition, only those changes to the information which are required to be forwarded to other systems on the system of the present invention are transmitted to enable fast response times.
[0025] Data from each of the sync client devices is coupled with a storage server. In one embodiment, each device engine implements all processing required to keep all the systems fully synchronized. Only one device engine needs to be coupled to the sync server at one particular point in time. This permits synchronization of multiple systems in a disconnected fashion. Each device engine will download all transactions encapsulating changes that have occurred since the last synchronization from the server and apply them to the particular device. The change or difference information (termed a "data package" or "change log") is provided in one or more data packages. Each data package describes changes to any and all transfer information across all device engines, including but not limited to application data, files, folders, application settings, and the like. Each device engine can control the download of data packages that include classes of information that apply to the specified local device. For example, contact names and phone numbers while another needs only changes to e-mail, changes to document files. [0026] Compression and encryption of the data packages may be optionally provided. Each device engine performs mapping and translation steps necessary for applying the data packages to the local format required for that type of information in the application data stores. The device engine also includes components which allow it to track ambiguous updates in cases where users have changed data to a particular data field on two different systems simultaneously since the last update. The output of the device engine comprises a data package which is output to sync server database. As noted above, only one device engine need be connected to the storage server 850 at a given time. The data package can be stored on the storage server until a request is made to a particular location of the storage server by another device engine. Access to areas of the storage server is controlled by a management server (MS). In one embodiment, each sync operation requires that the device engine for each device login to the management server to authenticate the device and provide the device engine with the location of the individual device's data packages on the storage server.
[0027] When data is returned to the delta module from the storage server, the delta module returns differenced data to the application object for the particular application which then translates the delta information into the particular interface utilized for application. Once a device engine has been fully applied all data packages from an input stream, it generates a series of data packages that describe the changes made on the local system. The device engine uses the local application objects to keep track of the last synchronized version of each application's actual data, which is then used for the next data comparison by the delta module on the next sync request. Generated data packages can include operations and encode changes generated from resolving ambiguous cases as described above. [0028] In this implementation, the sync server uses the concept of a universal data record in its internal sync differencing engine and when sending data to and retrieving from external
[0029] The management server supports an authentication interface that requires each device engine to authenticate with the management server before performing synchronization. Certain storage server implementations may utilize locking semantics to control read and write access to storage for multiple device engines. For example, in a generic FTP request, if two device engines attempt to connect to the same data at the same time, there must be some form of locking control to prevent device engines accessing the same data at the same time, hi this instance, the management server controls the device engine acquisition, renewal, and releasing of locks against data stored in the network.
[0030] Each device engine is uniquely identified and tracked by the management server. This allows for tailoring behavior between the management server and specific types of storage systems and device engine components. All device engine components are tagged and version stamped for management via the management server.
[0031] Also shown in Figure 1 is a server-side application ID service controller application 170 which includes a persona management component 162, a buddy management component 164, a user interface 166, and a digital rights manager 168. It will be understood in various implementations of the present invention, the functional components operating within the service-side application 170 can come in one case, push information maintained by the system of the present invention directly into phone 100 via a SyncML server 195 interacting with a fully robust SyncML client. Optionally, certain aspects of the control are handled by either the server-side application 170 or the client- side application 140, as described herein. [0032] In accordance with the invention, application agent 140 communicates personification information and changes made to the personification information stored in the data store of the telephone 100 to server 160 via the wireless network. Communication of user data from the device may take several forms. Where the client utilized SyncML communications with the server 160, communication may take place using the standards set forth in the SyncML specification. Changes are transmitted on a record-by-record basis or field-by-field basis. Alternatively, communication may occur via another protocol. The SyncML client is utilized to update the phone's native address book with buddy published information as well as to retrieve persona and link information from the server. Information can be exchanged via the SyncML protocol, or via a direct data link with the server 160. The system server stores and maintains each user account, link personal and buddy information as well as multimedia content, both system provided and user created. The server is a stand alone server and may be incorporated with the features of a synchronization system such as that described in U.S. patent 6,671,757. Details of this integration are described in further detail below. As noted above, a management interface is provided via the web server 180. Description of this interface is shown below.
[0033] The server 160 stores backup user data in a backup store 510 in a manner which associates the data with the user of the phone. In one embodiment the data is stored in bulk - that is all records and information for the user are stored in simple text form, or a copy of the entire database from the phone is stored on the server. In this embodiment, the server may store any number of copies of the data on a date-identified basis. Alternatively, the server 160 translates this information into change logs, in one embodiment, in accordance with the teachings of United States Patent Number . 6,671,757, 6,694,336 or 6,757,696.. This information is stored in backup data store 510 on server 160. This information is stored in the data store using a unique identifier (UID) associating the data with the individual user. The identifier may be any randomly selected identifier, so long as the user is uniquely identified, and the data is associated with the user. In a further aspect, this user UID may be a universally unique identifier (UUID), created in a manner described in the aforementioned 6,671,757, 6,694,336 or 6,757,696 patents or other manners to create a single ID for a given user.
[0034] Data store 510 can be any form of data storage for the user data. In one embodiment, the data store is a simple copy of the information stored on the device 100. In another embodiment, the data store is a database, such as an object database or a relational database. In yet another embodiment, the data store is simply a storage container for change logs created in accordance with United States Patent Number 6,671,757.
[0035] A web server 180 allowing a user on a computer or other device 190 having a web browser may optionally be provided to allow a user to configure aspects of the system of the invention. Server 180 may have a hardware configuration similar to computer 160 and may comprise one or more physical computers. Additionally, web server 180 may be integrated with server 160.
[0036] In one embodiment, aspects of the system of the present invention are configured via a phone interface. The system can alternatively be configured by a user via a web interface provided by the web server 180 via the user device 190.
[0037] In a unique aspect, the technology provides an auto-purge function for information stored in the data store 170 of the mobile device. The purpose of auto-purge is to ensure the privacy of a users' personal information on their mobile device in the event the device is lost, stolen, or otherwise compromised. Auto-purge deletes (or scrambles) the user's personal information contained in their address book, calendar, task list, photo gallery, downloaded media, and other on-device data stores. In addition, auto-purge may remove passwords, application settings, device configuration information, and other data present in volatile or non- volatile system memory 122, depending on a configuration defined by the user or the auto-purge system. In one embodiment, auto-purge may render the device inoperable by disabling the device's operating system, access points, network identification, BIOS, or other system software. In another embodiment, the device may silently relay its GPS position to the server when it receives an auto-purge command.
[0038] Shown in Figure 1 is an auto-purge engine 1000 running in memory of server 60. In one embodiment, client application 140 and engine 1000 cooperate to enable an automatic purge of any user information stored in the phone data store 170 and a memory 140. In another embodiment, the auto- purge function is performed entirely by the client application 140. Typically, a user's phone data store may include phone numbers and information that the user would prefer not be accessible to other should the phone be lost or stolen. The method of Figure 2 accomplishes a scramble or remove purging process.
[0039] At step 300, a user logs into the web server 180 to configure the auto purge process. Optionally, the auto-purge process may be enabled via the device 100. Next, at step 301, the auto-purge service may be configured. Configuration of auto-purge may be done on the mobile device 100 via auto- purge in client 140, via a web interface 180, via a program installed on a personal computer, via a telephony server (e.g., user can make a voice call to a server and use key tones to enter their authentication information), or via some other interface capable of accepting user input and relaying that input to the auto-purge server. Configuration options include an auto-purge password, an override code, and specification of which applications, settings, datastores, or other data are subject to auto-purge. Optionally, the user may select different codes and settings on a per-application, per-serting, per-datastore, or per-object basis. Alternatively, the user may use a single "Master auto-purge" setting which will remove or scramble all information possible from the device 100. Users may select the level of purge for such a "Master auto-purge" configruation (e.g., only remove the address book data, passwords, etc - but leave the device functioning). Configuration 301 is optional; in one embodiment, the user may simply enable the auto-purge functions and be provided with standard, pre-configured service.
[0040] Once the device's auto-purge settings are finalized, auto-purge is "armed" for that device at step 302. Auto-purge is then enabled in the client application at step 304. An auto-purge password and override setting may be stored on the device at step 304 in an obfuscated or encrypted form, or they may be stored only on the server 160. Note that the over-ride function is optional.
[0041] Generally, at a later point in time, (as indicated by the dashed line between step 304 and 306) when the user wishes to purge information on the device 100, the user activates the auto-purge feature at 306 by relaying a command to the server 160 by accessing the enterprise service 1010 via one of the mechanisms described above. Optionally, the user may send a signal directly to the application from another mobile device or processing device. The server 160 at step 307, relays an auto-purge command to the device via a mechanism such as a specially formatted SMS, a direct socket connection, or a specially formatted email. Alternatively, the device 100 may poll the server at an interval to determine if any auto-purge command is pending for the device. Upon receipt of a valid auto-purge command, if there is a configured override code, at step 309 the user may be prompted to enter the override code. This allows the user to prevent the auto-purge if they regain control of the device after sending the auto-purge command. If the user does not successfully enter the override code (optionally, after a number of retries), the auto-purge will take place at step 308. Optionally, the device may notify the server that the override code was entered successfully. In such an embodiment, the server will not resend auto-purge commands to the device if the code has been entered successfully. Without an override code ~ or upon receiving a signal which indicates the device should ignore any configured override code — the device will automatically delete or scramble data without user notification or intervention.
[0042] In a further optional step 310, the user information may be recovered or restored at step 310. If the user information is encrypted or deleted, the information may be loaded into the device from the data store 510 on server 1010. Alternatively, encrypted information still resident on the phone may be decrypted by a decrypt command, by providing an appropriate decryption key, or by entering a password (or restore code) to application 140 directly or from server 1010 once the device is recovered.
[0043] If the device receives multiple auto-purge commands, it may keep track of the number received and auto-purge without user intervention after a certain number of valid auto-purge commands have been reached (this will prevent an attacker from repeatedly power-cycling the device upon receipt of an auto-purge command). In another embodiment, once a valid auto-purge command has been received, on the next (and subsequent) restarts of the device, the auto-purge application will take control of the device's UI and require the entry of the override command.
[0044] In another embodiment, different auto-purge codes may be configured by the user for different functions on the purge features. For example, a user may configure a first code to delete information and a second to scramble information on the phone with a reversible encryption technique. This is useful where a user is unsure whether they have lost the phone or whether it has been stolen. These signals may be used in conjunction, such that scrambled data may later be deleted; "unscramble" code may also be configured.
[0045] To prevent malicious attackers from sending auto-purge commands to devices, standard public key encryption techniques may be used to verify the identity of the command initiator (similarly to how SSL clients verify the SSL server's certificate is valid). In this case, the client may be configured with the server's certificate at the time the auto-purge application is installed on the device. Alternatively, the server may transmit an auto-purge password (or password proxy such as a nonce/digest pair) in the auto-purge message. That will allow the device to validate the authenticity of the auto-purge command.
[0046] Scrambling of data may be accomplished by overwriting records, settings, files, or data structures on the device with randomly generated data, a data pattern (such as all O's or 1 's).
[0047] Figure 3 illustrates an alternative embodiment of the technology wherein the auto purge function is enabled by application 140 entirely on phone 100. As shown therein, at step 330, the user accesses an appropriate user interface provided by application 140 on phone UI 120. Configuration options such as those discussed above are provided by the interface and the application optionally configured (step 301) and armed (step 302) in accordance with the description of the method of Figure 2. As noted above, the signal to activate the auto purge at step 306 may be provided by server 1010 or another wireless device directly to the device 100.
[0048] The foregoing detailed description of the invention has been presented for purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise form disclosed. Many modifications and variations are possible in light of the above teaching. As noted herein, numerous variations on the architecture of the present invention are possible without departing from the scope and content of the present invention. In one embodiment, requests and responses can be compressed and encrypted.
[0049] The described embodiments were chosen in order to best explain the principles of the invention and its practical application to thereby enable others skilled in the art to best utilize the invention in various embodiments and with various modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims appended hereto.
[0050] Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.

Claims

CLAIMSWe claim:
1. A method for securing a mobile device having an information store, comprising: providing a mobile device application on a mobile device; and signaling the mobile application instructing the mobile application to render any user information stored on the mobile device useless.
2. The method of claim 1 wherein the step of signaling is performed by an enterprise service provider.
3. The method of claim 1 wherein the user information is rendered useless on the mobile device without providing any indication to a user interface on the device that the rendering is to occur.
4. The method of claim 1 further including the step of storing a copy of the personal information.
5. The method of claim 1 further including the step of restoring a copy of the personal information upon receipt of a restore command from the user.
6. The method of claim 1 wherein the step of signaling includes sending the signal from another mobile device.
7. The method of claim 1 wherein the step of instructing includes instructing the device to encrypt the personal information.
8. The method of claim 7 wherein the step of instructing includes instructing the device to decrypt the personal information.
9. The method of claim 1 wherein the step of instructing includes instructing the device to delete the personal information.
10. The method of claim 1 wherein the mobile device is a phone.
11. The method of claim 1 wherein the mobile device includes one or more sets of personal information for the user.
12. The method of claim 11 wherein the instructing step includes instructing the application to render a subset of the personal information useless.
13. A method for securing personal information on a mobile device, comprising: receiving an signal from a user to render personal information stored on the mobile device useless; and upon receipt of said signal, interacting with said user information to render at least a portion of the personal information inaccessible on the mobile device.
14. The method of claim 13 wherein the step of receiving includes receiving the signal from enterprise service provider.
15. The method of claim 13 wherein the signal is provided by the enterprise service provided when the user requests that the enterprise service provider send the signal
16. The method of claim 13 wherein the step of receiving includes receiving the signal from another mobile device.
17. The method of claim 13 wherein the step of interacting includes scrambling the personal information.
18. The method of claim 13 wherein the step of interacting includes deleting the personal information.
19. The method of claim 13 wherein the mobile device is a phone.
20. The method of claim 13 wherein the mobile device includes one or more sets of personal information for the user.
21. The method of claim 20 wherein the interacting step includes acting on only a subset of the user information.
22. The method of claim 13 wherein the step of interacting includes acting on all of the personal information
23. The method of claim 13 wherein the method further includes providing a mobile application to perform said receiving and interacting steps.
24. A method for providing an information service implemented on one or more processing devices coupled to a communication network, comprising: storing personal information for a plurality of users; providing a mobile device application to one or more users, the application including an information purge function enabled by a signal from the information service; upon installation of the mobile device application, receiving a set of configuration data for the mobile application from at least one user; and upon receiving an instruction from the at least one user to enable the information purge function, outputting a purge signal to the mobile application.
25. The method of claim 24 further including the step of providing a copy of the personal information upon receipt of a restore command from the user.
26. The method of claim 24 wherein the step of receiving includes receiving an instruction from another mobile device.
27. The method of claim 24 wherein the step of outputting a signal includes outputting a signal to the application to encrypt the personal information.
28. The method of claim 1 wherein the step of outputting a signal includes outputting a signal to the application to decrypt the personal information.
29. The method of claim 1 wherein the step of outputting a signal includes outputting a signal to the application to delete the personal information.
PCT/US2006/019312 2005-05-19 2006-05-19 Remote cell phone auto destruct WO2006125112A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP06770601A EP1882242A4 (en) 2005-05-19 2006-05-19 Remote cell phone auto destruct
JP2008512514A JP2008546253A (en) 2005-05-19 2006-05-19 Security protection method and information service provision method

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US68295105P 2005-05-19 2005-05-19
US60/682,951 2005-05-19

Publications (2)

Publication Number Publication Date
WO2006125112A2 true WO2006125112A2 (en) 2006-11-23
WO2006125112A3 WO2006125112A3 (en) 2007-11-08

Family

ID=37432154

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/019312 WO2006125112A2 (en) 2005-05-19 2006-05-19 Remote cell phone auto destruct

Country Status (6)

Country Link
US (1) US20070056043A1 (en)
EP (1) EP1882242A4 (en)
JP (1) JP2008546253A (en)
KR (1) KR20080017313A (en)
CN (1) CN101203893A (en)
WO (1) WO2006125112A2 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008079711A1 (en) * 2006-12-19 2008-07-03 Beyer Malcolm K Method of controlling user and remote cell phone transmissions and displays
WO2008110878A2 (en) 2007-03-09 2008-09-18 Sony Ericsson Mobile Communications Ab Device-initiated security policy
EP2122531A1 (en) * 2007-01-19 2009-11-25 Research in Motion Limited Selectively wiping a remote device
JP2010539856A (en) * 2007-09-18 2010-12-16 クゥアルコム・インコーポレイテッド Method and apparatus for creating a remotely activated protection backup service for a mobile handset
EP2430537A1 (en) * 2009-05-01 2012-03-21 Apple Inc. Remotely locating and commanding a mobile device
US8761728B2 (en) 2006-09-28 2014-06-24 Carpricode Oy Management of mobile station memory content
EP2820793A4 (en) * 2012-02-29 2015-11-18 Good Technology Corp Method of operating a computing device, computing device and computer program
US9319219B2 (en) 2012-02-29 2016-04-19 Good Technology Corporation Method of operating a computing device, computing device and computer program
US9385996B2 (en) 2012-02-29 2016-07-05 Good Technology Corporation Method of operating a computing device, computing device and computer program

Families Citing this family (59)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8620286B2 (en) 2004-02-27 2013-12-31 Synchronoss Technologies, Inc. Method and system for promoting and transferring licensed content and applications
US8156074B1 (en) * 2000-01-26 2012-04-10 Synchronoss Technologies, Inc. Data transfer and synchronization system
US6671757B1 (en) 2000-01-26 2003-12-30 Fusionone, Inc. Data transfer and synchronization system
WO2005010715A2 (en) 2003-07-21 2005-02-03 Fusionone, Inc. Device message management system
US20080082421A1 (en) * 2004-05-12 2008-04-03 Richard Onyon Monetization of an advanced contact identification system
US9542076B1 (en) 2004-05-12 2017-01-10 Synchronoss Technologies, Inc. System for and method of updating a personal profile
US8438647B2 (en) * 2005-07-14 2013-05-07 Imation Corp. Recovery of encrypted data from a secure storage device
US8335920B2 (en) * 2005-07-14 2012-12-18 Imation Corp. Recovery of data access for a locked secure storage device
US8015606B1 (en) 2005-07-14 2011-09-06 Ironkey, Inc. Storage device with website trust indication
US8321953B2 (en) * 2005-07-14 2012-11-27 Imation Corp. Secure storage device with offline code entry
US9160830B2 (en) * 2005-07-25 2015-10-13 Mediatek Inc. Mobile communication apparatus having anti-theft and auto-notification functions
US7543122B2 (en) * 2005-08-11 2009-06-02 Research In Motion Limited System and method for obscuring hand-held device data traffic information
US20070067620A1 (en) * 2005-09-06 2007-03-22 Ironkey, Inc. Systems and methods for third-party authentication
US8266378B1 (en) 2005-12-22 2012-09-11 Imation Corp. Storage device with accessible partitions
US8639873B1 (en) 2005-12-22 2014-01-28 Imation Corp. Detachable storage device with RAM cache
US20070300031A1 (en) * 2006-06-22 2007-12-27 Ironkey, Inc. Memory data shredder
CN101110853B (en) * 2006-07-21 2012-01-11 宏碁股份有限公司 Portable communication equipment with loss protection function and loss protection method thereof
US20080083982A1 (en) * 2006-10-10 2008-04-10 International Business Machines Corporation Method and system for initiating proximity warning alarm for electronic devices and prohibiting operation thereof
US8856511B2 (en) 2006-12-14 2014-10-07 Blackberry Limited System and method for wiping and disabling a removed device
US20080172744A1 (en) * 2007-01-17 2008-07-17 Honeywell International Inc. Methods and systems to assure data integrity in a secure data communications network
US8966032B2 (en) * 2007-03-14 2015-02-24 Amdocs Software Systems Limited System and method for propagating personal identification information to communication devices
US8181111B1 (en) 2007-12-31 2012-05-15 Synchronoss Technologies, Inc. System and method for providing social context to digital activity
US20090182740A1 (en) * 2008-01-16 2009-07-16 International Business Machines Corporation Methods for address book restoration from call logs
WO2009137371A2 (en) * 2008-05-02 2009-11-12 Ironkey, Inc. Enterprise device recovery
US20100228906A1 (en) * 2009-03-06 2010-09-09 Arunprasad Ramiya Mothilal Managing Data in a Non-Volatile Memory System
US8788635B2 (en) * 2009-03-20 2014-07-22 Microsoft Corporation Mitigations for potentially compromised electronic devices
AU2010244945B2 (en) 2009-05-05 2015-01-22 Absolute Software Corporation Discriminating data protection system
US20100298011A1 (en) * 2009-05-19 2010-11-25 Alcatel-Lucent Usa Inc. Method and Appartus for Remote Software Installation and Execution on a Mobile Device
GB2471282B (en) * 2009-06-22 2015-02-18 Barclays Bank Plc Method and system for provision of cryptographic services
US8683088B2 (en) * 2009-08-06 2014-03-25 Imation Corp. Peripheral device data integrity
US8745365B2 (en) * 2009-08-06 2014-06-03 Imation Corp. Method and system for secure booting a computer by booting a first operating system from a secure peripheral device and launching a second operating system stored a secure area in the secure peripheral device on the first operating system
US8255006B1 (en) 2009-11-10 2012-08-28 Fusionone, Inc. Event dependent notification system and method
CN101835143A (en) * 2010-05-05 2010-09-15 中兴通讯股份有限公司 Mobile terminal location system and method, and mobile terminal
KR101223890B1 (en) * 2011-06-22 2013-02-04 주식회사 멘토스 Mobile Phone Which is capable GPS Function
US8881229B2 (en) 2011-10-11 2014-11-04 Citrix Systems, Inc. Policy-based application management
US20140053234A1 (en) 2011-10-11 2014-02-20 Citrix Systems, Inc. Policy-Based Application Management
US9280377B2 (en) 2013-03-29 2016-03-08 Citrix Systems, Inc. Application with multiple operation modes
US9143529B2 (en) 2011-10-11 2015-09-22 Citrix Systems, Inc. Modifying pre-existing mobile applications to implement enterprise security policies
US20140032733A1 (en) 2011-10-11 2014-01-30 Citrix Systems, Inc. Policy-Based Application Management
US9215225B2 (en) 2013-03-29 2015-12-15 Citrix Systems, Inc. Mobile device locking with context
US8726343B1 (en) 2012-10-12 2014-05-13 Citrix Systems, Inc. Managing dynamic policies and settings in an orchestration framework for connected devices
US9516022B2 (en) 2012-10-14 2016-12-06 Getgo, Inc. Automated meeting room
US20140109176A1 (en) 2012-10-15 2014-04-17 Citrix Systems, Inc. Configuring and providing profiles that manage execution of mobile applications
US8910239B2 (en) 2012-10-15 2014-12-09 Citrix Systems, Inc. Providing virtualized private network tunnels
US20140109171A1 (en) 2012-10-15 2014-04-17 Citrix Systems, Inc. Providing Virtualized Private Network tunnels
CN104854561B (en) 2012-10-16 2018-05-11 思杰系统有限公司 Application program for application management framework encapsulates
US9606774B2 (en) 2012-10-16 2017-03-28 Citrix Systems, Inc. Wrapping an application with field-programmable business logic
US9971585B2 (en) 2012-10-16 2018-05-15 Citrix Systems, Inc. Wrapping unmanaged applications on a mobile device
US20140108793A1 (en) 2012-10-16 2014-04-17 Citrix Systems, Inc. Controlling mobile device access to secure data
US9355223B2 (en) 2013-03-29 2016-05-31 Citrix Systems, Inc. Providing a managed browser
US20140297840A1 (en) 2013-03-29 2014-10-02 Citrix Systems, Inc. Providing mobile device management functionalities
US9369449B2 (en) 2013-03-29 2016-06-14 Citrix Systems, Inc. Providing an enterprise application store
US8813179B1 (en) 2013-03-29 2014-08-19 Citrix Systems, Inc. Providing mobile device management functionalities
US10284627B2 (en) 2013-03-29 2019-05-07 Citrix Systems, Inc. Data management for an application with multiple operation modes
US9985850B2 (en) 2013-03-29 2018-05-29 Citrix Systems, Inc. Providing mobile device management functionalities
US8849979B1 (en) 2013-03-29 2014-09-30 Citrix Systems, Inc. Providing mobile device management functionalities
EP2835759B1 (en) 2013-08-08 2019-03-27 GbR Oliver Oechsle, Dr. Hans-Peter Dietz Method and system for managing a defective electronic user terminal
US9668140B2 (en) * 2013-12-30 2017-05-30 Cellco Partnership Devaluation of lost and stolen devices
US10037442B2 (en) * 2016-07-06 2018-07-31 Szu Chi Lo Anti-copy electronic device

Family Cites Families (100)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5544347A (en) * 1990-09-24 1996-08-06 Emc Corporation Data storage system controlled remote data mirroring with respectively maintained data indices
US5392390A (en) * 1992-04-10 1995-02-21 Intellilink Corp. Method for mapping, translating, and dynamically reconciling data between disparate computer platforms
JP2756392B2 (en) * 1992-08-27 1998-05-25 富士通株式会社 Computer with the function of linking e-mail and telephone
US6523079B2 (en) * 1993-02-19 2003-02-18 Elonex Ip Holdings Ltd Micropersonal digital assistant
US5710922A (en) * 1993-06-02 1998-01-20 Apple Computer, Inc. Method for synchronizing and archiving information between computer systems
JPH07295815A (en) * 1994-04-26 1995-11-10 Internatl Business Mach Corp <Ibm> Mapping system and method of permanence object
US5897640A (en) * 1994-08-08 1999-04-27 Microsoft Corporation Method and system of associating, synchronizing and reconciling computer files in an operating system
US5485161A (en) * 1994-11-21 1996-01-16 Trimble Navigation Limited Vehicle speed control based on GPS/MAP matching of posted speeds
CA2137492C (en) * 1994-12-07 1998-07-28 Lenny Kwok-Ming Hon System for and method of providing delta-versioning of the contents of pcte file objects
US5729735A (en) * 1995-02-08 1998-03-17 Meyering; Samuel C. Remote database file synchronizer
US5623406A (en) * 1995-03-06 1997-04-22 Jean D. Ichbiah Method and system for entering text in computer equipment
US5706509A (en) * 1995-04-28 1998-01-06 Intel Corporation Application independent record level synchronization
US5757669A (en) * 1995-05-31 1998-05-26 Netscape Communications Corporation Method and apparatus for workgroup information replication
US5864864A (en) * 1995-09-27 1999-01-26 Sun Microsystems, Inc. Method and apparatus for providing transparent persistent data support to foreign data types
US5884323A (en) * 1995-10-13 1999-03-16 3Com Corporation Extendible method and apparatus for synchronizing files on two different computer systems
US5727202A (en) * 1995-10-18 1998-03-10 Palm Computing, Inc. Method and apparatus for synchronizing information on two different computer systems
US5745906A (en) * 1995-11-14 1998-04-28 Deltatech Research, Inc. Method and apparatus for merging delta streams to reconstruct a computer file
US5729743A (en) * 1995-11-17 1998-03-17 Deltatech Research, Inc. Computer apparatus and method for merging system deltas
US5745750A (en) * 1995-12-15 1998-04-28 International Business Machines Corporation Process and article of manufacture for constructing and optimizing transaction logs for mobile file systems
US6189030B1 (en) * 1996-02-21 2001-02-13 Infoseek Corporation Method and apparatus for redirection of server external hyper-link references
US5727950A (en) * 1996-05-22 1998-03-17 Netsage Corporation Agent based instruction system and method
US6016478A (en) * 1996-08-13 2000-01-18 Starfish Software, Inc. Scheduling system with methods for peer-to-peer scheduling of remote users
US5859973A (en) * 1996-08-21 1999-01-12 International Business Machines Corporation Methods, system and computer program products for delayed message generation and encoding in an intermittently connected data communication system
US5884325A (en) * 1996-10-09 1999-03-16 Oracle Corporation System for synchronizing shared data between computers
US6044381A (en) * 1997-09-11 2000-03-28 Puma Technology, Inc. Using distributed history files in synchronizing databases
US7080260B2 (en) * 1996-11-19 2006-07-18 Johnson R Brent System and computer based method to automatically archive and retrieve encrypted remote client data files
US6038665A (en) * 1996-12-03 2000-03-14 Fairbanks Systems Group System and method for backing up computer files over a wide area computer network
US6202085B1 (en) * 1996-12-06 2001-03-13 Microsoft Corportion System and method for incremental change synchronization between multiple copies of data
US6012088A (en) * 1996-12-10 2000-01-04 International Business Machines Corporation Automatic configuration for internet access device
US6023708A (en) * 1997-05-29 2000-02-08 Visto Corporation System and method for using a global translator to synchronize workspace elements across a network
US6182141B1 (en) * 1996-12-20 2001-01-30 Intel Corporation Transparent proxy server
JP2912274B2 (en) * 1996-12-20 1999-06-28 静岡日本電気株式会社 Radio selective call receiver
US5875296A (en) * 1997-01-28 1999-02-23 International Business Machines Corporation Distributed file system web server user authentication with cookies
US5897642A (en) * 1997-07-14 1999-04-27 Microsoft Corporation Method and system for integrating an object-based application with a version control system
US6195794B1 (en) * 1997-08-12 2001-02-27 International Business Machines Corporation Method and apparatus for distributing templates in a component system
US6016394A (en) * 1997-09-17 2000-01-18 Tenfold Corporation Method and system for database application software creation requiring minimal programming
US6169911B1 (en) * 1997-09-26 2001-01-02 Sun Microsystems, Inc. Graphical user interface for a portable telephone
US6052735A (en) * 1997-10-24 2000-04-18 Microsoft Corporation Electronic mail object synchronization between a desktop computer and mobile device
US5896321A (en) * 1997-11-14 1999-04-20 Microsoft Corporation Text completion system for a miniature computer
US6034621A (en) * 1997-11-18 2000-03-07 Lucent Technologies, Inc. Wireless remote synchronization of data between PC and PDA
JP3337062B2 (en) * 1997-11-21 2002-10-21 日本電気株式会社 Wireless data transfer method and system
US6023723A (en) * 1997-12-22 2000-02-08 Accepted Marketing, Inc. Method and system for filtering unwanted junk e-mail utilizing a plurality of filtering mechanisms
US6205448B1 (en) * 1998-01-30 2001-03-20 3Com Corporation Method and apparatus of synchronizing two computer systems supporting multiple synchronization techniques
US6185598B1 (en) * 1998-02-10 2001-02-06 Digital Island, Inc. Optimized network resource location
JPH11249874A (en) * 1998-02-27 1999-09-17 Toshiba Corp Computer system and its synchronous processing method and recording medium
US6012063A (en) * 1998-03-04 2000-01-04 Starfish Software, Inc. Block file system for minimal incremental data transfer between computing devices
US6189096B1 (en) * 1998-05-06 2001-02-13 Kyberpass Corporation User authentification using a virtual private key
US6338096B1 (en) * 1998-06-10 2002-01-08 International Business Machines Corporation System uses kernals of micro web server for supporting HTML web browser in providing HTML data format and HTTP protocol from variety of data sources
US6535743B1 (en) * 1998-07-29 2003-03-18 Minorplanet Systems Usa, Inc. System and method for providing directions using a communication network
US6356910B1 (en) * 1998-08-07 2002-03-12 Paul Zellweger Method and apparatus for a self-service content menu
AU6410699A (en) * 1998-10-13 2000-05-01 Chris Cheah Method and system for controlled distribution of information over a network
US6516327B1 (en) * 1998-12-24 2003-02-04 International Business Machines Corporation System and method for synchronizing data in multiple databases
GB2345987B (en) * 1999-01-19 2003-08-06 Advanced Risc Mach Ltd Memory control within data processing systems
US6173310B1 (en) * 1999-03-23 2001-01-09 Microstrategy, Inc. System and method for automatic transmission of on-line analytical processing system report output
US6507891B1 (en) * 1999-07-22 2003-01-14 International Business Machines Corporation Method and apparatus for managing internal caches and external caches in a data processing system
US6523063B1 (en) * 1999-08-30 2003-02-18 Zaplet, Inc. Method system and program product for accessing a file using values from a redirect message string for each change of the link identifier
GB2371902B (en) * 1999-09-10 2004-11-17 Avantgo Inc System, method, and computer program product for interactive interfacing with mobile devices
US6360252B1 (en) * 1999-09-20 2002-03-19 Fusionone, Inc. Managing the transfer of e-mail attachments to rendering devices other than an original e-mail recipient
JP3725376B2 (en) * 1999-09-29 2005-12-07 株式会社東芝 DNS inquiry apparatus, DNS inquiry method, and recording medium
US6694335B1 (en) * 1999-10-04 2004-02-17 Microsoft Corporation Method, computer readable medium, and system for monitoring the state of a collection of resources
US6714987B1 (en) * 1999-11-05 2004-03-30 Nortel Networks Limited Architecture for an IP centric distributed network
US6870921B1 (en) * 1999-11-12 2005-03-22 Metro One Telecommunications, Inc. Enhanced directory assistance service providing individual or group directories
US7505762B2 (en) * 2004-02-27 2009-03-17 Fusionone, Inc. Wireless telephone data backup system
US6694336B1 (en) * 2000-01-25 2004-02-17 Fusionone, Inc. Data transfer and synchronization system
US20030037020A1 (en) * 2000-02-22 2003-02-20 Lars Novak Method and apparatus for synchronizing databases of portable devices without change logs
US6701316B1 (en) * 2000-04-07 2004-03-02 Nec Corporation Method and apparatus for intelligent network bandwidth and system resource utilization for web content fetch and refresh
US6363249B1 (en) * 2000-04-10 2002-03-26 Motorola, Inc. Dynamically configurable datagram message communication system
WO2001084433A1 (en) * 2000-05-01 2001-11-08 Mobliss, Inc. System for conducting electronic surveys
US20020016818A1 (en) * 2000-05-11 2002-02-07 Shekhar Kirani System and methodology for optimizing delivery of email attachments for disparate devices
US6353448B1 (en) * 2000-05-16 2002-03-05 Ez Online Network, Inc. Graphic user interface display method
US8463912B2 (en) * 2000-05-23 2013-06-11 Media Farm, Inc. Remote displays in mobile communication networks
US6868451B1 (en) * 2000-06-20 2005-03-15 Palm Source, Inc. Data exchange between a handheld device and another computer system using an exchange manager via synchronization
JP2002027544A (en) * 2000-07-04 2002-01-25 Fujitsu Ltd Data storing system
US6996631B1 (en) * 2000-08-17 2006-02-07 International Business Machines Corporation System having a single IP address associated with communication protocol stacks in a cluster of processing systems
WO2002037749A1 (en) * 2000-11-03 2002-05-10 Fusionone, Inc. Secure authentication of users via intermediate parties
JP3709338B2 (en) * 2000-11-22 2005-10-26 日本電気株式会社 Mobile phone user setting information management method and user setting information management system
US7299007B2 (en) * 2001-02-01 2007-11-20 Ack Venture Holdings, Llc Mobile computing and communication
US7499888B1 (en) * 2001-03-16 2009-03-03 Fusionone, Inc. Transaction authentication system and method
US6842695B1 (en) * 2001-04-17 2005-01-11 Fusionone, Inc. Mapping and addressing system for a secure remote access system
US6684206B2 (en) * 2001-05-18 2004-01-27 Hewlett-Packard Development Company, L.P. OLAP-based web access analysis method and system
FI114417B (en) * 2001-06-15 2004-10-15 Nokia Corp Select data for synchronization
AU2002355530A1 (en) * 2001-08-03 2003-02-24 John Allen Ananian Personalized interactive digital catalog profiling
US20030061163A1 (en) * 2001-09-27 2003-03-27 Durfield Richard C. Method and apparatus for verification/authorization by credit or debit card owner of use of card concurrently with merchant transaction
US20030065934A1 (en) * 2001-09-28 2003-04-03 Angelo Michael F. After the fact protection of data in remote personal and wireless devices
GB0128243D0 (en) * 2001-11-26 2002-01-16 Cognima Ltd Cognima patent
US7162494B2 (en) * 2002-05-29 2007-01-09 Sbc Technology Resources, Inc. Method and system for distributed user profiling
JP2004112119A (en) * 2002-09-13 2004-04-08 Nec Corp Sharing system of telephone directory information in portable telephone
US7107349B2 (en) * 2002-09-30 2006-09-12 Danger, Inc. System and method for disabling and providing a notification for a data processing device
US20060035647A1 (en) * 2003-01-30 2006-02-16 Intrado Apparatus and method for displaying caller ID with location information
WO2005010715A2 (en) * 2003-07-21 2005-02-03 Fusionone, Inc. Device message management system
US9344850B2 (en) * 2003-08-08 2016-05-17 Telecommunication Systems, Inc. Method and system for collecting, synchronizing, and reporting telecommunication call events
US7590837B2 (en) * 2003-08-23 2009-09-15 Softex Incorporated Electronic device security and tracking system and method
WO2005026952A2 (en) * 2003-09-17 2005-03-24 Research In Motion Limited System and method for management of mutating applications
US20050064859A1 (en) * 2003-09-23 2005-03-24 Motorola, Inc. Server-based system for backing up memory of a wireless subscriber device
WO2005103929A1 (en) * 2004-04-20 2005-11-03 Pluck Corporation Method, system, and computer program product for sharing information within a global computer network
ATE541423T1 (en) * 2004-04-30 2012-01-15 Research In Motion Ltd SYSTEM AND METHOD FOR PERFORMING RECOVERY OPERATIONS ON MOBILE DEVICES
EP1759521B1 (en) * 2004-05-12 2016-06-29 Synchronoss Technologies, Inc. Advanced contact identification system
US7421589B2 (en) * 2004-07-21 2008-09-02 Beachhead Solutions, Inc. System and method for lost data destruction of electronic data stored on a portable electronic device using a security interval
EP1889169A4 (en) * 2005-05-19 2011-12-28 Fusionone Inc Mobile device address book builder
US7752209B2 (en) * 2005-09-14 2010-07-06 Jumptap, Inc. Presenting sponsored content on a mobile communication facility

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of EP1882242A4 *

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8761728B2 (en) 2006-09-28 2014-06-24 Carpricode Oy Management of mobile station memory content
WO2008079711A1 (en) * 2006-12-19 2008-07-03 Beyer Malcolm K Method of controlling user and remote cell phone transmissions and displays
US9652629B2 (en) 2007-01-19 2017-05-16 Blackberry Limited Selectively wiping a remote device
US10162983B2 (en) 2007-01-19 2018-12-25 Blackberry Limited Selectively wiping a remote device
EP2570961B1 (en) * 2007-01-19 2019-03-13 BlackBerry Limited Selectively wiping a remote device
EP2122531A1 (en) * 2007-01-19 2009-11-25 Research in Motion Limited Selectively wiping a remote device
US10540520B2 (en) 2007-01-19 2020-01-21 Blackberry Limited Selectively wiping a remote device
EP2570961A1 (en) * 2007-01-19 2013-03-20 Research In Motion Limited Selectively wiping a remote device
US11030338B2 (en) 2007-01-19 2021-06-08 Blackberry Limited Selectively wiping a remote device
EP2122531B1 (en) * 2007-01-19 2014-10-01 BlackBerry Limited Selectively wiping a remote device
US9100413B2 (en) 2007-01-19 2015-08-04 Blackberry Limited Selectively wiping a remote device
US9106670B2 (en) 2007-01-19 2015-08-11 Blackberry Limited Selectively wiping a remote device
US9191822B2 (en) 2007-03-09 2015-11-17 Sony Corporation Device-initiated security policy
WO2008110878A3 (en) * 2007-03-09 2008-11-06 Sony Ericsson Mobile Comm Ab Device-initiated security policy
WO2008110878A2 (en) 2007-03-09 2008-09-18 Sony Ericsson Mobile Communications Ab Device-initiated security policy
US8554176B2 (en) 2007-09-18 2013-10-08 Qualcomm Incorporated Method and apparatus for creating a remotely activated secure backup service for mobile handsets
JP2010539856A (en) * 2007-09-18 2010-12-16 クゥアルコム・インコーポレイテッド Method and apparatus for creating a remotely activated protection backup service for a mobile handset
EP2430537A1 (en) * 2009-05-01 2012-03-21 Apple Inc. Remotely locating and commanding a mobile device
US9385996B2 (en) 2012-02-29 2016-07-05 Good Technology Corporation Method of operating a computing device, computing device and computer program
US9356994B2 (en) 2012-02-29 2016-05-31 Good Technology Corporation Method of operating a computing device, computing device and computer program
US9319219B2 (en) 2012-02-29 2016-04-19 Good Technology Corporation Method of operating a computing device, computing device and computer program
EP2820793A4 (en) * 2012-02-29 2015-11-18 Good Technology Corp Method of operating a computing device, computing device and computer program

Also Published As

Publication number Publication date
CN101203893A (en) 2008-06-18
KR20080017313A (en) 2008-02-26
JP2008546253A (en) 2008-12-18
US20070056043A1 (en) 2007-03-08
WO2006125112A3 (en) 2007-11-08
EP1882242A2 (en) 2008-01-30
EP1882242A4 (en) 2011-05-25

Similar Documents

Publication Publication Date Title
US20070056043A1 (en) Remote cell phone auto destruct
US8260353B2 (en) SIM messaging client
EP1759521B1 (en) Advanced contact identification system
EP1523152B1 (en) Connector gateway
US7921182B2 (en) Management of service components installed in an electronic device in a mobile services network
CN109460660B (en) Mobile device safety management system
US8732827B1 (en) Smartphone security system
US20070053335A1 (en) Mobile device address book builder
US7239877B2 (en) Mobile provisioning tool system
US8418258B2 (en) System for providing mobile data security
US20070038680A1 (en) Management of mobile-device data
EP3293925B1 (en) A network storage system and a control method for accessing the network storage content
CN104486388A (en) Accessing method and device of cloud storage file
CN100566311C (en) The system and method for provisioning component applications
Tso et al. iPhone social networking for evidence investigations using iTunes forensics
US20130014252A1 (en) Portable computer accounts
KR20090113372A (en) Method of identifying devices in mobile and desktop environments
US20090328233A1 (en) Sending log of accessed data prior to executing disable command in lost computer
Bala WhatsApp forensics and its challenges for android smartphone
O’Connor Attack surface analysis of Blackberry devices
Pochampally et al. A secure tracking mobile app development
KR20220166099A (en) System for providing message delete service
FR2901386A1 (en) Magnetic/optical/electronic/electro-optic type personal external storage medium e.g. universal serial bus key, for use in computer system, has processing module including sub-module creating cache file and accessing to cache file
WO2010131980A1 (en) Systems, methods and devices for management of a plurality of mobile devices

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200680017122.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2006770601

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 1020077026636

Country of ref document: KR

ENP Entry into the national phase

Ref document number: 2008512514

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU