GB2421147A - Secure profiles for mobile devices - Google Patents
Secure profiles for mobile devices Download PDFInfo
- Publication number
- GB2421147A GB2421147A GB0426864A GB0426864A GB2421147A GB 2421147 A GB2421147 A GB 2421147A GB 0426864 A GB0426864 A GB 0426864A GB 0426864 A GB0426864 A GB 0426864A GB 2421147 A GB2421147 A GB 2421147A
- Authority
- GB
- United Kingdom
- Prior art keywords
- secure
- profile
- profiles
- user
- context
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/72—Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
- H04M1/724—User interfaces specially adapted for cordless or mobile telephones
- H04M1/72448—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
- H04M1/72457—User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to geographic location
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/107—Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M1/00—Substation equipment, e.g. for use by subscribers
- H04M1/66—Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Abstract
A multi-function mobile device (10), such as a mobile telephone or PDA, including a secure storage area (22) for storing one or more context dependent secure profiles (26), each profile (26) being indicative of functionality that is to be enforced or disabled and each being inaccessible to a user. Also provided is a profile manager (18) for determining the context of the device, and selecting and implementing one of the secure profiles (26) based on the determined context, so that one or more functions of the device (10) are disabled or enforced.
Description
-1- 2421147 Secure Profile The present invention relates to secure
profiles for mobile devices, such as mobile telephones and/or PDAs.
Concerns have been raised about the use of camera telephones in places where security or privacy is an issue. Cameras can be used to steal industrial secrets or take pictures of people in a state of undress in sports changing rooms etc. In addition, there is the well-known problem of people receiving telephone calls in inappropriate situations such as at the theatre or cinema, causing disturbance and annoyance to others in the audience.
To address some of these issues, US20030092428 describes a mobile telephone that can activate an "In-Public-Use" profile when in a public establishment that is transmitting an appropriate command signal. In the event that the command signal is received, the "In-Public-Use" profile causes the device to switch off US 6,690,940 describes another system for selectively preventing non- emergency use of an electronic device. This is aimed primarily at disabling mobile phones in moving vehicles to avoid accidents.
US 6,701,144 discloses yet another system for controlling the functionality of a mobile device. This involves automatically configuring features on the device based on geographic location. This allows the user to save a particular location and the desired configurations corresponding to that location, e.g. turn off ringer when location known to be a theatre is entered. A difficulty with this system is that the profiles are totally specified by the user and so is effectively optional. There is no provision for enforcing the disabling of some features.
US 6,748,195 describes a wireless device having context based operational behaviour. In this, a wireless device uses profiles associated with one or more contexts. Each profile defines various operating situations. Depending on the context, the wireless device changes its operational behaviour in accordance with a defined profile. However, as with US 6,701, 144, there is no provision for enforcing the profiles.
According to one aspect of the present invention, there is provided a multi- function mobile device, such as a mobile telephone or PDA, including one or more context dependent secure profiles, each profile being indicative of functionality that is to be disabled and each being inaccessible to a user; a profile manager for determining the context of the device and selecting and implementing an appropriate one of the securc profiles so that one or more functions of the device are disabled.
By using a secure profile to control access to various functions of the device, there is provided a means for controlling context dependent functionality in a secure environment.
The device may further include a user storage area for storing user profiles. In this case, the means for implementing the selected secure profile are operable to use both the user profile and the selected secure profile to determine those functions that are to be enforced or disabled, wherein when there is a conflict between the user and secure profiles, the secure profile is given priority.
The secure profile may be provided on a removable memory device. The user profile may be provided on a removable memory device.
According to another aspect of the invention, there is provided a memory device having a secure memory and one or more secure profiles for use in the mobile device of any of the preceding claims.
Various aspects of the invention will now be described by way of example only and with reference to the accompanying drawings, of which: Figure 1 is a block diagram of a mobile telephone, and Figure 2 is an illustration of secure device profiles for use in the telephone of Figure 1.
Figure 1 shows a mobile device 10. This includes a transmitter and receiver 12 for allowing wireless communications and various applications 14 for implementing a plurality of different device functions, such as a camera application, a video application and an audio application. Also included in the device are a user interface 16 for allowing users to input data and a controller 18, for example a microprocessor, for controlling device functionality. These features are known and so will not be described in detail.
Connected to the controller 18 are a user storage area 20 and a secure storage area 22. The user area 20 is provided for storing user-defined profiles 24 and the secure area 22 is provided for storing secure profiles 26. Each of the secure and user profiles 24 and 26 respectively define attributes that have to be enforced by the device when in use. The secure profiles 26 define context dependent functionality.
Associated with each secure profile 26 is an identifier that is indicative of the context in which it is to be implemented, for example in a particular location, such as an office or theatre. Examples of various user and secure profiles 24 and 26 respectively are shown in Figure 2. In this case, two secure profiles 26 are provided, one that has to be enforced in an office environment and one that has to be enforced in a cinema environment.
Many user profiles 24 can be stored, but only one may be active at a time.
Likewise, many secure profiles 26 can be stored, but only one may be active at a time.
It is however possible to have both a user profile 24 and a secure profile 26 active at the same time. In this case, the overall state of the device is determined by the user profile in combination with a secure profile. Where attributes are defined in both such profiles and there is a conflict between these, the attributes identified in the secure profile take priority. The secure profiles 26 may be provided by, for example, a service provider such as a ticket issuer, so that the functionality of the mobile device can be controlled when the device is an environment associated with that provider, e.g. a cinema. Whilst the user profiles 24 are defined and can be edited by a user, the secure profiles 26 cannot be modified.
To ensure that the user and secure profiles 24 and 26 respectively are enforced, a profile manager 28 is provided. This may be provided as part of the controller 18, as shown in Figure 1, or as a separate unit. The profile manager 28 is a trusted application that has access to the secure storage area and to basic hardware functions of the device. Only the profile manager 28 can activate or edit a secure profile. User access to the secure profiles is prohibited. This can be ensured by using a secure environment, for example a tamper-proof memory.
The profile manager 28 runs on the electronic device and is digitally signed to ensure authenticity. The first function of the profile manager 28 is to determine the current context. In one embodiment, the context could be set when a digital ticket stored on the device or in a connected smart card such as the SIM or a second card is presented at a ticket barrier and access (to a venue, transport or a service etc) is granted. In another embodiment the context could be set by geographical location using GPS or proximity to a wireless hotspot. In either case the profile manager 28 would need to be informed that a context change has happened. This could be achieved via an interrupt or by the profile manager 28 regularly polling a state register either on a connected smart card or stored securely on the device. Once the context has been determined, the profile manager ascertains if there is a secure profile 26 associated with the current context and if there is, makes sure that it is enforced.
The secure and user profiles 24 and 26 respectively can be enforced in a number of manners. In one embodiment the device includes a secure database, which only the profile manager can write to and alter. Once the context is determined and the secure profile 26 for that context is selected, the profile manager is operable to up-date the secure database so that it contains the current overall state of functionality in the device as indicated in the secure profile. Each function of the device such as camera, incoming calls etc will have an attribute and a value in the database. These functions must only be enabled if the corresponding entry in the database indicates that they are permitted. An alternative would be for the profile manager to act as a server responding to requests for access to the device's various features. Access would only be granted via the profile manager and would not be permitted by any other means.
On receipt of a request the profile manager would check the current context, where appropriate read the associated secure profile, combine it with the currently selected user profile and on this basis grant or deny access.
In use, when a user selects an application or function, the selected application firstly has to check whether it can be implemented. Any request for functionality is therefore captured and either forwarded to the profile manager or cross checked with the secure database. Where the status of all functions is stored in a secure database, this is checked to determine whether the application can be opened. Where the request is forwarded to the profile manager, this checks the currently active user and secure profiles to determine whether the application or function can be implemented.
In the event that the profiles indicate that the application or function is disabled, the selected application is not allowed to run. In contrast, in the event that the active profile indicates that the application or function is not disabled, the selected application is allowed to run. Hence, the profile manager is able to enforce all currently active profiles.
The profile manager may be implemented in a number of different ways. In one embodiment it could be enforced in the kernel of the device in the drivers for the various functions. Each driver would refer to the secure database before activating the given function. In another embodiment, the profile manager could be implemented in the application programmer's interface (API). The profile manager would also have to be involved if the user edited the currently selected user profile or selected a different one, since in both these cases the secure database would need to be updated.
A skilled person will appreciate that variations of the disclosed arrangements are possible without departing from the invention. For example, whilst typically each of the camera, video and audio applications and the profile manager would be implemented in software and run on a processor (not shown), a full hardware implementation may be possible. Also whilst the user and secure areas are shown as part of the mobile device, it will be appreciated that either or both could be provided on a removable memory card. This would allow both the user and secure profiles to be transferred to a different device at will. Also, it allows the option of service providers providing memory devices with a secure profile of their choice as tickets to allow entry into a secure or restricted area. For example, an airline ticket could be provided as an electronic ticket with a profile that forces the mobile device to turn off all (RF) communication facilities but leaves the camera, diary functions and games still available. Of course, tickets of this nature could equally be downloaded directly onto the device. Equally, a cinema ticket profile could disable phone calls but still allow text messaging, and a sports club ticket could just disable the camera.
Accordingly the above description of the specific embodiment is made by way of example only and not for the purposes of limitation. It will be clear to the skilled person that minor modifications may be made without significant changes to the operation described.
Claims (5)
- Claims 1. A multi-function mobile device, such as a mobile telephone orPDA, including: a secure storage area for storing one or more context dependent secure profiles, each profile being indicative of functionality that is to be enforced or disabled and each being inaccessible to a device user; means for determining the context of the device, and means for implementing one of the secure profiles selected as a function of the determined context, so that one or more functions of the device are disabled or enforced.
- 2. A mobile device as claimed in claim 1 further including a user storage area for storing user profiles.
- 3. A mobile device as claimed in claim 2 wherein the means for implementing the selected secure profile are operable to use both the user profile and the selected secure profile to determine those functions that are to be enforced or disabled, wherein when there is a conflict between the user and secure profiles, the secure profile is given priority.
- 4. A mobile device as claimed in any of the preceding claims wherein the secure profile is provided on a removable memory device.
- 5. A memory device having a secure memory and one or more secure profiles for use in the mobile device of any of the preceding claims.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0426864A GB2421147A (en) | 2004-12-08 | 2004-12-08 | Secure profiles for mobile devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB0426864A GB2421147A (en) | 2004-12-08 | 2004-12-08 | Secure profiles for mobile devices |
Publications (2)
Publication Number | Publication Date |
---|---|
GB0426864D0 GB0426864D0 (en) | 2005-01-12 |
GB2421147A true GB2421147A (en) | 2006-06-14 |
Family
ID=34073349
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB0426864A Withdrawn GB2421147A (en) | 2004-12-08 | 2004-12-08 | Secure profiles for mobile devices |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2421147A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2471179A (en) * | 2009-06-16 | 2010-12-22 | Intel Corp | Context-based limitation of mobile device operation |
US8446398B2 (en) | 2009-06-16 | 2013-05-21 | Intel Corporation | Power conservation for mobile device displays |
US8776177B2 (en) | 2009-06-16 | 2014-07-08 | Intel Corporation | Dynamic content preference and behavior sharing between computing devices |
US8904164B2 (en) | 2009-06-16 | 2014-12-02 | Intel Corporation | Multi-mode handheld wireless device to provide data utilizing combined context awareness and situational awareness |
US9092069B2 (en) | 2009-06-16 | 2015-07-28 | Intel Corporation | Customizable and predictive dictionary |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001067799A2 (en) * | 2000-03-06 | 2001-09-13 | Nokia Mobile Phones | Method and apparatus for automatically changing the profile of a wireless terminal |
US20030092428A1 (en) * | 2001-11-15 | 2003-05-15 | Ibm Corporation | System and method for mitigating the mobile phone nuisance factor |
GB2397196A (en) * | 2003-01-08 | 2004-07-14 | Nec Technologies | Mobile communications device with location dependent mode of operation. |
-
2004
- 2004-12-08 GB GB0426864A patent/GB2421147A/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2001067799A2 (en) * | 2000-03-06 | 2001-09-13 | Nokia Mobile Phones | Method and apparatus for automatically changing the profile of a wireless terminal |
US20030092428A1 (en) * | 2001-11-15 | 2003-05-15 | Ibm Corporation | System and method for mitigating the mobile phone nuisance factor |
GB2397196A (en) * | 2003-01-08 | 2004-07-14 | Nec Technologies | Mobile communications device with location dependent mode of operation. |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2471179A (en) * | 2009-06-16 | 2010-12-22 | Intel Corp | Context-based limitation of mobile device operation |
US8254957B2 (en) | 2009-06-16 | 2012-08-28 | Intel Corporation | Context-based limitation of mobile device operation |
US8446398B2 (en) | 2009-06-16 | 2013-05-21 | Intel Corporation | Power conservation for mobile device displays |
GB2471179B (en) * | 2009-06-16 | 2013-06-19 | Intel Corp | Context-based limitation of mobile device operation |
US8776177B2 (en) | 2009-06-16 | 2014-07-08 | Intel Corporation | Dynamic content preference and behavior sharing between computing devices |
US8803868B2 (en) | 2009-06-16 | 2014-08-12 | Intel Corporation | Power conservation for mobile device displays |
US8904164B2 (en) | 2009-06-16 | 2014-12-02 | Intel Corporation | Multi-mode handheld wireless device to provide data utilizing combined context awareness and situational awareness |
US8909915B2 (en) | 2009-06-16 | 2014-12-09 | Intel Corporation | Multi-mode handheld wireless device with shared mode to support cross-mode communications |
US9092069B2 (en) | 2009-06-16 | 2015-07-28 | Intel Corporation | Customizable and predictive dictionary |
TWI555374B (en) * | 2009-06-16 | 2016-10-21 | 英特爾公司 | Context-based limitation of mobile device operation |
Also Published As
Publication number | Publication date |
---|---|
GB0426864D0 (en) | 2005-01-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7194273B2 (en) | Location based service restrictions for mobile applications | |
US7769394B1 (en) | System and method for location-based device control | |
KR101156238B1 (en) | Context-based limitation of mobile device operation | |
US9571522B2 (en) | Method for applying location-based control policy of mobile device | |
EP1825703B1 (en) | Mobile phone policy management | |
US8755840B2 (en) | Data execution control method and system therefor | |
US7945243B2 (en) | Mobile communication terminal for protecting private contents and method for controlling the same | |
US8923891B2 (en) | Intelligent location tagging for deterministic device behavior | |
TWI383637B (en) | Systems and methods for controlling service access on a wireless communication device | |
EP1562355B1 (en) | System and method for controlling functions of mobile communication terminal | |
US9661126B2 (en) | Driving distraction reduction system and method | |
EP1445925A2 (en) | Call screening based on location and context | |
US20060141985A1 (en) | Dynamic management for interface access permissions | |
US20100099354A1 (en) | Setting mobile device operating mode using near field communication | |
US8787941B2 (en) | Prohibiting electronic device usage based on geographical location | |
JP2006203507A (en) | Mobile terminal restricting its function, and radio communication system | |
WO2015026389A2 (en) | Utilizations and applications of near field communications in mobile device management and security | |
JP3854863B2 (en) | Function control method for information communication terminal, terminal control device, and information communication terminal | |
WO2018049609A1 (en) | Permission control method and device | |
GB2421147A (en) | Secure profiles for mobile devices | |
JP2008250930A (en) | Data access control system, user information management device, data access determining device, mobile unit, and data access control method | |
EP1175804B1 (en) | System and method for setting the mode of operation of an electronic device | |
EP1670270A1 (en) | Method and means for controlling a mobile terminal | |
US20070265019A1 (en) | Method and apparatus for switching the mode of radio equipment in certain environments | |
JP2005198038A (en) | Portable terminal function control system and portable terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |