GB2421147A - Secure profiles for mobile devices - Google Patents

Secure profiles for mobile devices Download PDF

Info

Publication number
GB2421147A
GB2421147A GB0426864A GB0426864A GB2421147A GB 2421147 A GB2421147 A GB 2421147A GB 0426864 A GB0426864 A GB 0426864A GB 0426864 A GB0426864 A GB 0426864A GB 2421147 A GB2421147 A GB 2421147A
Authority
GB
United Kingdom
Prior art keywords
secure
profile
profiles
user
context
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0426864A
Other versions
GB0426864D0 (en
Inventor
Andrew Exton
Danilo Melandri
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Panasonic Holdings Corp
Original Assignee
Matsushita Electric Industrial Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Matsushita Electric Industrial Co Ltd filed Critical Matsushita Electric Industrial Co Ltd
Priority to GB0426864A priority Critical patent/GB2421147A/en
Publication of GB0426864D0 publication Critical patent/GB0426864D0/en
Publication of GB2421147A publication Critical patent/GB2421147A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72448User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions
    • H04M1/72457User interfaces specially adapted for cordless or mobile telephones with means for adapting the functionality of the device according to specific conditions according to geographic location
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/66Substation equipment, e.g. for use by subscribers with means for preventing unauthorised or fraudulent calling
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Abstract

A multi-function mobile device (10), such as a mobile telephone or PDA, including a secure storage area (22) for storing one or more context dependent secure profiles (26), each profile (26) being indicative of functionality that is to be enforced or disabled and each being inaccessible to a user. Also provided is a profile manager (18) for determining the context of the device, and selecting and implementing one of the secure profiles (26) based on the determined context, so that one or more functions of the device (10) are disabled or enforced.

Description

-1- 2421147 Secure Profile The present invention relates to secure
profiles for mobile devices, such as mobile telephones and/or PDAs.
Concerns have been raised about the use of camera telephones in places where security or privacy is an issue. Cameras can be used to steal industrial secrets or take pictures of people in a state of undress in sports changing rooms etc. In addition, there is the well-known problem of people receiving telephone calls in inappropriate situations such as at the theatre or cinema, causing disturbance and annoyance to others in the audience.
To address some of these issues, US20030092428 describes a mobile telephone that can activate an "In-Public-Use" profile when in a public establishment that is transmitting an appropriate command signal. In the event that the command signal is received, the "In-Public-Use" profile causes the device to switch off US 6,690,940 describes another system for selectively preventing non- emergency use of an electronic device. This is aimed primarily at disabling mobile phones in moving vehicles to avoid accidents.
US 6,701,144 discloses yet another system for controlling the functionality of a mobile device. This involves automatically configuring features on the device based on geographic location. This allows the user to save a particular location and the desired configurations corresponding to that location, e.g. turn off ringer when location known to be a theatre is entered. A difficulty with this system is that the profiles are totally specified by the user and so is effectively optional. There is no provision for enforcing the disabling of some features.
US 6,748,195 describes a wireless device having context based operational behaviour. In this, a wireless device uses profiles associated with one or more contexts. Each profile defines various operating situations. Depending on the context, the wireless device changes its operational behaviour in accordance with a defined profile. However, as with US 6,701, 144, there is no provision for enforcing the profiles.
According to one aspect of the present invention, there is provided a multi- function mobile device, such as a mobile telephone or PDA, including one or more context dependent secure profiles, each profile being indicative of functionality that is to be disabled and each being inaccessible to a user; a profile manager for determining the context of the device and selecting and implementing an appropriate one of the securc profiles so that one or more functions of the device are disabled.
By using a secure profile to control access to various functions of the device, there is provided a means for controlling context dependent functionality in a secure environment.
The device may further include a user storage area for storing user profiles. In this case, the means for implementing the selected secure profile are operable to use both the user profile and the selected secure profile to determine those functions that are to be enforced or disabled, wherein when there is a conflict between the user and secure profiles, the secure profile is given priority.
The secure profile may be provided on a removable memory device. The user profile may be provided on a removable memory device.
According to another aspect of the invention, there is provided a memory device having a secure memory and one or more secure profiles for use in the mobile device of any of the preceding claims.
Various aspects of the invention will now be described by way of example only and with reference to the accompanying drawings, of which: Figure 1 is a block diagram of a mobile telephone, and Figure 2 is an illustration of secure device profiles for use in the telephone of Figure 1.
Figure 1 shows a mobile device 10. This includes a transmitter and receiver 12 for allowing wireless communications and various applications 14 for implementing a plurality of different device functions, such as a camera application, a video application and an audio application. Also included in the device are a user interface 16 for allowing users to input data and a controller 18, for example a microprocessor, for controlling device functionality. These features are known and so will not be described in detail.
Connected to the controller 18 are a user storage area 20 and a secure storage area 22. The user area 20 is provided for storing user-defined profiles 24 and the secure area 22 is provided for storing secure profiles 26. Each of the secure and user profiles 24 and 26 respectively define attributes that have to be enforced by the device when in use. The secure profiles 26 define context dependent functionality.
Associated with each secure profile 26 is an identifier that is indicative of the context in which it is to be implemented, for example in a particular location, such as an office or theatre. Examples of various user and secure profiles 24 and 26 respectively are shown in Figure 2. In this case, two secure profiles 26 are provided, one that has to be enforced in an office environment and one that has to be enforced in a cinema environment.
Many user profiles 24 can be stored, but only one may be active at a time.
Likewise, many secure profiles 26 can be stored, but only one may be active at a time.
It is however possible to have both a user profile 24 and a secure profile 26 active at the same time. In this case, the overall state of the device is determined by the user profile in combination with a secure profile. Where attributes are defined in both such profiles and there is a conflict between these, the attributes identified in the secure profile take priority. The secure profiles 26 may be provided by, for example, a service provider such as a ticket issuer, so that the functionality of the mobile device can be controlled when the device is an environment associated with that provider, e.g. a cinema. Whilst the user profiles 24 are defined and can be edited by a user, the secure profiles 26 cannot be modified.
To ensure that the user and secure profiles 24 and 26 respectively are enforced, a profile manager 28 is provided. This may be provided as part of the controller 18, as shown in Figure 1, or as a separate unit. The profile manager 28 is a trusted application that has access to the secure storage area and to basic hardware functions of the device. Only the profile manager 28 can activate or edit a secure profile. User access to the secure profiles is prohibited. This can be ensured by using a secure environment, for example a tamper-proof memory.
The profile manager 28 runs on the electronic device and is digitally signed to ensure authenticity. The first function of the profile manager 28 is to determine the current context. In one embodiment, the context could be set when a digital ticket stored on the device or in a connected smart card such as the SIM or a second card is presented at a ticket barrier and access (to a venue, transport or a service etc) is granted. In another embodiment the context could be set by geographical location using GPS or proximity to a wireless hotspot. In either case the profile manager 28 would need to be informed that a context change has happened. This could be achieved via an interrupt or by the profile manager 28 regularly polling a state register either on a connected smart card or stored securely on the device. Once the context has been determined, the profile manager ascertains if there is a secure profile 26 associated with the current context and if there is, makes sure that it is enforced.
The secure and user profiles 24 and 26 respectively can be enforced in a number of manners. In one embodiment the device includes a secure database, which only the profile manager can write to and alter. Once the context is determined and the secure profile 26 for that context is selected, the profile manager is operable to up-date the secure database so that it contains the current overall state of functionality in the device as indicated in the secure profile. Each function of the device such as camera, incoming calls etc will have an attribute and a value in the database. These functions must only be enabled if the corresponding entry in the database indicates that they are permitted. An alternative would be for the profile manager to act as a server responding to requests for access to the device's various features. Access would only be granted via the profile manager and would not be permitted by any other means.
On receipt of a request the profile manager would check the current context, where appropriate read the associated secure profile, combine it with the currently selected user profile and on this basis grant or deny access.
In use, when a user selects an application or function, the selected application firstly has to check whether it can be implemented. Any request for functionality is therefore captured and either forwarded to the profile manager or cross checked with the secure database. Where the status of all functions is stored in a secure database, this is checked to determine whether the application can be opened. Where the request is forwarded to the profile manager, this checks the currently active user and secure profiles to determine whether the application or function can be implemented.
In the event that the profiles indicate that the application or function is disabled, the selected application is not allowed to run. In contrast, in the event that the active profile indicates that the application or function is not disabled, the selected application is allowed to run. Hence, the profile manager is able to enforce all currently active profiles.
The profile manager may be implemented in a number of different ways. In one embodiment it could be enforced in the kernel of the device in the drivers for the various functions. Each driver would refer to the secure database before activating the given function. In another embodiment, the profile manager could be implemented in the application programmer's interface (API). The profile manager would also have to be involved if the user edited the currently selected user profile or selected a different one, since in both these cases the secure database would need to be updated.
A skilled person will appreciate that variations of the disclosed arrangements are possible without departing from the invention. For example, whilst typically each of the camera, video and audio applications and the profile manager would be implemented in software and run on a processor (not shown), a full hardware implementation may be possible. Also whilst the user and secure areas are shown as part of the mobile device, it will be appreciated that either or both could be provided on a removable memory card. This would allow both the user and secure profiles to be transferred to a different device at will. Also, it allows the option of service providers providing memory devices with a secure profile of their choice as tickets to allow entry into a secure or restricted area. For example, an airline ticket could be provided as an electronic ticket with a profile that forces the mobile device to turn off all (RF) communication facilities but leaves the camera, diary functions and games still available. Of course, tickets of this nature could equally be downloaded directly onto the device. Equally, a cinema ticket profile could disable phone calls but still allow text messaging, and a sports club ticket could just disable the camera.
Accordingly the above description of the specific embodiment is made by way of example only and not for the purposes of limitation. It will be clear to the skilled person that minor modifications may be made without significant changes to the operation described.

Claims (5)

  1. Claims 1. A multi-function mobile device, such as a mobile telephone or
    PDA, including: a secure storage area for storing one or more context dependent secure profiles, each profile being indicative of functionality that is to be enforced or disabled and each being inaccessible to a device user; means for determining the context of the device, and means for implementing one of the secure profiles selected as a function of the determined context, so that one or more functions of the device are disabled or enforced.
  2. 2. A mobile device as claimed in claim 1 further including a user storage area for storing user profiles.
  3. 3. A mobile device as claimed in claim 2 wherein the means for implementing the selected secure profile are operable to use both the user profile and the selected secure profile to determine those functions that are to be enforced or disabled, wherein when there is a conflict between the user and secure profiles, the secure profile is given priority.
  4. 4. A mobile device as claimed in any of the preceding claims wherein the secure profile is provided on a removable memory device.
  5. 5. A memory device having a secure memory and one or more secure profiles for use in the mobile device of any of the preceding claims.
GB0426864A 2004-12-08 2004-12-08 Secure profiles for mobile devices Withdrawn GB2421147A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB0426864A GB2421147A (en) 2004-12-08 2004-12-08 Secure profiles for mobile devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0426864A GB2421147A (en) 2004-12-08 2004-12-08 Secure profiles for mobile devices

Publications (2)

Publication Number Publication Date
GB0426864D0 GB0426864D0 (en) 2005-01-12
GB2421147A true GB2421147A (en) 2006-06-14

Family

ID=34073349

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0426864A Withdrawn GB2421147A (en) 2004-12-08 2004-12-08 Secure profiles for mobile devices

Country Status (1)

Country Link
GB (1) GB2421147A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2471179A (en) * 2009-06-16 2010-12-22 Intel Corp Context-based limitation of mobile device operation
US8446398B2 (en) 2009-06-16 2013-05-21 Intel Corporation Power conservation for mobile device displays
US8776177B2 (en) 2009-06-16 2014-07-08 Intel Corporation Dynamic content preference and behavior sharing between computing devices
US8904164B2 (en) 2009-06-16 2014-12-02 Intel Corporation Multi-mode handheld wireless device to provide data utilizing combined context awareness and situational awareness
US9092069B2 (en) 2009-06-16 2015-07-28 Intel Corporation Customizable and predictive dictionary

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001067799A2 (en) * 2000-03-06 2001-09-13 Nokia Mobile Phones Method and apparatus for automatically changing the profile of a wireless terminal
US20030092428A1 (en) * 2001-11-15 2003-05-15 Ibm Corporation System and method for mitigating the mobile phone nuisance factor
GB2397196A (en) * 2003-01-08 2004-07-14 Nec Technologies Mobile communications device with location dependent mode of operation.

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001067799A2 (en) * 2000-03-06 2001-09-13 Nokia Mobile Phones Method and apparatus for automatically changing the profile of a wireless terminal
US20030092428A1 (en) * 2001-11-15 2003-05-15 Ibm Corporation System and method for mitigating the mobile phone nuisance factor
GB2397196A (en) * 2003-01-08 2004-07-14 Nec Technologies Mobile communications device with location dependent mode of operation.

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2471179A (en) * 2009-06-16 2010-12-22 Intel Corp Context-based limitation of mobile device operation
US8254957B2 (en) 2009-06-16 2012-08-28 Intel Corporation Context-based limitation of mobile device operation
US8446398B2 (en) 2009-06-16 2013-05-21 Intel Corporation Power conservation for mobile device displays
GB2471179B (en) * 2009-06-16 2013-06-19 Intel Corp Context-based limitation of mobile device operation
US8776177B2 (en) 2009-06-16 2014-07-08 Intel Corporation Dynamic content preference and behavior sharing between computing devices
US8803868B2 (en) 2009-06-16 2014-08-12 Intel Corporation Power conservation for mobile device displays
US8904164B2 (en) 2009-06-16 2014-12-02 Intel Corporation Multi-mode handheld wireless device to provide data utilizing combined context awareness and situational awareness
US8909915B2 (en) 2009-06-16 2014-12-09 Intel Corporation Multi-mode handheld wireless device with shared mode to support cross-mode communications
US9092069B2 (en) 2009-06-16 2015-07-28 Intel Corporation Customizable and predictive dictionary
TWI555374B (en) * 2009-06-16 2016-10-21 英特爾公司 Context-based limitation of mobile device operation

Also Published As

Publication number Publication date
GB0426864D0 (en) 2005-01-12

Similar Documents

Publication Publication Date Title
US7194273B2 (en) Location based service restrictions for mobile applications
US7769394B1 (en) System and method for location-based device control
KR101156238B1 (en) Context-based limitation of mobile device operation
US9571522B2 (en) Method for applying location-based control policy of mobile device
EP1825703B1 (en) Mobile phone policy management
US8755840B2 (en) Data execution control method and system therefor
US7945243B2 (en) Mobile communication terminal for protecting private contents and method for controlling the same
US8923891B2 (en) Intelligent location tagging for deterministic device behavior
TWI383637B (en) Systems and methods for controlling service access on a wireless communication device
EP1562355B1 (en) System and method for controlling functions of mobile communication terminal
US9661126B2 (en) Driving distraction reduction system and method
EP1445925A2 (en) Call screening based on location and context
US20060141985A1 (en) Dynamic management for interface access permissions
US20100099354A1 (en) Setting mobile device operating mode using near field communication
US8787941B2 (en) Prohibiting electronic device usage based on geographical location
JP2006203507A (en) Mobile terminal restricting its function, and radio communication system
WO2015026389A2 (en) Utilizations and applications of near field communications in mobile device management and security
JP3854863B2 (en) Function control method for information communication terminal, terminal control device, and information communication terminal
WO2018049609A1 (en) Permission control method and device
GB2421147A (en) Secure profiles for mobile devices
JP2008250930A (en) Data access control system, user information management device, data access determining device, mobile unit, and data access control method
EP1175804B1 (en) System and method for setting the mode of operation of an electronic device
EP1670270A1 (en) Method and means for controlling a mobile terminal
US20070265019A1 (en) Method and apparatus for switching the mode of radio equipment in certain environments
JP2005198038A (en) Portable terminal function control system and portable terminal

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)