WO2011022053A1 - Système et procédé de gestion de dispositif - Google Patents

Système et procédé de gestion de dispositif Download PDF

Info

Publication number
WO2011022053A1
WO2011022053A1 PCT/US2010/002264 US2010002264W WO2011022053A1 WO 2011022053 A1 WO2011022053 A1 WO 2011022053A1 US 2010002264 W US2010002264 W US 2010002264W WO 2011022053 A1 WO2011022053 A1 WO 2011022053A1
Authority
WO
WIPO (PCT)
Prior art keywords
local
devices
registration
hand held
device control
Prior art date
Application number
PCT/US2010/002264
Other languages
English (en)
Inventor
Errol David Naiman
David Edwin Crabbs
Original Assignee
Errol David Naiman
David Edwin Crabbs
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Errol David Naiman, David Edwin Crabbs filed Critical Errol David Naiman
Publication of WO2011022053A1 publication Critical patent/WO2011022053A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Definitions

  • the present invention relates generally to a system and methods for controlling hand held computer devices with communication features including a personal digital assistant (PDA), smart phone, tablet (iPad) or similar devices. More specifically, the present invention is directed to a system and methods for dynamically establishing, monitoring, and controlling hand held computer devices irrespective of the particular system used to operate the devices.
  • PDA personal digital assistant
  • iPad tablet
  • the monitoring, managing, and controlling of hand held computer devices provided to individual users is a desirable capability for those having ultimate
  • a hand held computing devices as used in this application can be wireless devices, such as any mobile device or smart mobile device, a personal data assistant (PDA), a smart hand-held computing device, a cellular telephone, a book reader, a tablet (e.g. iPad like device), laptop or netbook computer, hand held computer game console, a MP3 player, or similar hand held computer devices.
  • PDA personal data assistant
  • the business or individual or individuals having ultimate responsibility for such devices can be the device owner, an employer, the parent, or the guardian of the user and will be generally identified in the following as the owner.
  • Individuals and entities that wish to control the use of devices when on their premises or in their domain of control are identified in this application as a "policy control authority".
  • a policy control authority is a parent of children having access to different mobile devices or smart mobile devices under a single family membership, then certain restrictions on the use of the mobile device may be desirable.
  • the parent may wish to limit the time of day when the child can text to prevent texting on weekdays during night hours throughout a school year.
  • Other individuals, institutions, and business entities may also desire to control how such devices are utilized on their premises.
  • educational institutions may desire that limited access to device services that are available in a classroom setting, such as phone services or texting services.
  • Different instructors may desire different option availability of hand held computer device applications for different courses, sections of their courses, and/or for different tests.
  • Students at earlier stages of a course or in lower grade levels may be restricted from using some of the functions of a calculator application operating on the device during exams, etc., whereas later in the course or in upper grade levels may be expected to use such application functions during an exam to solve more advanced mathematical or scientific problems.
  • a problem exists with respect to the ability to place different restrictions on the use of a hand held computer devices with respect to location, time, and specific users in different environments by different commercial and non-commercial enterprises.
  • MDM Mobile Device Management
  • known systems have been focused on business MDM and government MDM. Such systems are directed to the support and security services of mobile devices owned by a particular enterprise with a focus often on access to enterprise data and systems. In these systems, the managers make device control decisions imposed by entities providing the devices to users. The managers also determine the control policies and management services that apply to the devices.
  • Such known MDM systems provide very little flexibility in the management of devices based on location, time, or enterprise by which the hand held computer devices may be controlled when the enterprise is other than the subscribing company.
  • the management and control techniques used with known MDM systems do not foster interoperability with competing entities and systems, and are often an obstacle to important uses of the device and desired applications.
  • Existing MDM systems are generally not able to manage and control end-user applications using different types of computer systems, operating systems, and applications software, interconnected by different types of local and wide area networks for hand held device users not
  • MDM systems Interoperability limitations of MDM systems have resulted in the loss of the availability of many useful applications, for example, limited or no control of devices when they are used in different locations (under the management and control of different control authorities) or in different social, educational, or business environments.
  • closed MDM systems are ones that require all of the devices controlled by the system to have a membership with the MDM system. Membership can take the form of, for example, employee/employer, service member and a unit of the Armed Forces, or an independent contractor relationship which are referred to as organizational relationships.
  • the management of devices is established by a policy control authority inputting data into the MDM system and policies are made obligatory to all of the members subscribing to the service - control of the device is mandatory and imposed by fiat.
  • the control of the devices is further limited by a geographic boundary of the MDM system. Other MDM systems operating by different control authorities in adjacent geographic regions typically do not operate with non-members of the subscribed to MDM system.
  • hand held computing devices are dynamic and are typified by changes to their operating characteristics that occur from time to time without authorization from a security system or an enterprise information technology department or controller.
  • a hand held computer device that is compliant with a MDM system can be readily changed to present a security risk subsequent to registration.
  • application software can be easily added to the devices from an application store or other less reliable or controlled sources.
  • Hand held computer devices can be "jail broken” and otherwise “hacked” introducing software imitating ("or spoofing") legitimate educational applications.
  • a device can be reset eliminating the device control software from the device without the permission or knowledge of the enterprise. Such "hacking and spoofing" could facilitate cheating or other unauthorized operations in, for example, a testing or other high security environment.
  • the present invention relates generally to a method and system for controlling hand held computer devices with communication features, and methods for dynamically establishing, monitoring and controlling the devices' behavior based on location and time.
  • the present invention also pertains to interoperable control regimes and policies established by separate control authorities which may be independent of the device owner. These control regimes may be layered and may also coexist and cooperate providing multiple benefits to the device owner, its user and the enterprises that implement and operate the device control regime.
  • MDM Mobile Device Management
  • OTA software over the air
  • MDM may also provide the ability to retrieve information from a device for troubleshooting and analysis.
  • the present MDM system can optimize mobile device functionality and ensure better interoperation with a different service provider's network.
  • the system is open to subscription by any device owner who chooses to voluntarily subscribe and have their device managed and to opt-in and have their device controlled.
  • the device owner benefits from the multiple independent entities who implement control regimes.
  • the system is open to any enterprises (inclusive of households) who implement MDM device control within the boundaries of the enterprise's premises.
  • the locus of such Open MDM (OMDM) control is limited to the geographic boundaries of the participating household's or enterprise's location or locations. Once the device is located outside the boundaries of those locations, the device-management regime restores the device to an uncontrolled state or to a default control policy established by the user (or their parents or guardian in the case of minor children).
  • OMDM Open MDM
  • One embodiment of the present invention has an open architecture that separates the provision, authentication of a subscribed user, establishment of control policies, and administration of the control policies into logically independent components.
  • OMDM can be implemented to provide substantial benefits in a variety of applications that include but are not limited to schools, homes, airlines in flight, movie theaters, testing authorities, etc.
  • One advantage of the present invention is the open opt-in feature.
  • Another advantage of the present invention is the multi-entity multi-policy independent device control feature.
  • One embodiment of the invention can provide "enterprise device management"- like services for those that may not be associated, for example, with a large enterprise with a sophisticated information technology (IT) department. Such embodiment may provide voluntary device management that renders hand-held computer devices more useful and more accepted. For the small business owner or for the operator of public services and facilities, the present embodiment can provide device management controls over a public who do not need to share a common employer or other
  • Voluntary opt-in device-management allows households and enterprises to adopt standard control policies.
  • the hand-held computing devices can be controlled on entry into the enterprise based on at least one of the following: global positioning satellite (GPS) coordinates; Near Field Communications (NFC) technologies and applications and/or standard policy profiles stored on a user's device at the time the device was registered and provisioned; or information provided in the device controller as described in the educational application below.
  • GPS global positioning satellite
  • NFC Near Field Communications
  • a device control policy based on time and location could be created in a smart phone application that has global positioning satellite services available.
  • a device control policy based on time and location could be implemented in a background process in a smart phone that listens for device controller communications, accepts and implements device control policy received from a device controller, enforces device control polices based on white (approved) and black
  • a policy control authority can use multiple redundant approaches that provide automated device management, control, and alerts to notify the policy control authority about possible out of compliance events. These could include applications related to test registration, check in procedures, GPS information, and local controller operation.
  • the degree of security can be arbitrarily set by a policy control authority based on selected implementations that one skilled in the art would be able to construct from the description that follows.
  • FIG. 1 shows an architecture diagram of an Open Mobile Device Management (OMDM) system in an illustrative embodiment incorporating features of the present invention
  • FIG. 2A and 2B show component diagrams of a system for a user to subscribe to the OMDM system, download device management software and have their device information registered in a global device management database in an illustrative embodiment incorporating features of the present invention
  • FIG. 3 shows a component diagram of an OMDM system for setting up or modifying device control policies governing approved applications and services to run on a hand held computer device in an illustrative embodiment incorporating features of the present invention
  • FIG. 4 shows a component diagram of an OMDM system for setting, establishing or modifying local device management policies governing approved applications to run on a hand held computer device in an illustrative embodiment incorporating features of the present invention
  • FIG. 5 shows a component diagram of an OMDM system for registering a new hand held computer device, periodic device compliance monitoring and authentication of the device, and updating an enterprise registration database in an illustrative embodiment incorporating features of the present invention
  • FIG. 6 shows a flow chart of a hand held computer device "no-click log-in" process in an illustrative embodiment incorporating features of the present invention
  • FIG 7 shows a flow chart of device control monitoring, event logging and alert processes in an illustrative embodiment incorporating features of the present invention.
  • a system and methods for controlling usage of a hand held computing device such as a wireless device, such as a personal data assistant, a smart hand-held computing device, a smart phone, a cellular telephone, a book reader, a tablet (e.g. devices similar to the Apple iPad), a laptop or netbook computer, hand held computer game console or MP3 player or similar computer devices is disclosed.
  • a hand held computing device such as a wireless device, such as a personal data assistant, a smart hand-held computing device, a smart phone, a cellular telephone, a book reader, a tablet (e.g. devices similar to the Apple iPad), a laptop or netbook computer, hand held computer game console or MP3 player or similar computer devices is disclosed.
  • communication channels may include cellular phone networks, cellular phone data services, and 802.11 x (Wi-Fi 33) and 802.15 x (Bluetooth) networking services and the like.
  • Restrictions on use of device functions can include, but are not limited to, specific hand held computing device applications, use of web browser or other web access and file transfer technology, electronic mails, telephone calls, text messaging, MP3 player, video player, camera usage, computer and video games, etc. and the myriad of applications available from a variety of sources including the iPhone and Android . application stores and the like.
  • a policy is a set of restrictions regarding which features of a hand held computer device will be available for use within specific time periods, geographic locations, or other parameters. These restrictions may relate to hardware and software features, functions and services such as access to WIFI, 3G, Bluetooth, camera, files, etc., that may be used, and also to general features such as persistence of state between separate usages of software applications.
  • a control domain can be a physical location such as a home, school, college campuses, retail facilities such as stores, gyms, etc., industrial offices, corporate offices, military bases or facilities, public facilities (e.g. airports, arenas, stadiums, theatres, churches, mosques, synagogues, or other religious facilities), etc.
  • control policies or policies are those that can limit the use of the following: software; services-specific hardware supported services such as camera, phone, texting and/or other network connections and services; access to files; persistence of the state of user applications; and a subset of features and functions an approved application can provide during a control session or in a particular context.
  • a context can be, for example, a test item, course module, or similar item.
  • Control policies may be implemented to invoke a function to wipe files created during a control session or in other circumstances.
  • Control policies illustrate the definition of control policies with reference to an embodiment relating to use in an educational setting.
  • Control policies as defined in this application have multiple applications in multiple industries so that the description provided here is not meant to limit the generality nor scope of the present invention.
  • Control policies can be implemented by specifying white list items and black list items.
  • White list items will mean for purposes of this application those features, functions, applications and tools, etc. that a user can use in the specific time or place or as otherwise controlled such as on exams as described below.
  • Black list items will mean for purposes of this application those features, functions, applications and tools, etc. that are off-limit and prohibited for use.
  • Embodiments of the present invention provide an easy to use tool for instructors to establish, add to, modify and delete items to the white list and black list.
  • control policies can exist in a particular time and location.
  • an instructor can assign students to different groups and each group can have a different control policy. This allows instructors to accommodate different lessons or lesson versions for different groups of students having different needs and/or capabilities that are simultaneously located in the same classroom.
  • employees and clients can be assigned to groups for the purpose of providing each of them different privileges or benefits.
  • employees and clients can be assigned to groups for the purpose of providing each of them different privileges or benefits.
  • a customer loyalty program application may provide different services, privileges and pricing to customers based on their group membership.
  • Other embodiments may allow a member of a grocery store's customer loyalty program to have their device equipped with a conformable shopping list application.
  • the member's device could communicate with the grocery store's "policy server" applications that provided weekly specials, special pricing for loyalty program members, suggested items of interest, and/or a map through the store so that the customer could minimize the time and effort required to do their shopping.
  • These applications could also include a check-out and payment function that utilized NFC technology and applications.
  • students can be assigned to different groups to suit the needs of the instructor's lesson plan and/or their individualized education program (IEP) as mandated by Federal government regulations.
  • IEP individualized education program
  • a broad policy may be selected for a curriculum and testing site, where an instructor could further define which program features and functions were available for use in the class, section of a course or during an exam. These could be used in conjunction with the policy group feature defined above to ensure compliance
  • control policy feature could be employed in an electronic test administration application that could vary the features and functions of an
  • FIG. 1 is a diagram that provides a general overview of the alternate uses and implementation of embodiments of the invention. Subsequent drawings show embodiments of a specific educational application, but such particular application should not be inferred to diminish the generality of the invention's application that spans both the public and private sectors.
  • numerous specific details are set forth in order to provide a more thorough disclosure of embodiments of the invention. It will be apparent to one skilled in the art that the embodiments disclosed may be practiced without all of the specific details provided for each embodiment. In some instances, well-known features may have not been described in detail so as not to obscure the features disclosed. Moreover, it is envisioned that features in the various embodiments may be used in other embodiments as is known to those skilled in the art.
  • SyncML MDM Extensible Markup Language
  • XML Extensible Markup Language
  • the invention will serve as the basis for a Device
  • Management module for an OMA hand held standard will promote multiplatform implementation of MDM technologies and provide an industry standard promoting interoperability.
  • FIG. 1 illustrates a first embodiment of the present invention which is an open MDM system, shown generally as 10.
  • the open MDM system 10 has a plurality of enterprises connected to one another via an internet connection 12.
  • the enterprises illustrated in the FIG. 1 embodiment are an educational institution 14, fitness center 16, corporation 18, movie theater 20, church 22, and airplane 24.
  • one or more other types of enterprises can be substituted for one or more of the above-described enterprises.
  • other embodiments of the invention may include residential housing, military installations, etc.
  • FIG. 1 illustrates independent hand held computer devices 26 of various users that can be connected to the internet 12. These users can voluntarily opt-in to the system 10 by subscription and have MDM control which is independent of the limited control provided by original equipment manufacturers. More specifically, in certain embodiments of the present invention, the present system is not manufacturer specific in terms of MDM control, but instead spans the breath of device manufacturers to provide a global hand held computer device management control system 10.
  • the embodiment of system 10 is open to subscription by any user of the devices 26 who voluntarily chooses to have their device managed and opt-in to have their device controlled by the system 10. Since the embodiment of system 10 is globally managed, an advantage of subscribing to the present system is that control is not limited according to specific boundaries, such as geographical boundaries.
  • a Global Device Management Services facility 28 provides registration, compliance and authentication services to various hand held computer devices; it may also provide one or more of the devices with downloads for the required hand-held device control application. Authentication services are particularly important, since a major benefit is the global service's frequent verification of the authenticity of the hand held device's device control software. The global service also provides registration support for local device controllers, facilitating their
  • a connection to the internet from various local device control servers and from the Global Device Management Services facility is preferably via a wired connections, such as connection 30. However, it is contemplated that most hand held devices will connect via a wireless facility with the present system.
  • FIG. 2A 1 an embodiment of a system now identified as 100 for providing network security for hand held computer devices is shown.
  • the system 100 of the embodiment shown in FIG. 2A is directed towards a user that is a student of an educational institution.
  • the system includes at least one hand held computer device, such as a student smart phone 102 having electronic data storage and software operability and capable of (operable for) wireless communication on a network, shown generally as 104.
  • the network 104 includes the internet connection 12 and also a wireless data network 106 constructed and configured for wireless communication between the at least one mobile device 100 and at least one device control server 108.
  • the device control server 108 further includes a multi-layered and/or multi-mode security system operable thereon to provide platform-independent security for controlling the device's capabilities and operation.
  • Application and device control software and policies 110 are also stored on the server 108, and synchronized with the smart phone 102.
  • subscription and registration software 112 are stored on the server 108 in this embodiment.
  • an embodiment of the smart phone 102 is selected by a user to have device control software 216 and application software 218 installed thereon. Upon completion of these installations, the smart phone 102 is registered in a global registration data base 114 shown in FIG. 2A.
  • the device control software 216 and device control policies controls the smart phone's functions when the smart phone is within the limits of a MDM and subject to its local device control server and control policies.
  • Such control enterprises can be, for example, the enterprises 14-24 shown in FIG. 1. Enforcement of the security policies set by the security software results in the smart phone 102 being able to access the network 104 and data, applications and device services associated with the network only if the user agrees to operate the smart phone 102 in compliance with the policies established by enterprises subscribed to the system.
  • the enterprises would subscribe to the system 100 for a specified fee and create policies related to each specific enterprise's device control needs.
  • Other embodiments may have enterprises being able to establish policies with payment of a fee, and device users paying fees for a subscription to global registry and authentication service 100.
  • FIG. 3 illustrates an example of a subscribing enterprise establishing MDM control policies specific to that enterprise.
  • an educational institution is shown as an enterprise.
  • a campus device control administrative officer is selected by the educational institution to operate an educational institution's policy console 300. More specifically, the campus device control administrator logs on to the educational institution's policy console 300 and accesses preferably via a secured connection a campus control server 302 which stores a MDM policy management module 304.
  • the MDM policy management module 304 provides a web page interface to policy creation logic that facilitates establishment of an educational institution MDM policy.
  • Policies can be implemented by using templates that are pre-populated with the most common policies typical for the type of enterprise. Thus, in the present example there can be templates specifically tailored for college, high school, or elementary school.
  • Policy values predetermined by the templates can be modified by a campus security officer accessing drop down lists and radio buttons.
  • the campus device control administrator may wish to make the policy values global in scope for the educational institution.
  • One such policy value might be preventing any modification to a rule that prohibits the use of cameras in locker rooms of the educational institution.
  • the campus device control administrator might select other less restrictive policy values if the educational institution desired more relaxed policies for other types of rules, such as camera use in a cafeteria or outside campus buildings.
  • the campus device control administrator can selectively impose a global policy value on specific policies of the educational institution, imposed less restrictive policy values, or authorize localized control of policy values to specific policies during log on of the educational institution's policy console 300.
  • a data management module 306 stored on the campus control server 302 may assist such that the MDM policy is recorded in a campus database 308.
  • the campus database 308 is connected to the data
  • the campus database 308 can further include storage for all class databases of the educational institution, or alternatively such class device control policies databases can be stored in separate databases connected to the campus database 308 as is known to those skilled in the art.
  • FIG. 4 illustrates and embodiment of a process by which an educational instructor of the educational institution may modify a default campus policy implemented by a campus security officer in a local area.
  • a student smart phone 102 selected by a user to have device control software 216 and application software 218 installed thereon, enters a zone 400.
  • the zone 400 can be a classroom of the educational institution.
  • a local policy console 402 and local controller 404 are also located in the zone. The local controller is preferably wirelessly connected to the local policy console 402 and smart phone 102.
  • the system permits the educational instructor to log on to the local console 402 and access, preferably via a secured connection, the local controller 404 which stores a local MDM policy management module 406.
  • the local MDM policy management module 406 provides a web page interface to policy creation logic that facilitates establishment of a local class MDM policy or policies. Policies can be implemented by using localized templates that are pre-populated with the most common local policies typical for the type of local environment within the specific enterprise.
  • the local controller 404 also has a local data management module 408 in this embodiment stored on the local controller.
  • the local controller 404 communicates with the campus controller 302.
  • the campus controller 302 communicates with the campus database 308 as discussed above with reference to FIG. 3.
  • the local console 402 and local controller 404 in this embodiment are shown being located within the zone 400, it is envisioned that one or both of these components could be located in an area outside the zone.
  • the local controller 404 could be in a storage area adjacent to the classroom.
  • the local controller 404 could be designed to operate with a plurality of zones (e.g., multiple classrooms).
  • FIG. 5 illustrates a process by which an educational institution's local MDM controllers 404 (one controller shown for brevity) constantly monitor for any new hand held computer device 100 requesting network service via a local registration verification module 406.
  • each controller 404 compares a respective device identity with the devices registered with the educational institution by sending an inquiry to the campus controller 302 and its registration module 304 which searches the campus registration data base 308. If registered, the registration module 304 sends the local registration verification module 406 a message indicating that the device is registered.
  • the campus registration module 304 interrogates the new hand held computer device 100 for its global registration information. Upon receipt of the global registration information, the campus registration module 304 interrogates a global registration server 108 running a registration authentication module 110 and the global registration data base 114 to authenticate the new hand held computer device 102.
  • the global registration server 108 returns appropriate compliance and registration records to the campus controller 302 and the campus registration module 304 creates a new registration record for the device 102 and adds it to the campus' master registration data base granting it permission to use the school's campus network.
  • the campus registration module 304 then sends a message to the local registration verification module 406 to notify the local registration verification module that the hand held computer unit 102 is registered and compliant.
  • the global device registration authentication module 304 If the global device registration authentication module 304 does not find a registration for the hand held computer device 102, then the global device registration authentication module returns a message of non-registration to the educational institution. The educational institution then issues an alert to the local control console 402.
  • FIG. 6 a flow chart illustrates the log in and monitoring of a hand held computer device in an educational environment for an embodiment of the present invention.
  • a student brings a hand held computer device that has been properly provisioned and registered with the educational institution onto the educational institution at start step 600.
  • the device controller starts at step 602.
  • a local controller's listener module listens (i.e., monitors whether the mobile device has entered a domain) for the mobile device at step 604.
  • Step 606 determines if the mobile device is detected, and if not the device controller keeps listening at step 604. If yes indicating that the device is detected, device login is initiated at step 608 and the local controller first requests the registration and compliance status of the hand held computer device.
  • step 610 the device transmits registration information.
  • the device control software if present, sends the registration and compliance information to the local controller. If not present, the device control software issues an alert at step 612.
  • the local controller validates the registration at step 614. If the device is registered, the local controller completes the login process and then initiates the device control and management logic at step 616. (See FIG. 7). If the device is not registered, then the local controller issues an alert at step 618.
  • the local controller begins device monitoring at step 702.
  • the local controller then issues an appropriate control policy to the hand held computer device at step 704.
  • the device next implements a policy at step 706 and then reports compliance with the policy at step 708.
  • the device is logged as compliant in step 710.
  • the local controller next starts periodic device monitoring at step 712, which includes polling the hand-held computing device periodically to ensure that the approved device management application is running, and in control of the device at step 714. If the local controller does not receive a proper response from a poll at step 714, then the local controller re-checks for compliance at step 712 and issued an alert at step 720.
  • Step 720 issues an alert to a local security official noting the time and tracking a duration and/or non-compliance which is stored in a session event database and which the local controller logs in the event log database at step 718.
  • a student desires to run a task (educational application, game, etc.) such will be monitored by the device's resident control software at step 714. If such tasks are not compliant with the enterprise policy, the control software will kill or prevent operation of the application and the non-compliant behavior will be reported at step 714 and an alert will be issued at step 720.
  • a task educational application, game, etc.
  • the registration process identifies the GPS coordinates of all enterprises near the device being registered and downloads those to the hand held computer device.
  • the GPS coordinates can be stored in a file and up loaded during registration, or alternatively, a user can identify an educational institution or other enterprise and if unknown provide the enterprise's address.
  • the control program Based on the enterprise location information, the control program continually monitors the device's location. When the device is within a predetermined distance of the enterprise during a first visit, the device can enter listener mode on the preferred control program security communication service (G3 Data, 802.11x, 802.15x, etc.). When a connection to a local networking service has been established, then the hand held computing device commences the local registration process as described above.
  • an enterprise interrogates its global registry to verify on-going compliance of all devices registered in the enterprise's master registration database.
  • the enterprise can rebuilt its enterprise database from the global master database.
  • the hand held device and local device control servers employ NFC technology and applications to perform the log in and registration processes described above.
  • the hand held device runs a proprietary service that begins a communication session with the local device controller.
  • the local device controller Upon receiving the session request, the local device controller first verifies the registration and compliance status of the requesting hand-held computing device as described above.
  • the local controller grants service and initiates monitoring.
  • the monitoring includes polling the hand-held computing device periodically to ensure that the approved application is running and in control of the device. If the local controller does not receive a proper response from a poll, then the local controller issues an alert to a local security official noting the time and tracks the duration or apparent non-compliance which it stores in a session event database. If a user desires to run another task such as an educational application, the device will start a new application if and only if it is permitted by the device control policy resident on the hand held device.
  • An example of the present invention for a single tasking operating system with low level access is now provided with reference to a student entering an educational domain.
  • the application runs a proprietary service that begins a communication session with the local controller.
  • the local controller Upon receiving the session request, the local controller first verifies the registration and compliance status of the requesting hand-held computing device. The local controller then verifies that the application requesting service is permitted by the local policy then extant.
  • the local controller Upon successful verifications in the above first and second steps, the local controller then permits service and initiates monitoring in a third step.
  • the local controller issues an alert to the local security official and logs the event into the local controller's event database.
  • the monitoring includes polling the hand-held computing device periodically to ensure that the approved application is running and in control of the device. While the session is live, the hand-held computing device answers the polling request with data detailing the applications and services active on the device.
  • the local controller files these polling status reports in an auditable device control record for each such device. If the local controller does not receive a proper response from a polling request, then the local controller issues an alert to the local security official noting the time and tracking the duration or apparent non-compliance which are stored in a session event database. If a student terminates one application and decides to run another approved application compliant with the security service according to the present invention, then the process goes to the third step above.
  • the application runs a proprietary device control low level service that begins a communication session with a local controller.
  • the local controller first verifies the registration and compliance status of the requesting hand-held computing device.
  • the local controller verifies that the application requesting service is permitted by the local policy then extant.
  • the local controller grants service and initiates monitoring.
  • the monitoring includes polling the hand-held computing device periodically to ensure that the approved application is running and in control of the device.
  • the local controller can update the list of approved services and applications as it receives policy modifications from an authorized security official.
  • the hand held computing device answers the polling request with data detailing the applications and services active on the device supplied by the low level device control service.
  • the low level service may employ either active or passive control strategies or both. Active control strategies enable only functions approved by the local security policy. Passive control strategies deny service to any request that is not on the policy approved services and applications.
  • the local controller files these polling status reports in an auditable device control record for each such device. If the local controller does not receive a proper response from a poll, then the local controller issues an alert to the local security official noting the time and tracking the duration or apparent non-compliance which is stored in a session event database. If the student initiates another task, then the local controller would examine the approved applications and services as contained in local controller's local copy of the policy. If the task is contained in a local copy of the policy on the local controller, then the local controller would permit the task or service to operate on the device, otherwise the local controller would deny the request.
  • ETS ETS for standardized tests such as the ACT, SAT, etc.
  • every test site could be configured such that a test site is an OMDM enterprise.
  • Such OMDM enterprises could interrogate a global registry to determine registration status, and if needed, the OMDM enterprises could create temporary registrations for the duration of a test for unregistered devices present at the test site. Such temporary registrations could be entered into the global device registry. Another embodiment would not record such "ad hoc" registrations in the global database.
  • Another embodiment is home device management for minor children or others. Such an embodiment would only need a central controller.
  • multiple polices could be implemented and tailored to the device management needs for each child.
  • multiple device management policies could be established for multiple classes of controlled hand held computer devices based on the characteristics of the device owner and/or other characteristics of the device owner's profile.
  • An exemplary embodiment is described for standardized test sites.
  • This embodiment is an example of multiple ad hoc embodiments that pertain to any authorized use or uses specified in a policy.
  • This embodiment is a specific case illustrative of the more general ad hoc embodiments.
  • the present invention may be used in this embodiment to control and monitor mobile calculating devices during the administration of standardized examinations.
  • a user arrives at a test site with a mobile device, and the user must register the device as a condition of being able to take the examination.
  • the registration by the user is done ad hoc at the test site, and involves making a positive connection between the hand held computer device and a local security controller managed by the test administrator.
  • the user will be using his mobile device as a graphing calculator.
  • the purpose of the registration process is to turn off unauthorized functionality of the device for the duration of the exam, and to monitor the device at regular intervals to verify that the device remains in compliance, with unauthorized functionality of the device remaining disabled until the user leaves the test site.
  • the user may be given a login identity.
  • the security controller acquires and stores the mobile device's identification.
  • the log on process may be implemented as a feature of the graphing calculator application on the mobile device.
  • an encrypted packet containing the security policy is downloaded to the mobile device and used to facilitate subsequent compliance monitoring transactions, each of which is also encrypted.
  • the security policy in this case can include a time interval (i.e., the duration of the exam), a geographic location (i.e., the test site), and a list of unauthorized functions to be disabled while the policy remains in effect (e.g., incoming/outgoing calls, text messaging, camera, voice recorder, blue tooth, wireless communication with anything other than the local security controller, applications other than the graphing calculator, etc.).
  • a time interval i.e., the duration of the exam
  • a geographic location i.e., the test site
  • a list of unauthorized functions to be disabled while the policy remains in effect e.g., incoming/outgoing calls, text messaging, camera, voice recorder, blue tooth, wireless communication with anything other than the local security controller, applications other than the graphing calculator, etc.
  • the hand held computer device is considered to be compliant for the specified time interval as long as the device remains in the specified geographic location, responds correctly each time the local security controller queries the device's status, and all unauthorized functions are verified disabled during each query. Otherwise, the hand held computer device is designated as non-compliant, and the local security controller takes an appropriate action to notify the exam administrator.
  • the default state is non-compliant, so the mobile device is automatically non-compliant prior to
  • All compliance monitoring transactions can be logged by the security controller, which can provide a full audit trail for each hand held computer device registered at the test site.
  • the local security monitor can also be the global security monitor in this scenario, since the local security monitor is the sole source of compliance policy for the administration of the exam.
  • the invention will provide a "no-click sign-on" process by continuously monitoring network traffic using traffic detection and analysis technology. This allows detection of traffic from unregistered devices and the signaling of an alarm indicating traffic from unregistered devices even if a hand held computer device does not have a monitoring application installed.
  • This embodiment would monitor traffic on all relevant wireless frequencies and all relevant protocols such as but not limited to 802.11 (Wi-Fi), 802.15 (Bluetooth), 802.16 (WiMax) and Carrier provided Wireless Cellular Data services such as but not limited to "3G” and "4G.”
  • the local device controller will interrogate the local registration and authentication database registry, and if necessary, the global registration and authentication database registry, to validate that the particular mobile computing device is registered, and also that the control software is authentic and compliant. This is accomplished by comparing the registration data received from the hand held computing device with that contained in the registry, including such information as to authenticate the control software.
  • This process allows a registered, authenticated and compliant hand held computer device to complete the login process without the device's user having to take any action. In a preferred embodiment, this could provide automatic attendance taking in a class room.
  • a controlling device is provided with hardware and software that allows it to control use of the hand held computing device.
  • the controlling device is, for instance, a wireless access device, a special hardware machine implementing key supervisory and control functions, telephone, a PDA, or personal computer comprising an application which provides a way to control the wireless access device.
  • the application runs on a controlling entity's wireless access point device.
  • the policy management application may be a web- based application where parameters are established using common web based user controls such as drop down lists, radio buttons and the like.
  • the policy management application may interact with the local security official in a structured dialogue.
  • the system and method may for example be used by a controlling entity (Controller) such as a parent, to control or manage use of a child's cellular telephone, a school administrator or their delegated security official to set campus policies controlling students use of their smart devices, a classroom teacher or an exam proctor or the like to set local policies that are more or less restrictive than the campus policy, or an International testing agency to ensure the uniform
  • the testing agency can develop a standard policy which can be disseminated globally to all local control devices.
  • the testing authorities may be directly supplied verified compliant local control devices that they can distribute under the security methods they use for their test materials.
  • the present invention provides for a multi-layered policy regime.
  • a campus policy sets the defaults for a campus. In some instances, those policy settings are absolute and cannot be modified. Local policies established by instructors for their classes can more or less restrictive than the campus policy. Special policy provisions can be made for certain testing authorities during their testing. For example, testing authorities can establish policies that supersede campus policies. These policies could be distributed via a central service to the appropriate locations or by the agencies directly.
  • the present invention permits restrictions based on time by identifying periods when the child or student may make use of the hand held computer device. For example, telephone calls may be restricted based on time of day, such as during class, or day of the week, such as weekdays or weekends when different policies might apply.
  • the present invention permits restrictions based on location.
  • the enterprise controller might establish different policies for locker rooms and language labs.
  • the identified time restrictions are stored in an enterprise control database accessed by the authorized hand held computer devices. Teachers, proctors, etc. can modify the enterprise policies as they deem appropriate if permitted by their
  • the local controller devices communicate with security software on the hand held computer devices to either affirmatively enable or disable (or both) the applications and services that the device can employ or run.
  • students and or their parents opt-in to device control by acquiring software for their device and registering their hand held computer devices with a central registry. During the software installation and registration process on the devices, certain unique parameters are established that permit the registry to validate the authenticity and continued compliance of the devices. In an embodiment, the registry periodically audits the continued compliance of the device. Moreover, the registry and compliance service will be provided on a subscription basis.
  • a foreign device i.e., new device external to a domain
  • controllers will interrogate the new device.
  • the foreign device will report a registration status, with a failure to respond indicating non-compliance. If the foreign device reports that it is compliant, then the local controller will interrogate the global registration and authentication database registry to validate that the particular hand-held computing device is registered and compliant. This is done by comparing data received from the foreign device with that contained in the global registration and authentication registry.
  • the foreign device If the foreign device is not registered in the global registration and authentication registry, or not in compliance an alert will be sent to the local control official. If the foreign device is compliant, then the foreign device will be registered with the enterprise device registration data base.
  • hand held computer devices can be validated at the examination site prior to administering of the test.
  • instructors could be provided with lists of approved devices detected with the associated student names.
  • the teachers could further implement a campus policy for non-controlled devices which were being used in unauthorized ways.
  • a campus can have a registration procedure so that students would be required to have their devices provisioned and authenticated as being compliant.
  • compliance and control procedures would not invoke privacy issues since such procedures would be self-selected by parents, guardians, or students on an explicit opt-in procedure and as explicitly detailed in an end user license agreement (EULA).
  • EULA end user license agreement
  • Unauthorized searches of the device owner's files would not be allowed unless there was significant evidence of illicit use of the device or possession of lost or stolen property. Such evidence could be produced by the present invention's audit and verification procedures that the device owner had explicitly authorized.
  • a situation where a device operator's authorization might not be present would be where an instrument was, for example, lost or stolen and used without an owner's permission.
  • the present invention could indicate new phones coming into a domain. Teachers or other officials might decide to investigate if the name in the registry and the student using the device did not match. Lost or stolen devices could also be reported to the registry and alerts could be dispatched to local officials indicating that a specific device was reported as lost or stolen.
  • one embodiment of the present invention can have device control affected by a layer upon which an educational application operates, and would continually report the controlling device status. Failure to report a status to the controller would create compliance alert.
  • the communication between the controller and the device control software would be encrypted and contain information that would be unique and not easily replicated by hacked software or spoofing.
  • device control in a multitasking environment with low level system management access, device control can be achieved by a low level control program that would monitor, control, and report system status providing audit trails and
  • Communication with the controlling device could be in a manner similar to that described above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

La présente invention concerne un procédé de gestion de dispositif, comprenant les étapes suivantes : téléchargement d'une application de contrôle de dispositif vers un ou plusieurs dispositifs de terminal de poche ; enregistrement du ou des dispositifs de terminal de poche avec la base de registre globale, d'authentification et de service de compliance ; et établissement d'une session de communication entre le(s) dispositif(s) de terminal de poche et l'équipement de contrôle de dispositif local. Le procédé comprend également les étapes suivantes : création de la session de communication entre le(s) dispositif(s) de terminal de poche et l'équipement de contrôle de dispositif local ; vérification de l'enregistrement et du statut de compliance du ou des dispositifs de terminal de poche ; et surveillance de l'utilisation de la ou des applications approuvées et du ou des dispositifs de terminal de poche, comprenant une ou plusieurs restrictions dans l'utilisation du ou des dispositifs de terminal de poche et de leurs caractéristiques et fonctions.
PCT/US2010/002264 2009-08-18 2010-08-18 Système et procédé de gestion de dispositif WO2011022053A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US27452809P 2009-08-18 2009-08-18
US61/274,528 2009-08-18

Publications (1)

Publication Number Publication Date
WO2011022053A1 true WO2011022053A1 (fr) 2011-02-24

Family

ID=43607262

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2010/002264 WO2011022053A1 (fr) 2009-08-18 2010-08-18 Système et procédé de gestion de dispositif

Country Status (1)

Country Link
WO (1) WO2011022053A1 (fr)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013006553A1 (fr) * 2011-07-01 2013-01-10 Fiberlink Communications Corporation Actions à base de règles pour gestion de dispositif mobile
WO2014004403A1 (fr) 2012-06-27 2014-01-03 Amazon Technologies, Inc. Gestion d'un groupe de dispositifs électroniques
US20140258511A1 (en) * 2013-03-11 2014-09-11 Bluebox Security Inc. Methods and Apparatus for Reestablishing Secure Network Communications
EP2898444A4 (fr) * 2012-09-20 2016-04-27 Airwatch Llc Contrôle de la distribution des ressources sur un réseau
NL2016522A (en) * 2014-04-16 2016-09-23 Jamf Software Llc Device management server.
US9571554B1 (en) * 2013-05-09 2017-02-14 Amazon Technologies, Inc. Directed interaction of device
US9680763B2 (en) 2012-02-14 2017-06-13 Airwatch, Llc Controlling distribution of resources in a network
US9935847B2 (en) 2014-08-20 2018-04-03 Jamf Software, Llc Dynamic grouping of managed devices
US10404615B2 (en) 2012-02-14 2019-09-03 Airwatch, Llc Controlling distribution of resources on a network
WO2020227005A1 (fr) * 2019-05-06 2020-11-12 Apple Inc. Configuration de restrictions basées sur le contexte pour un dispositif informatique
CN113194022A (zh) * 2020-01-14 2021-07-30 连株式会社 用于使消息应用程序之聊天室失效之电子装置、方法及计算机可读记录介质
US11824644B2 (en) 2013-03-14 2023-11-21 Airwatch, Llc Controlling electronically communicated resources

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6031830A (en) * 1996-08-07 2000-02-29 Telxon Corporation Wireless software upgrades with version control
US6553375B1 (en) * 1998-11-25 2003-04-22 International Business Machines Corporation Method and apparatus for server based handheld application and database management
US20060094412A1 (en) * 2004-10-29 2006-05-04 Yoko Nonoyama System and method for restricting functionality of a mobile device
US20080070495A1 (en) * 2006-08-18 2008-03-20 Michael Stricklen Mobile device management
US20080076400A1 (en) * 2006-09-21 2008-03-27 Research In Motion Limited System and method for electronic notes in a mobile environment
US20080125079A1 (en) * 2006-11-07 2008-05-29 O'neil Douglas Methods, systems and computer products for remote monitoring and control of application usage on mobile devices

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6031830A (en) * 1996-08-07 2000-02-29 Telxon Corporation Wireless software upgrades with version control
US6553375B1 (en) * 1998-11-25 2003-04-22 International Business Machines Corporation Method and apparatus for server based handheld application and database management
US20060094412A1 (en) * 2004-10-29 2006-05-04 Yoko Nonoyama System and method for restricting functionality of a mobile device
US20080070495A1 (en) * 2006-08-18 2008-03-20 Michael Stricklen Mobile device management
US20080076400A1 (en) * 2006-09-21 2008-03-27 Research In Motion Limited System and method for electronic notes in a mobile environment
US20080125079A1 (en) * 2006-11-07 2008-05-29 O'neil Douglas Methods, systems and computer products for remote monitoring and control of application usage on mobile devices

Cited By (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9071518B2 (en) 2011-07-01 2015-06-30 Fiberlink Communications Corporation Rules based actions for mobile device management
WO2013006553A1 (fr) * 2011-07-01 2013-01-10 Fiberlink Communications Corporation Actions à base de règles pour gestion de dispositif mobile
US9680763B2 (en) 2012-02-14 2017-06-13 Airwatch, Llc Controlling distribution of resources in a network
US10404615B2 (en) 2012-02-14 2019-09-03 Airwatch, Llc Controlling distribution of resources on a network
US11082355B2 (en) 2012-02-14 2021-08-03 Airwatch, Llc Controllng distribution of resources in a network
US10951541B2 (en) 2012-02-14 2021-03-16 Airwatch, Llc Controlling distribution of resources on a network
US11483252B2 (en) 2012-02-14 2022-10-25 Airwatch, Llc Controlling distribution of resources on a network
US9705813B2 (en) 2012-02-14 2017-07-11 Airwatch, Llc Controlling distribution of resources on a network
US9021069B2 (en) 2012-06-27 2015-04-28 Amazon Technologies, Inc. Preventing deregistration from fleet accounts
WO2014004403A1 (fr) 2012-06-27 2014-01-03 Amazon Technologies, Inc. Gestion d'un groupe de dispositifs électroniques
EP3301604A1 (fr) * 2012-09-20 2018-04-04 Airwatch LLC Régulation de la distribution de ressources sur un réseau
EP2898444A4 (fr) * 2012-09-20 2016-04-27 Airwatch Llc Contrôle de la distribution des ressources sur un réseau
US20140258511A1 (en) * 2013-03-11 2014-09-11 Bluebox Security Inc. Methods and Apparatus for Reestablishing Secure Network Communications
US11824644B2 (en) 2013-03-14 2023-11-21 Airwatch, Llc Controlling electronically communicated resources
US9571554B1 (en) * 2013-05-09 2017-02-14 Amazon Technologies, Inc. Directed interaction of device
US9998914B2 (en) 2014-04-16 2018-06-12 Jamf Software, Llc Using a mobile device to restrict focus and perform operations at another mobile device
US10484867B2 (en) 2014-04-16 2019-11-19 Jamf Software, Llc Device management based on wireless beacons
US10313874B2 (en) 2014-04-16 2019-06-04 Jamf Software, Llc Device management based on wireless beacons
NL2016522A (en) * 2014-04-16 2016-09-23 Jamf Software Llc Device management server.
US9935847B2 (en) 2014-08-20 2018-04-03 Jamf Software, Llc Dynamic grouping of managed devices
WO2020227005A1 (fr) * 2019-05-06 2020-11-12 Apple Inc. Configuration de restrictions basées sur le contexte pour un dispositif informatique
CN113785295A (zh) * 2019-05-06 2021-12-10 苹果公司 为计算设备配置基于背景的限制
US11468197B2 (en) 2019-05-06 2022-10-11 Apple Inc. Configuring context-based restrictions for a computing device
CN113194022A (zh) * 2020-01-14 2021-07-30 连株式会社 用于使消息应用程序之聊天室失效之电子装置、方法及计算机可读记录介质

Similar Documents

Publication Publication Date Title
WO2011022053A1 (fr) Système et procédé de gestion de dispositif
JP7238015B2 (ja) 他のモバイル装置での集中を制限して動作を行なうためにモバイル装置を使用すること
ES2730829T3 (es) Formación y gestión inteligente de grupos de conversación dinámicos
KR102571829B1 (ko) 코어 네트워크 액세스 제공자
US7203752B2 (en) Method and system for managing location information for wireless communications devices
US20080242268A1 (en) Methods, Systems and Computer Program Products for Remotely Controlling Wireless Terminals
US9037714B2 (en) Cross-platform application manager
US20140215573A1 (en) System and method for application accounts
JP2019527880A (ja) サービスにアクセスするための多要素認証
US9699055B2 (en) Client-independent network supervision application
US20030008662A1 (en) Systems and methods wherein a mobile user device operates in accordance with a location policy and user device information
WO2018031308A1 (fr) Services basés sur la localisation privée sécurisée
US11594085B2 (en) Electronic identification, location tracking, communication and notification system with beacon clustering
WO2008060320A2 (fr) Procédé et système de commande d'accès à un réseau d'entreprise, et de gestion, pour des entités gouvernementales et des entités ayant la qualité de personne morale
KR20150122637A (ko) 모바일 디바이스 관리 및 보안 분야에서 근거리 무선 통신의 활용 및 응용
CN101313555A (zh) 一种授权管理系统和方法及授权管理服务器
Butkus A user centric identity management for internet of things
US10402558B2 (en) Device restrictions during events
KR101263423B1 (ko) 이동 사용자 단말기를 이용한 로그인 확인 및 승인 서비스 구현 방법
US20160295412A1 (en) Wireless network access for social network connections
CN106330899A (zh) 私有云设备账号管理方法、系统、电子设备及服务器
US11575711B2 (en) Device management system
JP2006092040A (ja) サービス提供システムおよび方法
US11694279B1 (en) Dynamic creation of interactive user device pools
US11900748B2 (en) System for analyzing and attesting physical access

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10810275

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10810275

Country of ref document: EP

Kind code of ref document: A1