U.S. patent application number 14/959492 was filed with the patent office on 2017-06-08 for method to secure protected content on a mobile device.
The applicant listed for this patent is BOTTOMLINE TECHNOLOGIES (DE) INC.. Invention is credited to Alexander Deeb, Durga Nagalla.
Application Number | 20170163664 14/959492 |
Document ID | / |
Family ID | 57590868 |
Filed Date | 2017-06-08 |
United States Patent
Application |
20170163664 |
Kind Code |
A1 |
Nagalla; Durga ; et
al. |
June 8, 2017 |
METHOD TO SECURE PROTECTED CONTENT ON A MOBILE DEVICE
Abstract
A method and device for securing data accessed by a mobile
device. The mobile device detects a request to record content
displayed on a display of the mobile device. A determination is
then made regarding whether the content that was displayed on the
screen when the request to record was received is protected
content. If the displayed content was protected, then a third party
is notified that a security breach has been detected. A remedial
action is also performed regarding the security breach.
Inventors: |
Nagalla; Durga; (Woburn,
MA) ; Deeb; Alexander; (Portsmouth, NH) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
BOTTOMLINE TECHNOLOGIES (DE) INC. |
PORTSMOUTH |
NH |
US |
|
|
Family ID: |
57590868 |
Appl. No.: |
14/959492 |
Filed: |
December 4, 2015 |
Current U.S.
Class: |
1/1 |
Current CPC
Class: |
H04W 12/02 20130101;
G06F 21/554 20130101; G06F 21/566 20130101; H04L 63/1416 20130101;
H04M 1/67 20130101; H04W 12/12 20130101; H04L 63/10 20130101; H04L
63/1441 20130101; G06F 21/6245 20130101; G06F 21/88 20130101; H04W
12/0027 20190101 |
International
Class: |
H04L 29/06 20060101
H04L029/06 |
Claims
1. A mobile device configured to prevent electronic data from being
compromised, the mobile device comprising: a non-transitory
computer readable memory; a network interface; a display configured
to display protected content and non-protected content; and a
processor configured to: access protected content; detect a
security breach by: receiving a request to record content currently
displayed on the display; detecting the content displayed on the
display when the request to record currently displayed content was
received; and determining that the content displayed on the display
when the request was received is the protected content; and if a
security breach is detected: notify a third party via the network
interface that the security breach occurred; and perform a remedial
action.
2. The mobile device of claim 1, wherein the content is determined
to be protected content if an application executed by the processor
and generating the content being displayed is flagged as a
protected application.
3. The mobile device of claim 1, wherein the processor is
configured to determine that the content displayed on the display
when the request was received is the protected content by:
notifying an application generating the content being displayed
that the request to record content was received; and receiving from
the application an indication that the content being displayed is
the protected content.
4. The mobile device of claim 1, wherein the notification that the
security breach occurred includes information identifying at least
one of the mobile device or a user of the mobile device.
5. The mobile device of claim 4, wherein the identifying
information includes at least one of a username, a geo-location of
the device, a device identifier, or an image captured by a camera
of the mobile device after the request to record was received.
6. The mobile device of claim 1, wherein the notification to the
third party includes multiple notifications sent to different
network locations.
7. The mobile device of claim 1, wherein the notification that the
security breach occurred includes a record of the content displayed
on the display when the request was received.
8. The mobile device of claim 1, wherein the remedial action
comprises at least one of deleting data stored on the mobile
device, capturing an image of a user of the mobile device when the
request to capture a screen shot was received, disabling the mobile
device, or disabling login credentials used to access the protected
content.
9. The mobile device of claim 1, wherein the processor performs the
remedial action after receiving a request via the network interface
to perform the remedial action.
10. A method to prevent data viewed on a mobile device from being
compromised, the method comprising: receiving a request to record
content currently displayed on a display of the mobile device;
detecting the content displayed on the display when the request to
record currently displayed content was received; determining if the
content displayed on the display when the request was received is
the protected content; if the content displayed when the request
was received is the protected content: notify a third party via a
network interface of the mobile device that the security breach
occurred; and perform a remedial action.
11. The method of claim 10, wherein the content is determined to be
protected content if an application generating the content being
displayed is flagged as a protected application.
12. The method of claim 10, wherein the content displayed on the
display when the request was received is determined to be the
protected content by: notifying an application generating the
content being displayed that the request to record content was
received; and receiving from the application an indication that the
content being displayed is the protected content.
13. The method of claim 10, wherein the notification that the
security breach occurred includes information identifying at least
one of the mobile device or a user of the mobile device.
14. The method of claim 13, wherein the identifying information
includes at least one of a username, a geo-location of the device,
a device identifier, or an image captured by a camera of the mobile
device after the request to record was received.
15. The method of claim 10, wherein the notification that the
security breach occurred includes a record of the content displayed
on the display when the request was received.
16. The method of claim 10, wherein the remedial action comprises
at least one of deleting data stored on the mobile device,
capturing an image of a user of the mobile device when the request
to capture a screen shot was received, disabling the mobile device,
or disabling login credentials used to access the protected
content.
17. The method of claim 10, wherein the remedial action is
performed after receiving a request to perform the remedial
action.
18. A system configured to prevent data viewed on a mobile device
from being compromised, the system including: the mobile device
comprising: a non-transitory computer readable memory, a network
interface, and a display; and a processor configured to: access
protected content; detect a security breach by: receiving a request
to record content currently displayed on the display; detecting the
content displayed on the display when the request to record
currently displayed content was received; and determining that the
content displayed on the display when the request was received is
the protected content; and if a security breach is detected,
sending a notification to a third party computer via the network
interface, wherein the notification indicates that the security
breach occurred; and the third party computer comprising: a
communication interface configured to communicate with the network
interface of the mobile device and receive the notification from
the mobile device; a processor configured to: receive the
notification from the communication interface, wherein the
notification includes information regarding the protected content
displayed on the display when the request was received and a user
of the mobile device; determine the nature of the protected content
displayed on the display when the request was received; based on
the nature of the protected content and the user of the mobile
device, determine a remedial action to perform; send an indication
of the remedial action to perform to the mobile device; wherein the
processor of the mobile device is further configured to perform the
remedial action indicated by the third party computer.
Description
TECHNICAL FIELD
[0001] The present invention relates to data security and, more
particularly, to a method and system for securing electronic data
on a mobile device.
BACKGROUND OF THE INVENTION
[0002] Mobile devices are frequently being used to access sensitive
and protected data. For example, healthcare professionals are able
to receive the results of medical tests, view diagnostic images,
and review patient records using mobile devices. As the amount of
electronic data has dramatically increased over the past decade, so
have the number of data breaches, resulting in billions of private
records being stolen. For this reason, much research has gone into
improved methods of securing data.
[0003] Current methods for protecting data generally utilize
sophisticated encryption schemes and/or multi-factor authentication
in order to ensure that only authorized users gain access to the
data. These current methods "trigger" on "who" is accessing the
data and the current methods are typically constructed and deployed
as "layers" of security starting potentially as true physical
layers at the perimeter and culminating as encrypt/decrypt
schemes.
SUMMARY OF THE INVENTION
[0004] The methods for protecting data described above do not
adequately protect user data. For example, the above security
measures do nothing to prevent a user that has the correct access
credentials from copying and transferring protected data. This
problem is particularly prevalent in mobile devices where a user
(authorized or otherwise) can simply perform a screen capture of
the protected data. At this point, the user is free to transfer the
screen capture of the protected data. This is a problem unique to
mobile devices in that the devices are frequently taken into public
and are capable of accessing sensitive data. In this way, if a user
leaves their phone unlocked in public, a third party can pick up
the phone and take a screen capture of the data. The screen capture
can be transferred from the phone without the user ever being
aware. Mobile devices, unlike personal computers and physical
paperwork, are taken frequently into public places and are more
likely to be left unattended on a table, in a bag, etc. than a
print out of sensitive data or a computer would be.
[0005] The present disclosure provides a method for securing data
by detecting a request to record content, determining whether the
content to be recorded is protected, notifying a third party that a
security breach has been detected, and performing a remedial
action.
[0006] According to one aspect of the disclosure, there is provided
a mobile device configured to prevent electronic data from being
compromised. The mobile device includes: a non-transitory computer
readable memory, a network interface, a display configured to
display protected content and non-protected content, and a
processor. The processor is configured to access protected content
and detect a security breach. The processor detects a security
breach by: receiving a request to record content currently
displayed on the display; detecting the content displayed on the
display when the request to record currently displayed content was
received; and determining that the content displayed on the display
when the request was received is the protected content. If a
security breach is detected, the processor notifies a third party
via the network interface that the security breach occurred and
performs a remedial action.
[0007] Alternatively or additionally, the content is determined to
be protected content if an application executed by the processor
and generating the content being displayed is flagged as a
protected application.
[0008] Alternatively or additionally, the processor is configured
to determine that the content displayed on the display when the
request was received is the protected content by: notifying an
application generating the content being displayed that the request
to record content was received and receiving from the application
an indication that the content being displayed is the protected
content.
[0009] Alternatively or additionally, the notification that the
security breach occurred includes information identifying at least
one of the mobile device or a user of the mobile device.
[0010] Alternatively or additionally, the identifying information
includes at least one of a username, a geo-location of the device,
a device identifier, or an image captured by a camera of the mobile
device after the request to record was received.
[0011] Alternatively or additionally, the notification to the third
party includes multiple notifications sent to different network
locations.
[0012] Alternatively or additionally, the notification that the
security breach occurred includes a record of the content displayed
on the display when the request was received.
[0013] Alternatively or additionally, the remedial action includes
at least one of deleting data stored on the mobile device,
capturing an image of a user of the mobile device when the request
to capture a screen shot was received, disabling the mobile device,
or disabling login credentials used to access the protected
content.
[0014] Alternatively or additionally, the processor performs the
remedial action after receiving a request via the network interface
to perform the remedial action.
[0015] According to another aspect of the disclosure, there is
provided a method to prevent data viewed on a mobile device from
being compromised. The method includes receiving a request to
record content currently displayed on a display of the mobile
device and detecting the content displayed on the display when the
request to record currently displayed content was received. The
method also includes determining if the content displayed on the
display when the request was received is the protected content. If
the content displayed when the request was received is the
protected content: the method notifies a third party via a network
interface of the mobile device that the security breach occurred
and performs a remedial action.
[0016] Alternatively or additionally, the content is determined to
be protected content if an application generating the content being
displayed is flagged as a protected application.
[0017] Alternatively or additionally, the content displayed on the
display when the request was received is determined to be the
protected content by: notifying an application generating the
content being displayed that the request to record content was
received and receiving from the application an indication that the
content being displayed is the protected content.
[0018] Alternatively or additionally, the notification that the
security breach occurred includes information identifying at least
one of the mobile device or a user of the mobile device.
[0019] Alternatively or additionally, the identifying information
includes at least one of a username, a geo-location of the device,
a device identifier, or an image captured by a camera of the mobile
device after the request to record was received.
[0020] Alternatively or additionally, the notification that the
security breach occurred includes a record of the content displayed
on the display when the request was received.
[0021] Alternatively or additionally, the remedial action includes
at least one of deleting data stored on the mobile device,
capturing an image of a user of the mobile device when the request
to capture a screen shot was received, disabling the mobile device,
or disabling login credentials used to access the protected
content.
[0022] Alternatively or additionally, the remedial action is
performed after receiving a request to perform the remedial
action.
[0023] According to a further aspect of the disclosure, there is
provided a system configured to prevent data viewed on a mobile
device from being compromised. The system includes a mobile device
including: a non-transitory computer readable memory, a network
interface, and a display. The mobile device also includes a
processor configured to access protected content and detect a
security breach by: receiving a request to record content currently
displayed on the display, detecting the content displayed on the
display when the request to record currently displayed content was
received;, and determining that the content displayed on the
display when the request was received is the protected content. If
a security breach is detected, the processor sends a notification
to a third party computer via the network interface. The
notification indicates that the security breach occurred. The
system also includes a third party computer. The third party
computer includes a communication interface configured to
communicate with the network interface of the mobile device and
receive the notification from the mobile device and a processor.
The processor of the third party computer is configured to: receive
the notification from the communication interface, determine the
nature of the protected content displayed on the display when the
request was received, based on the nature of the protected content
and the user of the mobile device, determine a remedial action to
perform, and send an indication of the remedial action to perform
to the mobile device. The notification includes information
regarding the protected content displayed on the display when the
request was received and a user of the mobile device. The processor
of the mobile device is further configured to perform the remedial
action indicated by the third party computer.
[0024] A number of features are described herein with respect to
embodiments of this disclosure. Features described with respect to
a given embodiment also may be employed in connection with other
embodiments.
[0025] For a better understanding of the present disclosure,
together with other and further aspects thereof, reference is made
to the following description, taken in conjunction with the
accompanying drawings. The scope of the disclosure is set forth in
the appended claims, which set forth in detail certain illustrative
embodiments. These embodiments are indicative, however, of but a
few of the various ways in which the principles of the disclosure
may be employed.
BRIEF DESCRIPTION OF THE DRAWINGS
[0026] FIG. 1 is a block diagram representing a system for
protecting electronic data accessed via a mobile device.
[0027] FIG. 2 is a ladder diagram illustrating communication
between the operating system, application, display, and server
within the system of FIG. 1.
[0028] FIG. 3 is a flow diagram representing a method for
protecting electronic data accessed via a mobile device.
DETAILED DESCRIPTION OF THE INVENTION
[0029] The present invention is now described in detail with
reference to the drawings. In the drawings, each element with a
reference number is similar to other elements with the same
reference number independent of any letter designation following
the reference number. In the text, a reference number with a
specific letter designation following the reference number refers
to the specific element with the number and letter designation and
a reference number without a specific letter designation refers to
all elements with the same reference number independent of any
letter designation following the reference number in the
drawings.
[0030] It should be appreciated that many of the elements discussed
in this specification may be implemented in a hardware circuit(s),
a processor executing software code or instructions which are
encoded within computer readable media accessible to the processor,
or a combination of a hardware circuit(s) and a processor or
control block of an integrated circuit executing machine readable
code encoded within a computer readable media. As such, the term
circuit, module, server, application, or other equivalent
description of an element as used throughout this specification is,
unless otherwise indicated, intended to encompass a hardware
circuit (whether discrete elements or an integrated circuit block),
a processor or control block executing code encoded in a computer
readable media, or a combination of a hardware circuit(s) and a
processor and/or control block executing such code.
[0031] The present disclosure provides a method and device for
securing data accessed by a mobile device. The mobile device
detects a request to record content displayed on a display of the
mobile device. A determination is then made regarding whether the
content that was displayed on the screen when the request to record
was received is protected content. If the displayed content was
protected, then a third party is notified that a security breach
has been detected. A remedial action is also performed regarding
the security breach.
[0032] FIG. 1 depicts a system 10 for preventing electronic data
from being compromised. In particular, the system prevents
protected content from being copied and transferred from the mobile
device. The system 10 includes a mobile device 12 and a server 14.
The mobile device 12 includes a processor 20 and a memory 22
storing an application 24 and an operating system 28. The
application 24 and operating system 28 are executable programs that
are executed by the processor 20 of the mobile device 12. The
application 24 generates content that is displayed on a display 30
of the mobile device. Some of the content displayed on the display
30 is the protected content.
[0033] The server 14 may be a computer system of one or more
computers or servers. The mobile device 12 may comprise a cellular
phone, smart phone, tablet, or any other portable electronic device
capable of executing the application 24 and operating system 28.
The mobile device 12 and server 14 each include at least a
processor, a network interface, and non-transitory computer
readable medium. The computer readable medium may include encoded
thereon instructions for interfacing with the corresponding network
interface and reading and writing data to the corresponding
computer readable medium. The computer readable medium may also
include computer programs (including the application 24) comprising
instructions embodied thereon that are executed by the
corresponding processor.
[0034] The mobile device 12 includes a display 30 configured to
display protected content and non-protected content. The display 30
may comprise any suitable display for rendering content, such as a
liquid crystal display (LCD), organic light-emitting diode (OLED),
light-emitting diode (LED), electronic ink (E-ink), etc. The
content displayed by the display 30 may be determined by the
operating system 28 and/or applications executed by the processor
20 of the mobile device 12. For example, the application 24 may
access protected content 26 stored on the server 14 and display the
protected content on the display 30.
[0035] The processor 20 is configured to access the protected
content 26. For example, as explained above, the processor 20 may
execute the application 24 that accesses protected content 26
stored on the server 14. Alternatively, the protected content 26
may be stored on the non-transitory computer readable medium 22 of
the mobile device 12 and accessed by the application 24.
[0036] As will be understood by one of ordinary skill in the art,
the processor 20 may have various implementations. For example, the
processor 20 may include any suitable device, such as a
programmable circuit, integrated circuit, memory and I/O circuits,
an application specific integrated circuit, microcontroller,
complex programmable logic device, other programmable circuits, or
the like. The processor 20 may also include a non-transitory
computer readable medium, such as random access memory (RAM), a
read-only memory (ROM), an erasable programmable read-only memory
(EPROM or Flash memory), or any other suitable medium. The
processor 20 may be communicatively coupled to the computer
readable medium 22 and network interface 32 through a system bus,
mother board, or using any other suitable structure known in the
art.
[0037] The processor 20 is also configured to detect a security
breach. The processor 20 detects the security breach by receiving a
request 56 to record content currently displayed on the display 30.
The request 56 to record content may comprise a user attempting to
perform a screen capture of content currently being displayed on
the display 30. The request 56 to perform a screen capture may be
initiated by a user pressing a predefined combination of keys on an
input 34 of the mobile device 12. For example, by simultaneously
pushing a physical power button and a physical home screen button
of the mobile device 12.
[0038] Upon receiving the request 56 to record content currently
displayed, the processor 20 is configured to determine whether the
content displayed on the display 30 when the request was received
is protected content 26. That is, the processor 20 is configured to
determine whether the displayed content was protected content or
non-protected content. The processor 20 may determine that the
content being displayed is protected content 26 if an application
24 (executed by the processor 20) generating the content being
displayed is flagged as a protected application. That is, the
application 24 may be flagged as a protected application such that
any content being generated by the application 24 is assumed to be
protected content 26. An application 24 may be flagged as a
protected application if the process id, the name of the
application, the location and name of the executable file, or any
other suitable identifying characteristic of the application is
stored in a database or list of protected applications stored on
the non-transitory computer readable medium 22.
[0039] Alternatively or additionally, the processor 20 may notify
the application 24 generating the content that a request 56 to
record was received. The application 24 may then indicate whether
the content being displayed was protected content 26 when the
request 56 was received. In this way, an application 24 that
displays both protected and non-protected content may determine the
type of content that was being displayed when the request 56 was
received. Upon determining the type of content displayed when the
request 56 was received, the application 24 may notify the
operating system 28 whether the content was protected content 26.
For example, the application 24 may determine whether content
currently displayed is protected content 26 based on an identifier
associated with the content, the location the content was accessed
from, or using any other tag or identifier capable of labeling
content as protected content or non-protected content. The
application 24 may also store a historical record of when protected
content was displayed over a limited duration of time. For example,
the application 24 may store a record of when protected content was
displayed over the past 10 seconds, 2 seconds, 1 second, 200
milliseconds, or any other suitable duration of time.
[0040] If it is determined that the content being displayed when
the request 56 was received is protected content 26, then the
processor 20 determines that a security breach is detected. If a
security breach is detected, the processor 20 is configured to
optionally notify a third party that the security breach occurred
and/or perform a remedial action.
[0041] The mobile device 12 may notify a third party computer
(e.g., the server 14) that a security breach occurred via the
network interface 32. That is, the processor 20 may cause the
network interface 32 to send a notification via a network 44 that
the security breach occurred. As will be understood by one of
ordinary skill in the art, the network 44 may comprise a private
network, the internet, a wired network, a wireless network, or any
other suitable network allowing the mobile device 12 and the third
party to communicate with one another.
[0042] The mobile device 12 is not limited to notifying a single
computer device that a security breach occurred, but may instead
notify multiple devices (e.g., more than one server) that a
security breach occurred. That is, the notification to the third
party may include multiple notifications sent to different network
locations. The parties notified when a breach occurred may be
determined by the application 24 generating the protected content
26. Additionally, the parties contacted may be determined based
upon the content being displayed when the security breach occurred.
For example, there may be multiple tiers of protected content 26
(e.g., low, medium, and high). In this example, if a security
breach occurred while low tier protected content 26 was displayed,
then a first server 14a may be notified. If a security breach
occurred while medium tier protected content 26 was displayed, then
a second server 14b (in place of or in addition to the first server
14a) may be notified (or no notification may be sent). If a
security breach occurred while high tier protected content 26 was
displayed, then a third server 14c (in place of or in addition to
the first server 14a and second server 14b) may be notified.
[0043] The notification that the security breach occurred may
include information identifying at least one of the mobile device
or a user of the mobile device. The identifying information may
include any suitable information for identifying the mobile device
12 or a user of the mobile device, including a username used to
sign into the mobile device 12 or used to access the protected
content 26, a geo-location of the device 12, a device identifier,
or an image captured by a camera of the mobile device after the
request to record was received. The device identifier may comprise
a MAC address, a serial number, or any information used to uniquely
identify the mobile device 12. The notification that the security
breach occurred may additionally or alternatively include a record
of the content displayed on the display when the security breach
occurred.
[0044] The processor 20 is also configured to perform a remedial
action upon detecting a security breach. The remedial action may be
performed before, after, or in place of notifying a third party as
described previously. The remedial action may include deleting data
stored on the mobile device, capturing an image of a user of the
mobile device when the request to capture a screen shot was
received, disabling the mobile device, and/or disabling login
credentials used to access the protected content. The remedial
action may be specified by the application 24 or may be initiated
by the third party notified of the security breach. For example,
upon receiving the notification of the security breach, the server
14 may instruct the processor 20 to perform a given remedial
action. This instruction may be sent to the mobile device 12 via
the network 44. In this example, the processor 20 performs the
remedial action after receiving a request via the network interface
44 to perform the remedial action. In one example, a default
remedial action may be initiated by the application 24 (e.g.,
disabling login credentials) and instruction to perform an
additional or alternative remedial action (e.g., disabling the
mobile device) may be sent by the third party.
[0045] In one embodiment, the third party computer receiving the
notification of the security breach includes a communication
interface configured to communicate with the network interface of
the mobile device and receive the notification from the mobile
device. The third party computer also includes a processor
configured to receive the notification from the communication
interface. In this embodiment, the notification includes
information regarding the protected content displayed on the
display when the request was received and a user of the mobile
device. The processor determines the nature of the protected
content displayed on the display when the request was received. For
example, the processor may determine the nature of the protected
content displayed by comparing the displayed content to the content
stored on the third party computer. Based on the nature of the
protected content and the user of the mobile device, the processor
determines a remedial action to perform. The processor may
determine the remedial action by using a lookup table. Finally, the
third party computer sends an indication of the remedial action to
perform to the mobile device 12.
[0046] FIG. 2 depicts communication of data within the mobile
device 12 and between the mobile device 12 and the server 14. In
the figure, the application 24 running on the mobile device 12,
optionally sends a request for protected content 52 to the server
14. For example, if a user requests to view their bank statement or
other financial data, a request for protected content 52 may be
sent to the server 14. The server 14 receives the request 52 and,
assuming that all required security procedures are satisfied (e.g.,
the user authenticates with the server), protected content 26 is
sent to the application 24. Alternatively, the protected content 52
may be stored within the memory 22 of the mobile device 12. In this
example, the application 24 may access the protected content 26
directly from the memory 22 without sending a request for protected
content 52 to the server 14.
[0047] Upon receiving the protected content 54, the application 24
causes the display 30 to display the protected content 26. The
mobile device 12 also includes a device input 34. If the operating
system 28 receives a request to record displayed content 56 from
the device input 34, then the request 56 may be passed to the
application 24. Alternatively, as opposed to passing the request to
record 56 to the application 24, the operating system 28 may
request information regarding the content displayed at the time
that the request to record content 56 was received. In either case,
the application 24 may notify the operating system 28 that a
security breach occurred 28 if the content being displayed when the
request to record 56 was received was protected content. The
application 24 may alternatively or additionally notify the server
14 if a security breach 28 occurred.
[0048] After it is determined that a security breach 28 occurred,
instructions to perform a remedial action 60 may be received. The
instructions may be received by at least one of the server 14, the
operating system 28, or the application 24. The instructions to
perform the remedial action 60 may be provided by at least one of
the server 14, the operating system 28, or the application 24. For
example, the application 24 may contain a list of default remedial
actions to perform until further instructions are received from the
operating system 28 or the server 14. For example, the application
24 may be configured to only display non-protected content until
further instructions are received from the server 14. The server 14
may then send instructions to perform a remedial action, such as
locking down the application 24 so that no content is accessible
through the application 24.
[0049] Turning to FIG. 3, a block diagram is shown depicting a
method 100 for securing data by detecting a request to record
content. Following the start of the method 100 in process block
102, the method 100 determines in decision block 104 whether a
request to record content currently displayed on a display of the
mobile device was received. If a request was not received, then the
method returns back to decision block 104. If a request was
received, then process block 108 is performed.
[0050] In process block 108, the content displayed on the display
when the request to record currently displayed content was received
is detected. In process block 110, it is determined whether the
content displayed on the display when the request was received is
protected content or non-protected content. As described above, the
type of content displayed may be determined by the application 24
generating the content being displayed. For example, if the
application 24 is identified as a protected application, then any
content displayed by the application 24 is determined to be
protected content. Alternatively, the application 24 may be polled
to determine whether the content being displayed when the request
was received is protected content. In decision block 112, if the
displayed content is non-protected content, then the method returns
to decision block 104. If the displayed content is protected
content, then the method 100 moves to process block 114.
[0051] In process block 114, a third party is notified that a
security breach has occurred. As described above, the notification
that the security breach occurred may include information
identifying at least one of the mobile device or a user of the
mobile device. The notification that a security breach occurred may
alternatively or additionally include a record of the content
displayed on the display when the request was received. In process
block 116, a remedial action is performed. As described above the
remedial action may be performed only after receiving a request to
perform the remedial action.
[0052] The method 100 may run as a background process on the mobile
device 12. The method 100 may be included as a part of the
operating system 28, the application 24, or as a standalone
application.
[0053] Data (e.g., the request for protected content 52, the
protected content 26, notification that a security breach occurred
58, and remedial action 60) may be transferred over a network 44
connecting the mobile device 12 and the server 14. The network 44
may be at least one of a TCP/IP network or a system bus. For
example, when a user attempts to transfer data via a USB port, the
network 44 would comprise the system bus connecting the USB port
and the memory 22 of the mobile device 12.
[0054] As will be understood by one of ordinary skill in the art,
the network 44 is not limited to a single LAN, but may comprise any
suitable network of devices. For example, the predefined areas 80
may comprise a collection of LANs, a Bluetooth Network, the
Internet, etc.
[0055] As will be understood by one of ordinary skill in the art,
the transmission of data (e.g., the request for protected content
52, the protected content 26, notification that a security breach
occurred 58, and remedial action 60) may be transmitted using any
suitable protocol (e.g., TCP/IP, Bluetooth, SMTP, HTTP, SSL, PPP,
IMAP, or any other suitable network protocol).
[0056] The processor of the mobile device 12 may identify the
location of the corresponding device using a global positioning
system (GPS) device, cellular triangulation, WI-FI positioning, or
any other suitable technique or device to determine location.
[0057] As will be understood by one of ordinary skill in the art,
the processors of the mobile device 12 and server 14 may have
various implementations. For example, each of the processors may
include any suitable device, such as a programmable circuit,
integrated circuit, memory and I/O circuits, an application
specific integrated circuit, microcontroller, complex programmable
logic device, other programmable circuits, or the like. Each of the
processors may also include a non-transitory computer readable
medium, such as random access memory (RAM), a read-only memory
(ROM), an erasable programmable read-only memory (EPROM or Flash
memory), or any other suitable medium. Instructions for performing
the methods described above may be stored in the non-transitory
computer readable medium and executed by the respective processor
identified in the description of the method. Each of the processors
may be communicatively coupled to the respective computer readable
medium and network interface through a system bus, mother board, or
using any other suitable structure known in the art.
[0058] The network interfaces of the mobile device 12, server 14,
and predetermined server 14 may each be communicatively coupled to
one or more other host devices 12 and receiving devices 14 via a
network 44. The network 44 may be an open network, such as the
Internet, a private network, such as a virtual private network, or
any other suitable network. Each of the network interface may be
configured to transmit and/or receive data.
[0059] As will be understood by one of ordinary skill in the art,
each of the network interfaces may comprise a wireless network
adaptor, an Ethernet network card, or any suitable device for
performing network based communication between devices. Each of the
network interface may be communicatively coupled to the respective
computer readable medium such that each network interface is able
to send data stored on the respective computer readable medium
across the network 44 and store received data on the respective
computer readable medium. Each of the network interface may also be
communicatively coupled to the respective processor such that the
processor is able to control operation of the network interface.
The respective network interfaces, computer readable medium, and
processors may be communicatively coupled through a system bus,
mother board, or using any other suitable manner as will be
understood by one of ordinary skill in the art.
[0060] Although the invention has been shown and described with
respect to certain exemplary embodiments, it is obvious that
equivalents and modifications will occur to others skilled in the
art upon the reading and understanding of the specification. It is
envisioned that after reading and understanding the present
invention those skilled in the art may envision other processing
states, events, and processing steps to further the objectives of
system of the present invention. The present invention includes all
such equivalents and modifications, and is limited only by the
scope of the following claims.
* * * * *