WO2011091538A1 - Method, device and system for remote access of a mobile device - Google Patents

Method, device and system for remote access of a mobile device Download PDF

Info

Publication number
WO2011091538A1
WO2011091538A1 PCT/CA2011/050053 CA2011050053W WO2011091538A1 WO 2011091538 A1 WO2011091538 A1 WO 2011091538A1 CA 2011050053 W CA2011050053 W CA 2011050053W WO 2011091538 A1 WO2011091538 A1 WO 2011091538A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile device
authentication module
user
action
registration
Prior art date
Application number
PCT/CA2011/050053
Other languages
French (fr)
Inventor
Ryan James Lett
Original Assignee
Watermark Data Solutions Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Watermark Data Solutions Ltd. filed Critical Watermark Data Solutions Ltd.
Publication of WO2011091538A1 publication Critical patent/WO2011091538A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data

Definitions

  • the present disclosure relates generally to mobile devices, to remote access of mobile devices and in particular to remote control and remote reconfiguration of mobile devices.
  • Mobile devices may be wireless communication devices such as cellular telephones, handheld PDAs, and the like, which are now capable of supporting features beyond voice or text-based communication between users, such as multimedia features. Such devices have become increasingly invaluable for both business and consumers.
  • Various methods have been previously proposed for protection of data stored on mobile devices. However, loss or theft of a mobile device result in unwanted use of the mobile device and/or unwanted access to the information stored thereon.
  • An object of the present technology is to provide a method, device and system for remote access of a mobile device.
  • a method for activating an action on a specific mobile device comprising the steps of: registering one or more mobile devices and one or more users with a registration and authentication module, the one or more mobile devices including the specific mobile device; correlating, on the registration and authentication module, at least one of the users with the specific mobile device; accessing the registration and authentication module by the at least one user and verifying user identity; submitting, by the at least one user, a request for activation of the action on the specific mobile device; sending a signal to the specific mobile device, said signal indicative of the request; authenticating the signal by an action and authentication module operative on the specific mobile device; activating the action on the specific mobile device upon authentication of the signal.
  • a system for activation of an action on a specific mobile device comprising: a registration and authentication module configured to register one or more mobile devices and one or more users, the one or more mobile devices including the specific mobile device, the registration and authentication module further configured to correlate the specific mobile device with at least one user, the registration and authentication module further configured to receive a request for activation of the action on the specific mobile device, authenticate said request and send a signal indicative of the request to the mobile device; and; and an action and authentication module operative on the specific mobile device and communicatively coupled to the registration and authentication module, the action and authentication module configured to receive and authenticate the signal and activate the action upon authentication of the signal.
  • a computer program product for activating an action on a specific mobile device that is remotely located, the computer program product comprising code which, when loaded into memory and executed on one or more processors, is adapted to: registering one or more mobile devices and one or more users with a registration and authentication module, the one or more mobile devices including the specific mobile device; correlating, on the registration and authentication module, at least one of the users with the specific mobile device; accessing the registration and authentication module by the at least one user and verifying user identity; submitting, by the at least one user, a request for activation of the action on the specific mobile device; sending a signal to the specific mobile device, said signal indicative of the request; authenticating the signal by an action and authentication module operative on the specific mobile device; activating the action on the specific mobile device upon authentication of the signal.
  • FIG. 1 is an exemplary flowchart presenting steps of a method for allowing remote access of a mobile device in accordance with embodiments of the present technology.
  • FIG. 2 is an exemplary flowchart presenting steps of a method for allowing remote access of a mobile device in accordance with embodiments of the present technology.
  • FIG. 3 is an exemplary flowchart presenting steps of a method for allowing remote access of a mobile device in accordance with embodiments of the present technology.
  • FIG. 4 A is a schematic of a system in accordance with embodiments of the present technology.
  • FIG. 4B is a schematic of a system in accordance with embodiments of the present technology.
  • FIG. 5 is a schematic depiction of an exemplary mobile device.
  • the disclosure is directed to a method, a computer program product, a mobile device and a system configured to allow remote access and optionally reconfiguration of the mobile device.
  • Various configurations of computer program products, mobile devices, servers and systems for achieving the above are described.
  • the system for activation of an action on or reconfiguration of a specific mobile device that is remotely located includes a registration and authentication module and an action and authentication module. These two modules operate in conjunction to provide a user with remote access to the desired mobile device.
  • the registration and authentication module resides and is operative on a peer mobile device, server or other computing device.
  • the action and authentication module is operative on the mobile device to be accessed and the action and authentication module is communicatively coupled to the registration and authentication module.
  • the registration and authentication module is configured to register one or more mobile devices and one or more users such that the one or more mobile devices including the specific mobile device. This module is further configured to maintain a correlation between one or more mobile devices and one or more users, wherein this correlation can be determined by the user of the mobile device, for example.
  • the registration and authentication module is further configured to receive a request for access of a mobile device from a user, wherein upon authentication of the user, a signal at least in part indicative of the request is transmitted to the mobile device.
  • the action and authentication module is configured to receive the signal and additionally configured to authenticate the signal and activate the action on or reconfiguration of the mobile upon authentication of that signal.
  • the method 100 of the disclosure comprises receiving a request for remote access 110; authenticating the source of request 130; executing one or more tasks after the authentication 150.
  • the remote access request is received from a server (e.g. a web server) communicatively linked to the mobile device.
  • the remote access request is received from a peer mobile device communicatively linked to the mobile device.
  • said tasks comprise any one of the following: allowing the authenticated source to remotely access the mobile device; transmitting data such as location information including GPS data, email, address lists, call history or information related to other recent activity, allowing a reconfiguration of the mobile device from a first configuration to a second configuration, providing a perceptible signal as an indication of its location and the like.
  • a method for activating an action on or reconfiguration of a specific mobile device that is remotely located can include a plurality of steps. Initially, one or more mobile devices and one or more users can be registered with a registration and authentication module associated with the system of the present technology. This registration can result in a pool of users and mobile devices, wherein at least one of the registered users is correlated with at least one of the registered mobile devices. This correlation provides a link between respective users and mobile devices, wherein one or more users may be correlated with one mobile device and/or vice versa. This correlation aids in the later authentication of a request for reconfiguration or action being performed by the mobile device remotely located.
  • a user accesses the registration and authentication module and veri ies user identity therewith.
  • This user can subsequently submit a request for activation of an action or reconfiguration f a specific mobile to the registration and authentication module.
  • This module would subsequently send a signal to the specific or desired mobile device, wherein this signal can be indicative of the request and the source of the request, for example the user, the registration and authentication module or both.
  • an action and authentication module is operative, and this module is configured to authenticate the signal, which can be at least in part determined based on the source of the request.
  • the action or reconfiguration of the mobile device is performed.
  • FIG. 2 illustrates a method according to embodiments of the present technology.
  • the mobile devices and users are registered 160, and a correlation between one or more mobile devices and one or more users 1 2 is made.
  • a user submits a request 164 for an action or reconfiguration of the mobile device, and this request is subsequently authenticated 166.
  • a signal is sent 1 8 to the mobile device wherein this signal is indicative of the request.
  • the signal is authenticated 170 and if the signal is authentic the action on or reconfiguration of the mobile is activated 172.
  • acts associated with the method described herein can be implemented as coded instructions in a computer program product.
  • the computer program product is a computer-readable medium upon which software code is recorded to execute the method when the software code is loaded into a memory and executed on an operatively associated microprocessor.
  • the software code can be loaded into memory on a mobile device, server, or other computing device that may be used with the system according to embodiments of the present technology.
  • acts associated with the method described herein can be implemented as coded instructions in plural computer program products, each of the computer program products being a computer-readable medium upon which software code is recorded to execute appropriate portions of the method when the software code is loaded into memory and executed on an operatively associated microprocessor.
  • a computer program product may be a hard disk, CD, DVD, USB/flash drive, memory card, etc. as would readily be understood by a worker skilled in the art, having stored thereon the software code.
  • the remote access request is received from a server (e.g. a web server) communicatively linked to the mobile device.
  • a server e.g. a web server
  • the remote access request is received from a peer mobile device communicatively linked to the mobile device.
  • the remote access request received by the mobile device is sent by a remote user.
  • the remote access request is sent by a user via a server (e.g. a web server) communicatively linked to the mobile device.
  • the remote access request received by the mobile device relayed via a web server by a user logged into the system using a web browser.
  • the remote access request is sent by the user via a web browser.
  • the remote access request is sent by the user via a peer mobile device communicatively linked to the mobile device.
  • the method comprises authenticating the source of the remote access request.
  • the remote access request may be received from a second mobile device or a server such as a web server.
  • authentication comprises authenticating the peer mobile device or the server.
  • authentication may comprise authenticating the user at the second mobile device or the server that is the source of the remote signal.
  • authentication may comprise authenticating the user at the second mobile device or the server and allowing the user to perform reconfiguration of the mobile device in real-time from the second mobile device or the server.
  • the mobile device may be preconfigured to authenticate one or more users, one or more peer mobile devices and one or more servers.
  • one or more levels of authentication may be used.
  • a remote access request received from the peer mobile device may be subjected to a different level of authentication than that received from a server.
  • the levels of authentication may be related to a level of remote access allowed by the mobile device.
  • different peer mobile devices may be allowed different levels of remote access such as access to contact information only or access to all information including recent activity, or access to modify content or access to location information, or access to downloaded files in memory, or configuration of mobile device.
  • the level of access provided may also be based on the identity of the user at the remote server or peer mobile device. For example, if the user is the owner of the mobile device, or someone related to the owner, or a stranger.
  • Authentication of the user, remote server or peer mobile device ma be achieved using authentication protocols based on encryption schemes, message authentication codes, signature schemes, image recognition schemes, finger print recognition schemes and combinations thereof. Both peer entity and data origin authentication protocols may be used. Various schemes for authentication that may be known to a worker skilled in the art may be used.
  • the remote access request includes encoded authentication information for said authentication step.
  • the authentication information is encoded separately.
  • the mobile device is preconfigured to receive the remote access request and process the authentication information contained therein.
  • the mobile device may be further preconfigured to execute one or more tasks based on the authenticated identity of the transmitter.
  • authentication includes the use of generated authentication keys or tokens which included long strings of data. According to embodiments, these keys or tokens can change on a frequent basis in order to ensure safe communications.
  • one or more of the tasks executed by the mobile device may comprise transmitting data such as location information including GPS data, email, address lists, call history or information related to other recent activity.
  • the tasks comprise transmitting data to a user, for example transmitting the data from the mobile device to the hard drive of the user's peer mobile device or the user's personal computing device, depending on the embodiment.
  • the tasks comprise transmitting data to one or more communicatively linked servers or peer mobile devices.
  • the tasks comprise transmitting data to one or more communicatively linked servers and subsequent downloading of the said transmitted data to the local hard drive of the personal computer from which the user accesses the mobile device via the server.
  • the data may comprise data stored on the mobile device such as contact information and saved communications such as messages or pictures.
  • the data may comprise log data stored on the mobile device such as recent event history, recent calls etc.
  • the data may comprise data downloaded to the mobile device such as music files, video tiles, mobile applications, etc.
  • the data may comprise data pertaining to the mobile device itself. For example, the model number, manufacturer's name, serial number, etc.
  • the data may comprise data obtained by the mobile device upon request by the user such as an image captured, video captured, or sound signal received from a microphone. Accordingly, the transmission of such data requires a further step of obtaining said data.
  • the data may comprise location data of the mobile device.
  • the location data may exemplarily comprise GPS coordinates or geographical address such as street, city or other location.
  • the location data may be current location data, nearby prominent landmark data or location history data.
  • the location data may be transmitted in real time or periodically or once upon receipt of the remote access request. For example, if a user has lost their cell phone, accessing the location of the cell phone would enable them to determine whether they left it at home or in the office. Accessing location history of the phone or accessing the location data in realtime may provide information indicating that the user left it in on the train, or that it is in possession of another user who may be identifiable based on the location history.
  • the receipt of the remote access request initiates obtaining of the location data. Once initiated, the obtaining of the location data may continue periodically or continuously.
  • a first set of the data may be transferred to communicatively linked peer mobile devices, while a second part of the data may be transferred into a server.
  • GPS data for the mobile device may be sent to a peer mobile device allowing a user to track the 'Lost' mobile device, while data relating to address lists or call history may be sent to a central server for archiving or later review by the user.
  • the data transfer may occur partly in real-time.
  • data relating to pictures, music, video, downloaded/stored documents, address list, call history, mobile applications, etc. may be transferred to communicatively linked peer mobile devices.
  • transmission of data can comprise transmission of any data that can be stored on the mobile device or acquired by the mobile device.
  • the mobile device may be configured to send data to or receive data from communicatively linked peer mobile devices or network terminals (e.g. servers). At least part of the sending or receiving of data may occur in real-time.
  • data may be transmitted to the server and archived as a means of keeping snapshots of the current data store on the mobile device.
  • the data can be downloaded by a user using a web browser or the peer mobile device, depending on the embodiment.
  • the user downloads statistics about the communicating server such as the activity of previous access to a mobile device including downloads and actions that have been performed by the mobile device.
  • the tasks comprise the reconfiguration of the mobile device from a first configuration to a second configuration.
  • a “configuration" of the mobile device generally refers to any state of operation of the mobile device.
  • a configuration may thus be defined by the values of the device parameters used and the device features that are enabled or disabled.
  • a worker skilled in the art will readily understand that the number of possible configurations for a mobile device may thus depend on the number of device features that can be enabled or disabled, the number o device parameters that can be modified, or the like.
  • reconfiguring a mobile device may comprise modifying any data stored on the mobile device. Accordingly, in embodiments, reconfiguration may comprise modifying one or more files or sets of information stored on the mobile device. In embodiments, modifying data or information may comprise deleting said data. In embodiments, modifying data or information may comprise a substantially complete or partial memory wipe of the mobile device.
  • a memory wipe may be performed via multi-pass wipe technology, variable-pass wipe technology or other technologies known to a worker skilled in the art.
  • the mobile device may allow an authenticated user to modify, including delete, one or more files stored on the mobile device or do a complete memory wipe. This may, for example, be useful in the event that a mobile device is stolen and the user desires to protect confidential or personal information stored on the mobile device.
  • the memory wiping can be performed by the resetting of the bits that are in the memory of the mobile device. This resetting of some or all of the memory bits can be performed in a random manner, all desired memory bits set to zero, all desired memory bits set to 1 , or a combination thereof. By performing the resetting of the memory bits in a multi-pass fashion, the likelihood of a residual image of the information previously contained in said memory of the mobile device.
  • a configuration of a mobile device may be defined by device features such as Internet browsing, text messaging, voice communications etc.
  • each configuration of the mobile device has a respective subset of the device features that are enabled while the remaining device features are disabled.
  • Some device features e.g. texting
  • a reconfiguration may thus include enabling or disabling of one or more features of the mobile device. For example, a user may disable device features such as Internet browsing, text messaging and voice communications in order to avoid high cell phone charges. As another example, a user may disable features that consume high energy i an attempt to prolong battery life.
  • the reconfiguration is based on an optional input received from the source of the remote access request.
  • the reconfiguration of the configuration may occur automatically.
  • the user may manually choose the features and/or the parameters defining the second configuration to which the mobile device is reconfigured to.
  • the user may be provided with a plurality of potential configurations to choose from for the reconfiguration. For example, the user may choose how to reconfigure the mobile device based on data received from the mobile device related to recent usage history or location.
  • the user may choose to erase data from the memory modules of the mobile device.
  • the user may choose to archive data prior to erasing.
  • voice communications may be denied automatically if a received signal from the web server indicates that the mobile device may be 'Unauthorized'.
  • the mobile device is preconfigured to execute a certain sequence or set of tasks upon receipt of a specific remote access request. Accordingly, there may be different remote access requests, each corresponding to a particular sequence or set of tasks.
  • the mobile device may be reconfigured to change the security settings for providing access to data stored on the mobile device. For example, the security level may be increased so that an attempt to obtain data from the mobile device has to pass several authentication steps (such as answering several questions correctly) before the data can be accessed.
  • the mobile device ma be configured to completely shut down. For example, once the user is aware that the mobile device is in a safe location, based on the location data, and doesn ' t want it to be accessed by the incumbents of that location, the user can decide to turn off the mobile device completely; restarting the device would require the input of a specific password.
  • the mobile device may be reconfigured one or more times.
  • the user may choose to disable all features but when the mobile phone retrieved or its location identified as a secure location, the user may choose to re-enable all features.
  • a user may choose to disable different features at different times.
  • the remote access request received by the mobile phone is sent from a communicatively linked sever or peer mobile device.
  • the server or peer mobile device transmits said remote access request upon request by a user.
  • the server or peer mobile device requires authentication of the user.
  • the authentication protocol may use a password and username or it may comprise further steps to establish identity of the user and establish that the user is authorized to remotely access the mobile device.
  • a worker skilled in the art will be familiar with various authentication protocols which may be used for this purpose.
  • authentication includes the use o generated authentication keys or tokens which included long strings of data. According to embodiments, these keys or tokens can change on a frequent basis in order to ensure safe communications.
  • the mobile phone is registered with a communicatively linked server.
  • the registration process may comprise establishment of authentication procedures to be used to confirm identity of user and/or server for allowing remote access.
  • a user may register one or more mobile devices with the server.
  • the server may require an additional authentication step of the user for each registered mobile device before sending a remote access request to initiate remote access of mobile device.
  • the peer mobile phone is registered with the mobile phone.
  • the registration process may comprise establishment of authentication procedures to be used to confirm identity of user and/or peer mobile device for allowing remote access.
  • a user may register one or more peer mobile devices with the mobile device.
  • the mobile device may require an additional authentication step of the user for each registered peer mobile device before allowing remote access of mobile device.
  • a user may register one or more mobile devices to the peer mobile device.
  • acts associated with the method described herein can be implemented as coded instructions in plural computer program products, each of the computer program products being a computer-readable medium upon which software code is recorded to execute appropriate portions of the method when the software code is loaded into memory and executed on an operatively associated microprocessor.
  • FIG. 3 is a flowchart of an exemplary method 200 for sending a remote access request to a mobile device.
  • the method comprises receiving a request for login 210 from a user at the remote server and authenticating the user 230.
  • the server Upon authenticating the user, the server allows the user to select 250 the mobile device for which remote access is desired from a list of mobile devices previously registered by the user. The user is then prompted for a password specific to the mobile device 260 for which remote access is being requested.
  • step 270 if the password entered by the user is correct, i.e if the user is authenticated by the server as authorized for remote access to the mobile device, the server sends a remote access request to the mobile device 280. If the password entered is incorrect, the server denies the request 290, resulting in denying access to, communication with, or actions requested o the mobile device.
  • the user upon selecting the mobile device from a list of mobile devices, previously registered to the server, is automatically authorized for remote access to the selected mobile device.
  • the method comprises receiving a request for login 210 from a user at the remote peer mobile device and authenticating the user 230.
  • the peer mobile device Upon authenticating the user, the peer mobile device allows the user to select 250 the mobile device for which remote access is desired from a list of mobile devices previously registered by the user. The user is then prompted for a password specific to the mobile device 260 for which remote access is being requested.
  • the peer mobile device sends a remote access request to the mobile device 280.
  • the server denies the request 290, resulting in denying access to, communication with, or actions requested of the mobile device.
  • the user upon selecting the mobile device from a list of mobile devices, previously registered to the peer mobile device is automatically authorized for remote access to the selected mobile device.
  • Acts associated with the method described herein can be implemented as coded instructions in a computer program product.
  • the computer program product is a computer-readable medium upon which software code is recorded to execute the method when the computer program product is loaded into memory and executed on a microprocessor or other form of computing device.
  • Acts associated with the method described herein can be implemented as coded instructions in plural computer program products. For example, a first portion of the method may be performed using one microprocessor or computing device, and a second portion of the method may be performed using another microprocessor, computing device, server, or the like.
  • each computer program product is a computer-readable medium upon which software code is recorded to execute appropriate portions of the method when a computer program product is loaded into memory and executed on the microprocessor of a computing device.
  • each step of the method may be executed on any computing device, such as a personal computer, server, PDA, or the like and pursuant to one or more, or a part of one or more, program elements, modules or objects generated from any programming language, such as C++, Java, PL/1 , or the like.
  • each step, or a file or object or the like implementing each said step may be executed by special purpose hardware or a circuit module designed for that purpose.
  • the system for activation of an action on or reconfiguration of a specific mobile device that is remotely located includes a registration and authentication module and an action and authentication module. These two modules operate in conjunction to provide a user with remote access to the desired mobile device.
  • the registration and authentication module resides and is operative on a peer mobile device being used by the user or operative on a web server communicatively coupled to a computing device being used by the user.
  • the computing device if a user is using a computing device, the computing device has operating thereon a generic web browser which can be used to present/receive data to/from the user, wherein this data is communicated between that browser and the registration and authentication module operative on the web server.
  • the computing device when a user is using a computing device which is communicating with the web server having thereon the registration and authentication module, the computing device has installed thereon a proprietary access program which is specifically designed for interaction with the registration and authentication module.
  • the action and authentication module is operative on the mobile device to be accessed and the action and authentication module is communicatively coupled to the registration and authentication module.
  • the registration and authentication module is configured to register one or more mobile devices and one or more users such that the one or more mobile devices including the specific mobile device. This module is further configured to maintain a correlation between one or more mobile devices and one or more users, wherein this correlation can be determined by the user of the mobile device, for example.
  • the registration and authentication module is further configured to receive a request for access of a mobile device from a user, wherein upon authentication of the user, a signal at least in part indicative of the request is transmitted to the mobile device.
  • the action and authentication module is configured to receive the signal and additionally configured to authenticate the signal and activate the action on or reconfiguration of the mobile upon authentication of that signal.
  • FIG. 4 ⁇ illustrates a configuration of the system according to some embodiments of the present technology.
  • the mobile device 508 has installed thereon the action and authentication module 506.
  • a peer mobile device 502 which is communicatively coupled to the mobile device 508, has installed thereon the registration and authentication module 504.
  • the action and authentication module 506 and the registration and authentication module 504 are suitably communicatively connected.
  • access to the mobile device can be enabled by way of the registration and authentication module 504 and the action and authentication module 506.
  • FIG. 4B illustrates another configuration of the system according to some embodiments of the present technology, in particular, the mobile device 508 has installed thereon the action and authentication module 506.
  • a server 510 has installed thereon the registration and authentication module 512.
  • the server 510 and the mobile device 508 are communicatively connected, and the server 510 is additionally communicatively connected to a computing device 514, to which a user has access.
  • the action and authentication module 506 and the registration and authentication module 510 are suitably communicatively connected.
  • access to the mobile dev ice can be enabled by way of the registration and authentication module 504 and the action and authentication module 506.
  • the mobile device is capable of transmitting or receiving information, or both, via a wireless communication medium such as radio, infrared, or the like.
  • the communication capabilities of the mobile device may include voice communication capabilities, data communication capabilities, or a combination thereof.
  • the term "mobile device”, for the purposes of this specification, shall include any wireless handheld, smart phone, PDA, tablet, laptop, notebook, netbook, or other communications device that is capable of transmission and reception of data via a wireless communication medium such as radio, infrared or the like. Other types of mobile devices would be readily known to a worker skilled in the art.
  • the mobile device comprises an authentication module, a remote access module and a processing module.
  • the authentication module is configured to perform authentication of the source of requests received by the mobile device.
  • the remote access module may be configured to obtain the authenticated request and execute tasks related to said request.
  • the remote access module may also be used to configure the mobile device for remote access.
  • the remote access module and the authentication module may be integrated.
  • the processing module is configured to coordinate the functions of the authentication and remote access module.
  • the processing module may be communicatively linked or integrated with one or both of the authentication module and the remote access module.
  • the mobile device 780 comprises a location identification module and a communication module.
  • the location identification and communication modules may optionally comprise memory modules or be operatively associated with memory modules.
  • a processing module may be operatively associated with the location identification and communication modules, and may be configured to coordinate their functions, and to process the received remote access requests.
  • the processing module may also be used to configure the configuration of the mobile device. Accordingly, the processing module may be configured to execute the appropriate software code that controls the various features of the mobile device.
  • the processing module may comprise one or more processors 782.
  • the processing module comprises or is operatively associated with a memory module 783 configured for storage of different types of data.
  • Appropriate processors 782 and memory modules 783 would be readily known to a worker skilled in the art.
  • the mobile device 780 comprises a location identification module 785, which is configured to determine the location of the mobile device.
  • the location identification module 785 can be turned ON and OFF from a remote server or peer mobile device.
  • the location identification module 785 includes a GPS receiver chipset for receiving GPS radio signals transmitted from the one or more orbiting GPS satellites 798.
  • the GPS receiver chipset can be embedded within the device or externally connected, such as, for example, a Bluetooth GPS puck or dongle.
  • the mobile device 780 also comprises input/output devices 787.
  • the input/output devices 787 may include one or more of the following: a display (e.g. a small LCD screen), a thumbwheel, a trackball, a keyboard, touch screen, a keypad, a button, a USB or serial port for connecting to peripheral equipment, a camera, a display, a speaker and a microphone.
  • a display e.g. a small LCD screen
  • thumbwheel e.g. a thumbwheel
  • a trackball e.g. a keyboard
  • touch screen e.g. a touch screen
  • keypad e.g. a button
  • a USB or serial port for connecting to peripheral equipment
  • the display may optionally have touch- screen functionality.
  • the mobile device 780 is linked to a cellular network 790 through a base-station 792, and thereby to one or more servers 794, 796 (cxemplarily of a service and application provider or a data and content provider). Additional mobile devices 780a may be linked to the cellular network 790 using the same base station 792 or a separate base station 792a.
  • the cellular network 790 thus allows data communication between peer mobile devices 780, 780a.
  • the mobile device 780 sends and receives wireless communication signals via a RF transceiver 784.
  • the device 780 may communicate in accordance with one or more appropriate technologies such as: Global Systems for Mobile communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband CDMA (WCDMA), whether 2G, 3G, High speed packet access (I ISPA), Universal Mobile Telecommunication System (UMTS) based technologies, Enhanced Data rates for Global Evolution (EDGE), Long Term Evolution (LTE) technologies, Orthogonal Frequency Division Multiplexing (OFDM) technologies, I J lira- Wideband (L WB) technologies, WiFiTM, BlueToothTM or WiMAXTM technologies, or other communication technologies and protocols as would readily be understood by a worker skilled in the art.
  • GSM Global Systems for Mobile communications
  • GPRS General Packet Radio Service
  • CDMA Code Division Multiple Access
  • WCDMA Wideband CDMA
  • I ISPA Universal Mobile Telecommunication System
  • UMTS Universal Mobile T
  • the wireless device 780 may be capable of operation using multiple protocols.
  • the base stations 792, 792a may be part of a wireless network, such as a cellular network, local-area network, wide-area network, wireless hotspot network, or the like.
  • the mobile device, base station, network components, and the like may be configured for data communication, voice communication, or a combination thereof, possibly using additional components, configurations and procedures where appropriate, such as SIM cards, authorization and authentication procedures, handoff procedures, and the like, as would be readily understood by a worker skilled in the art.
  • Appropriate communication protocols and network architectures that support various types of communication would be readily known to a worker skilled in the art.
  • audio signals may be transferred either in circuit-switched or packet- switched fashion through the communication.
  • the communication signals may be broadcast or multicast.
  • the remote access request is sent by a user accessing the server via a website which contains software application code o the registration and authentication module component of the "Remote Memory Wipe".
  • the mobile device to be accessed will have installed thereon the software application code of the action and authentication module component of the "Remote Memory Wipe".
  • This two component "Remote Memory Wipe" software application code allows a user to register a mobile device to which a remote access request may be sent in order to initiate remote access and to delete specified data from the mobile device.
  • the user accesses the registration and authentication module via the website and selects the desired mobile device from a list of mobile devices. The user subsequently selects the '"Remote Memory Wipe" action for the desired mobile device.
  • the website prompts the user for the previously selected password for this device.
  • the server then connects with the mobile device using the password entered by the user for authentication.
  • the mobile device then deletes all previously selected data for deletion.
  • the mobile device remote access system comprises two parts: the software application running on the mobile device itself, for this example hereinafter referred to as the mobile app and a web software application, in the form of a website, running on a server, for this example hereinafter referred to as the web app.
  • the mobile app will be installed by the user onto the mobile device and will be configured on its first run.
  • the user will then register the mobile device using the web app via a web browser.
  • the web app will prompt the user to select a password for authorized entry to the web app in the future.
  • the web app will also register the mobile device and prompt the user to provide a second password to protect against unauthorized use of the web app for this mobile device.

Abstract

The disclosure Is directed to a method, computer program product, or a mobile device configured for allowing remote access. The mobile device is configured to allow a user through a remote server or peer mobile device to access the mobile device. The mobile device is further configured to allow remote control and in particular remote reconfiguration of the mobile device.

Description

METHOD, DEVICE AND SYSTEM FOR REMOTE ACCESS
OF A MOBILE DEVICE
FIELD OF THE TECHNOLOGY
[0001] The present disclosure relates generally to mobile devices, to remote access of mobile devices and in particular to remote control and remote reconfiguration of mobile devices.
BACKGROUND
[0002] Mobile devices may be wireless communication devices such as cellular telephones, handheld PDAs, and the like, which are now capable of supporting features beyond voice or text-based communication between users, such as multimedia features. Such devices have become increasingly invaluable for both business and consumers. Various methods have been previously proposed for protection of data stored on mobile devices. However, loss or theft of a mobile device result in unwanted use of the mobile device and/or unwanted access to the information stored thereon.
[0003] Therefore there is a need for a method and system which can access a mobile device in a remote manner.
[0004] This background information is provided to reveal information believed by the applicant to be of possible relevance to the present technology. No admission is necessarily intended, nor should be construed, that any of the preceding information constitutes prior art against the present invention.
SUMMARY OF THE TECHNOLOGY
[0005] An object of the present technology is to provide a method, device and system for remote access of a mobile device. In accordance with an aspect of the present technology there is provided a method for activating an action on a specific mobile device that is remotely located, the method comprising the steps of: registering one or more mobile devices and one or more users with a registration and authentication module, the one or more mobile devices including the specific mobile device; correlating, on the registration and authentication module, at least one of the users with the specific mobile device; accessing the registration and authentication module by the at least one user and verifying user identity; submitting, by the at least one user, a request for activation of the action on the specific mobile device; sending a signal to the specific mobile device, said signal indicative of the request; authenticating the signal by an action and authentication module operative on the specific mobile device; activating the action on the specific mobile device upon authentication of the signal.
[0006] In accordance with another aspect of the present technology there is provided a system for activation of an action on a specific mobile device that is remotely located, the system comprising: a registration and authentication module configured to register one or more mobile devices and one or more users, the one or more mobile devices including the specific mobile device, the registration and authentication module further configured to correlate the specific mobile device with at least one user, the registration and authentication module further configured to receive a request for activation of the action on the specific mobile device, authenticate said request and send a signal indicative of the request to the mobile device; and; and an action and authentication module operative on the specific mobile device and communicatively coupled to the registration and authentication module, the action and authentication module configured to receive and authenticate the signal and activate the action upon authentication of the signal.
[0007] In accordance with another aspect of the present technology there is provided a computer program product for activating an action on a specific mobile device that is remotely located, the computer program product comprising code which, when loaded into memory and executed on one or more processors, is adapted to: registering one or more mobile devices and one or more users with a registration and authentication module, the one or more mobile devices including the specific mobile device; correlating, on the registration and authentication module, at least one of the users with the specific mobile device; accessing the registration and authentication module by the at least one user and verifying user identity; submitting, by the at least one user, a request for activation of the action on the specific mobile device; sending a signal to the specific mobile device, said signal indicative of the request; authenticating the signal by an action and authentication module operative on the specific mobile device; activating the action on the specific mobile device upon authentication of the signal.
BRIEF DESCRIPTION OF THE FIGURES
[0008] Features and advantages of the present technology will become apparent from the following detailed description, taken in combination with the appended drawings, in which:
[0009] FIG. 1 is an exemplary flowchart presenting steps of a method for allowing remote access of a mobile device in accordance with embodiments of the present technology.
[0010] FIG. 2 is an exemplary flowchart presenting steps of a method for allowing remote access of a mobile device in accordance with embodiments of the present technology.
[0011] FIG. 3 is an exemplary flowchart presenting steps of a method for allowing remote access of a mobile device in accordance with embodiments of the present technology.
[0012] FIG. 4 A is a schematic of a system in accordance with embodiments of the present technology.
[0013] FIG. 4B is a schematic of a system in accordance with embodiments of the present technology.
[0014] FIG. 5 is a schematic depiction of an exemplary mobile device.
[0015] It will be noted that throughout the appended drawings, like features are identified by like reference numerals.
DETAILED DESCRIPTION
[0016] As used herein, the term ''about" refers to a +/-10% variation from the nominal value. It is to be understood that such a variation is always included in a given value provided herein, whether or not it is specifically referred to. [0017] Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
[0018] The disclosure is directed to a method, a computer program product, a mobile device and a system configured to allow remote access and optionally reconfiguration of the mobile device. Various configurations of computer program products, mobile devices, servers and systems for achieving the above are described.
[0019] The system for activation of an action on or reconfiguration of a specific mobile device that is remotely located includes a registration and authentication module and an action and authentication module. These two modules operate in conjunction to provide a user with remote access to the desired mobile device. According to embodiments, the registration and authentication module resides and is operative on a peer mobile device, server or other computing device. The action and authentication module is operative on the mobile device to be accessed and the action and authentication module is communicatively coupled to the registration and authentication module.
[0020] The registration and authentication module is configured to register one or more mobile devices and one or more users such that the one or more mobile devices including the specific mobile device. This module is further configured to maintain a correlation between one or more mobile devices and one or more users, wherein this correlation can be determined by the user of the mobile device, for example. The registration and authentication module is further configured to receive a request for access of a mobile device from a user, wherein upon authentication of the user, a signal at least in part indicative of the request is transmitted to the mobile device.
[0021] The action and authentication module is configured to receive the signal and additionally configured to authenticate the signal and activate the action on or reconfiguration of the mobile upon authentication of that signal.
[0022] Referring to FIG. 1 , the method 100 of the disclosure comprises receiving a request for remote access 110; authenticating the source of request 130; executing one or more tasks after the authentication 150. [0023] In embodiments, the remote access request is received from a server (e.g. a web server) communicatively linked to the mobile device. In embodiments, the remote access request is received from a peer mobile device communicatively linked to the mobile device.
[0024] In embodiments, said tasks comprise any one of the following: allowing the authenticated source to remotely access the mobile device; transmitting data such as location information including GPS data, email, address lists, call history or information related to other recent activity, allowing a reconfiguration of the mobile device from a first configuration to a second configuration, providing a perceptible signal as an indication of its location and the like.
[0025] According to embodiments o the present technology, a method for activating an action on or reconfiguration of a specific mobile device that is remotely located can include a plurality of steps. Initially, one or more mobile devices and one or more users can be registered with a registration and authentication module associated with the system of the present technology. This registration can result in a pool of users and mobile devices, wherein at least one of the registered users is correlated with at least one of the registered mobile devices. This correlation provides a link between respective users and mobile devices, wherein one or more users may be correlated with one mobile device and/or vice versa. This correlation aids in the later authentication of a request for reconfiguration or action being performed by the mobile device remotely located.
[0026] According to embodiments, a user accesses the registration and authentication module and veri ies user identity therewith. This user can subsequently submit a request for activation of an action or reconfiguration f a specific mobile to the registration and authentication module. This module would subsequently send a signal to the specific or desired mobile device, wherein this signal can be indicative of the request and the source of the request, for example the user, the registration and authentication module or both. On the mobile device, an action and authentication module is operative, and this module is configured to authenticate the signal, which can be at least in part determined based on the source of the request. Upon authentication of the signal the action or reconfiguration of the mobile device is performed. [0027] For example, FIG. 2 illustrates a method according to embodiments of the present technology. The mobile devices and users are registered 160, and a correlation between one or more mobile devices and one or more users 1 2 is made. A user submits a request 164 for an action or reconfiguration of the mobile device, and this request is subsequently authenticated 166. A signal is sent 1 8 to the mobile device wherein this signal is indicative of the request. The signal is authenticated 170 and if the signal is authentic the action on or reconfiguration of the mobile is activated 172.
[0028] In embodiments, acts associated with the method described herein can be implemented as coded instructions in a computer program product. In other words, the computer program product is a computer-readable medium upon which software code is recorded to execute the method when the software code is loaded into a memory and executed on an operatively associated microprocessor. Depending on the embodiment, the software code can be loaded into memory on a mobile device, server, or other computing device that may be used with the system according to embodiments of the present technology. In embodiments, acts associated with the method described herein can be implemented as coded instructions in plural computer program products, each of the computer program products being a computer-readable medium upon which software code is recorded to execute appropriate portions of the method when the software code is loaded into memory and executed on an operatively associated microprocessor. For example, a computer program product may be a hard disk, CD, DVD, USB/flash drive, memory card, etc. as would readily be understood by a worker skilled in the art, having stored thereon the software code.
Receiving Remote Access Request
[0029] As mentioned above, in embodiments, the remote access request is received from a server (e.g. a web server) communicatively linked to the mobile device. In embodiments, the remote access request is received from a peer mobile device communicatively linked to the mobile device.
[0030] In embodiments, the remote access request received by the mobile device is sent by a remote user. In embodiments, the remote access request is sent by a user via a server (e.g. a web server) communicatively linked to the mobile device. The remote access request received by the mobile device relayed via a web server by a user logged into the system using a web browser. The remote access request is sent by the user via a web browser. In embodiments, the remote access request is sent by the user via a peer mobile device communicatively linked to the mobile device.
Authentication
[0031] The method comprises authenticating the source of the remote access request. The remote access request may be received from a second mobile device or a server such as a web server. In embodiments, authentication comprises authenticating the peer mobile device or the server. In embodiments, authentication may comprise authenticating the user at the second mobile device or the server that is the source of the remote signal. In embodiments, authentication may comprise authenticating the user at the second mobile device or the server and allowing the user to perform reconfiguration of the mobile device in real-time from the second mobile device or the server. In embodiments, the mobile device may be preconfigured to authenticate one or more users, one or more peer mobile devices and one or more servers.
[0032] In embodiments, one or more levels of authentication may be used. For example, a remote access request received from the peer mobile device may be subjected to a different level of authentication than that received from a server. In embodiments, the levels of authentication may be related to a level of remote access allowed by the mobile device. For example, different peer mobile devices may be allowed different levels of remote access such as access to contact information only or access to all information including recent activity, or access to modify content or access to location information, or access to downloaded files in memory, or configuration of mobile device. In embodiments, the level of access provided may also be based on the identity of the user at the remote server or peer mobile device. For example, if the user is the owner of the mobile device, or someone related to the owner, or a stranger.
[0033] Authentication of the user, remote server or peer mobile device ma be achieved using authentication protocols based on encryption schemes, message authentication codes, signature schemes, image recognition schemes, finger print recognition schemes and combinations thereof. Both peer entity and data origin authentication protocols may be used. Various schemes for authentication that may be known to a worker skilled in the art may be used.
[0034] In embodiments, the remote access request includes encoded authentication information for said authentication step. In embodiments, the authentication information is encoded separately. The mobile device is preconfigured to receive the remote access request and process the authentication information contained therein. The mobile device may be further preconfigured to execute one or more tasks based on the authenticated identity of the transmitter.
[0035] In some embodiments, authentication includes the use of generated authentication keys or tokens which included long strings of data. According to embodiments, these keys or tokens can change on a frequent basis in order to ensure safe communications.
[0036] In embodiments, one or more of the tasks executed by the mobile device may comprise transmitting data such as location information including GPS data, email, address lists, call history or information related to other recent activity.
Transmission of Data
[0037] In embodiments, the tasks comprise transmitting data to a user, for example transmitting the data from the mobile device to the hard drive of the user's peer mobile device or the user's personal computing device, depending on the embodiment. In embodiments, the tasks comprise transmitting data to one or more communicatively linked servers or peer mobile devices. In embodiments, the tasks comprise transmitting data to one or more communicatively linked servers and subsequent downloading of the said transmitted data to the local hard drive of the personal computer from which the user accesses the mobile device via the server.
[0038] In embodiments, the data may comprise data stored on the mobile device such as contact information and saved communications such as messages or pictures. In embodiments, the data may comprise log data stored on the mobile device such as recent event history, recent calls etc. In embodiments, the data may comprise data downloaded to the mobile device such as music files, video tiles, mobile applications, etc. [0039] In embodiments, the data may comprise data pertaining to the mobile device itself. For example, the model number, manufacturer's name, serial number, etc. In embodiments, the data may comprise data obtained by the mobile device upon request by the user such as an image captured, video captured, or sound signal received from a microphone. Accordingly, the transmission of such data requires a further step of obtaining said data.
[0040] In embodiments, the data may comprise location data of the mobile device. The location data may exemplarily comprise GPS coordinates or geographical address such as street, city or other location. The location data may be current location data, nearby prominent landmark data or location history data. The location data may be transmitted in real time or periodically or once upon receipt of the remote access request. For example, if a user has lost their cell phone, accessing the location of the cell phone would enable them to determine whether they left it at home or in the office. Accessing location history of the phone or accessing the location data in realtime may provide information indicating that the user left it in on the train, or that it is in possession of another user who may be identifiable based on the location history.
[0041] In embodiments, the receipt of the remote access request initiates obtaining of the location data. Once initiated, the obtaining of the location data may continue periodically or continuously.
[0042] In embodiments, a first set of the data may be transferred to communicatively linked peer mobile devices, while a second part of the data may be transferred into a server. Exemplarily, GPS data for the mobile device may be sent to a peer mobile device allowing a user to track the 'Lost' mobile device, while data relating to address lists or call history may be sent to a central server for archiving or later review by the user. The data transfer may occur partly in real-time.
[0043] In embodiments, data relating to pictures, music, video, downloaded/stored documents, address list, call history, mobile applications, etc. may be transferred to communicatively linked peer mobile devices.
[0044] A worker skilled in the art will easily understand that the above embodiments are only for exemplary purposes and the transmission of data can comprise transmission of any data that can be stored on the mobile device or acquired by the mobile device.
[0045] In embodiments, the mobile device may be configured to send data to or receive data from communicatively linked peer mobile devices or network terminals (e.g. servers). At least part of the sending or receiving of data may occur in real-time. In some embodiments, data may be transmitted to the server and archived as a means of keeping snapshots of the current data store on the mobile device. The data can be downloaded by a user using a web browser or the peer mobile device, depending on the embodiment. In some embodiments, the user downloads statistics about the communicating server such as the activity of previous access to a mobile device including downloads and actions that have been performed by the mobile device.
Reconfiguration of the Mobile Device
[0046] In embodiments, the tasks comprise the reconfiguration of the mobile device from a first configuration to a second configuration. A "configuration" of the mobile device generally refers to any state of operation of the mobile device.
[0047] A configuration may thus be defined by the values of the device parameters used and the device features that are enabled or disabled. A worker skilled in the art will readily understand that the number of possible configurations for a mobile device may thus depend on the number of device features that can be enabled or disabled, the number o device parameters that can be modified, or the like.
[0048] In embodiments, reconfiguring a mobile device may comprise modifying any data stored on the mobile device. Accordingly, in embodiments, reconfiguration may comprise modifying one or more files or sets of information stored on the mobile device. In embodiments, modifying data or information may comprise deleting said data. In embodiments, modifying data or information may comprise a substantially complete or partial memory wipe of the mobile device.
[0049] , According to embodiments of the present technology, a memory wipe may be performed via multi-pass wipe technology, variable-pass wipe technology or other technologies known to a worker skilled in the art. Thus, the mobile device may allow an authenticated user to modify, including delete, one or more files stored on the mobile device or do a complete memory wipe. This may, for example, be useful in the event that a mobile device is stolen and the user desires to protect confidential or personal information stored on the mobile device.
[0050] According to embodiments, the memory wiping can be performed by the resetting of the bits that are in the memory of the mobile device. This resetting of some or all of the memory bits can be performed in a random manner, all desired memory bits set to zero, all desired memory bits set to 1 , or a combination thereof. By performing the resetting of the memory bits in a multi-pass fashion, the likelihood of a residual image of the information previously contained in said memory of the mobile device.
[0051] A configuration of a mobile device may be defined by device features such as Internet browsing, text messaging, voice communications etc. In embodiments, each configuration of the mobile device has a respective subset of the device features that are enabled while the remaining device features are disabled. Some device features (e.g. texting) may be enabled in a first configuration while they are disabled in a second configuration. A reconfiguration may thus include enabling or disabling of one or more features of the mobile device. For example, a user may disable device features such as Internet browsing, text messaging and voice communications in order to avoid high cell phone charges. As another example, a user may disable features that consume high energy i an attempt to prolong battery life.
[0052] In embodiments, the reconfiguration is based on an optional input received from the source of the remote access request. Alternatively, the reconfiguration of the configuration may occur automatically.
[0053] In embodiments, the user may manually choose the features and/or the parameters defining the second configuration to which the mobile device is reconfigured to. In embodiments, the user may be provided with a plurality of potential configurations to choose from for the reconfiguration. For example, the user may choose how to reconfigure the mobile device based on data received from the mobile device related to recent usage history or location.
[0054] In embodiments, the user may choose to erase data from the memory modules of the mobile device. In embodiments, the user may choose to archive data prior to erasing. In embodiments, voice communications may be denied automatically if a received signal from the web server indicates that the mobile device may be 'Unauthorized'.
[0055] In embodiments, the mobile device is preconfigured to execute a certain sequence or set of tasks upon receipt of a specific remote access request. Accordingly, there may be different remote access requests, each corresponding to a particular sequence or set of tasks.
[0056] In embodiments, the mobile device may be reconfigured to change the security settings for providing access to data stored on the mobile device. For example, the security level may be increased so that an attempt to obtain data from the mobile device has to pass several authentication steps (such as answering several questions correctly) before the data can be accessed. In embodiments, the mobile device ma be configured to completely shut down. For example, once the user is aware that the mobile device is in a safe location, based on the location data, and doesn't want it to be accessed by the incumbents of that location, the user can decide to turn off the mobile device completely; restarting the device would require the input of a specific password. In embodiments, the mobile device may be reconfigured one or more times. For example, if the mobile phone is lost by the user, the user may choose to disable all features but when the mobile phone retrieved or its location identified as a secure location, the user may choose to re-enable all features. As another example, a user may choose to disable different features at different times.
Sending of Remote Access Request
[0057] In embodiments, the remote access request received by the mobile phone is sent from a communicatively linked sever or peer mobile device. In embodiments, the server or peer mobile device transmits said remote access request upon request by a user. In embodiments, the server or peer mobile device requires authentication of the user. The authentication protocol may use a password and username or it may comprise further steps to establish identity of the user and establish that the user is authorized to remotely access the mobile device. A worker skilled in the art will be familiar with various authentication protocols which may be used for this purpose. In some embodiments, authentication includes the use o generated authentication keys or tokens which included long strings of data. According to embodiments, these keys or tokens can change on a frequent basis in order to ensure safe communications.
[0058] In embodiments, the mobile phone is registered with a communicatively linked server. In embodiments, the registration process may comprise establishment of authentication procedures to be used to confirm identity of user and/or server for allowing remote access. In embodiments, a user may register one or more mobile devices with the server. In embodiments, the server may require an additional authentication step of the user for each registered mobile device before sending a remote access request to initiate remote access of mobile device.
[0059] In embodiments, the peer mobile phone is registered with the mobile phone. In embodiments, the registration process may comprise establishment of authentication procedures to be used to confirm identity of user and/or peer mobile device for allowing remote access. In embodiments, a user may register one or more peer mobile devices with the mobile device. In embodiments, the mobile device may require an additional authentication step of the user for each registered peer mobile device before allowing remote access of mobile device. In embodiments, a user may register one or more mobile devices to the peer mobile device.
[0060] In embodiments, acts associated with the method described herein can be implemented as coded instructions in plural computer program products, each of the computer program products being a computer-readable medium upon which software code is recorded to execute appropriate portions of the method when the software code is loaded into memory and executed on an operatively associated microprocessor.
[0061] The present technology may be implemented as a method with steps as shown in FIG. 3. FIG. 3 is a flowchart of an exemplary method 200 for sending a remote access request to a mobile device. The method comprises receiving a request for login 210 from a user at the remote server and authenticating the user 230. Upon authenticating the user, the server allows the user to select 250 the mobile device for which remote access is desired from a list of mobile devices previously registered by the user. The user is then prompted for a password specific to the mobile device 260 for which remote access is being requested. In step 270, if the password entered by the user is correct, i.e if the user is authenticated by the server as authorized for remote access to the mobile device, the server sends a remote access request to the mobile device 280. If the password entered is incorrect, the server denies the request 290, resulting in denying access to, communication with, or actions requested o the mobile device. In embodiments, the user upon selecting the mobile device from a list of mobile devices, previously registered to the server, is automatically authorized for remote access to the selected mobile device.
[0062] In embodiments, with reference to FIG. 3, the method comprises receiving a request for login 210 from a user at the remote peer mobile device and authenticating the user 230. Upon authenticating the user, the peer mobile device allows the user to select 250 the mobile device for which remote access is desired from a list of mobile devices previously registered by the user. The user is then prompted for a password specific to the mobile device 260 for which remote access is being requested. In step 270, if the password entered by the user is correct, i.e. if the user is authenticated by the peer mobile device as authorized for remote access to the mobile device, the peer mobile device sends a remote access request to the mobile device 280. If the password entered is incorrect, the server denies the request 290, resulting in denying access to, communication with, or actions requested of the mobile device. In embodiments, the user upon selecting the mobile device from a list of mobile devices, previously registered to the peer mobile device, is automatically authorized for remote access to the selected mobile device.
[0063] It will be appreciated that, although specific embodiments of the invention have been described herein for purposes of illustration, various modifications may be made without departing from the spirit and scope of the invention. In particular, it is within the scope of the invention to provide a computer program product or program element, or a program storage or memory device such as a solid transmission medium, magnetic or optical wire, tape or disc, or the like, for storing signals readable by a machine, lor controlling the operation o a computer according to the method of the invention and/or to structure some or all of its components in accordance with the system of the invention.
[0064] Acts associated with the method described herein can be implemented as coded instructions in a computer program product. In other words, the computer program product is a computer-readable medium upon which software code is recorded to execute the method when the computer program product is loaded into memory and executed on a microprocessor or other form of computing device.
[0065] Acts associated with the method described herein can be implemented as coded instructions in plural computer program products. For example, a first portion of the method may be performed using one microprocessor or computing device, and a second portion of the method may be performed using another microprocessor, computing device, server, or the like. In this case, each computer program product is a computer-readable medium upon which software code is recorded to execute appropriate portions of the method when a computer program product is loaded into memory and executed on the microprocessor of a computing device.
[0066] Further, each step of the method may be executed on any computing device, such as a personal computer, server, PDA, or the like and pursuant to one or more, or a part of one or more, program elements, modules or objects generated from any programming language, such as C++, Java, PL/1 , or the like. In addition, each step, or a file or object or the like implementing each said step, may be executed by special purpose hardware or a circuit module designed for that purpose.
System
[0067] The system for activation of an action on or reconfiguration of a specific mobile device that is remotely located includes a registration and authentication module and an action and authentication module. These two modules operate in conjunction to provide a user with remote access to the desired mobile device.
[0068] According to embodiments, the registration and authentication module resides and is operative on a peer mobile device being used by the user or operative on a web server communicatively coupled to a computing device being used by the user. In some embodiments, if a user is using a computing device, the computing device has operating thereon a generic web browser which can be used to present/receive data to/from the user, wherein this data is communicated between that browser and the registration and authentication module operative on the web server. In some embodiments, when a user is using a computing device which is communicating with the web server having thereon the registration and authentication module, the computing device has installed thereon a proprietary access program which is specifically designed for interaction with the registration and authentication module.
[0069] The action and authentication module is operative on the mobile device to be accessed and the action and authentication module is communicatively coupled to the registration and authentication module.
[0070] The registration and authentication module is configured to register one or more mobile devices and one or more users such that the one or more mobile devices including the specific mobile device. This module is further configured to maintain a correlation between one or more mobile devices and one or more users, wherein this correlation can be determined by the user of the mobile device, for example. The registration and authentication module is further configured to receive a request for access of a mobile device from a user, wherein upon authentication of the user, a signal at least in part indicative of the request is transmitted to the mobile device.
[0071] The action and authentication module is configured to receive the signal and additionally configured to authenticate the signal and activate the action on or reconfiguration of the mobile upon authentication of that signal.
[0072] FIG. 4Λ illustrates a configuration of the system according to some embodiments of the present technology. In particular, the mobile device 508 has installed thereon the action and authentication module 506. A peer mobile device 502 which is communicatively coupled to the mobile device 508, has installed thereon the registration and authentication module 504. Based on the communicative connection between the peer mobile device 502 and the mobile device 508, the action and authentication module 506 and the registration and authentication module 504 are suitably communicatively connected. Based on request made by the user 500 on the peer mobile device, access to the mobile device can be enabled by way of the registration and authentication module 504 and the action and authentication module 506.
[0073] FIG. 4B illustrates another configuration of the system according to some embodiments of the present technology, in particular, the mobile device 508 has installed thereon the action and authentication module 506. A server 510 has installed thereon the registration and authentication module 512. The server 510 and the mobile device 508 are communicatively connected, and the server 510 is additionally communicatively connected to a computing device 514, to which a user has access. Based on the communicative connection between the server 510 and the mobile device 508, the action and authentication module 506 and the registration and authentication module 510 are suitably communicatively connected. Based on request made by the user 500 on the computing device 514, communicatively connected to the server 510, access to the mobile dev ice can be enabled by way of the registration and authentication module 504 and the action and authentication module 506.
Mobile Device
[0074] The mobile device is capable of transmitting or receiving information, or both, via a wireless communication medium such as radio, infrared, or the like. The communication capabilities of the mobile device may include voice communication capabilities, data communication capabilities, or a combination thereof. The term "mobile device", for the purposes of this specification, shall include any wireless handheld, smart phone, PDA, tablet, laptop, notebook, netbook, or other communications device that is capable of transmission and reception of data via a wireless communication medium such as radio, infrared or the like. Other types of mobile devices would be readily known to a worker skilled in the art.
[0075] The mobile device comprises an authentication module, a remote access module and a processing module. The authentication module is configured to perform authentication of the source of requests received by the mobile device. The remote access module may be configured to obtain the authenticated request and execute tasks related to said request. The remote access module may also be used to configure the mobile device for remote access. In embodiments, the remote access module and the authentication module may be integrated. The processing module is configured to coordinate the functions of the authentication and remote access module. In embodiments, the processing module may be communicatively linked or integrated with one or both of the authentication module and the remote access module. [0076] In embodiments and referring to FIG. 5, the mobile device 780 comprises a location identification module and a communication module. The location identification and communication modules may optionally comprise memory modules or be operatively associated with memory modules. A processing module may be operatively associated with the location identification and communication modules, and may be configured to coordinate their functions, and to process the received remote access requests. The processing module may also be used to configure the configuration of the mobile device. Accordingly, the processing module may be configured to execute the appropriate software code that controls the various features of the mobile device.
[0077] The processing module may comprise one or more processors 782. In embodiments, the processing module comprises or is operatively associated with a memory module 783 configured for storage of different types of data. Appropriate processors 782 and memory modules 783 would be readily known to a worker skilled in the art.
[0078] The mobile device 780 comprises a location identification module 785, which is configured to determine the location of the mobile device. Exemplarily, the location identification module 785 can be turned ON and OFF from a remote server or peer mobile device. In this embodiment, the location identification module 785 includes a GPS receiver chipset for receiving GPS radio signals transmitted from the one or more orbiting GPS satellites 798. The GPS receiver chipset can be embedded within the device or externally connected, such as, for example, a Bluetooth GPS puck or dongle. Although the present disclosure refers expressly to the "Global Positioning System", it should be understood that this term and its abbreviation "GPS" are being used expansively to include any satellite-based navigation-signal broadcast system, and would therefore include other systems used around the world including the Beidou (COMPASS) system being developed by China, the multinational Galileo system being developed by the European Union, in collaboration with China, India, Morocco, Saudi Arabia and South Korea, Russia's GLONASS system, India's proposed Navigational Satellite System (IRNSS), and Japan's proposed QZSS regional system. Other systems for determining location may be used in place of GPS, as would be readily understood by a worker skilled in the art. [0079] In embodiments, the mobile device 780 also comprises input/output devices 787. The input/output devices 787 may include one or more of the following: a display (e.g. a small LCD screen), a thumbwheel, a trackball, a keyboard, touch screen, a keypad, a button, a USB or serial port for connecting to peripheral equipment, a camera, a display, a speaker and a microphone. The display may optionally have touch- screen functionality.
[0080] Referring to FIG. 5, the mobile device 780 is linked to a cellular network 790 through a base-station 792, and thereby to one or more servers 794, 796 (cxemplarily of a service and application provider or a data and content provider). Additional mobile devices 780a may be linked to the cellular network 790 using the same base station 792 or a separate base station 792a. The cellular network 790 thus allows data communication between peer mobile devices 780, 780a.
[0081] The mobile device 780 sends and receives wireless communication signals via a RF transceiver 784. When communicating wirelessly with a base station 792 of a wireless network 790, the device 780 may communicate in accordance with one or more appropriate technologies such as: Global Systems for Mobile communications (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (CDMA), Wideband CDMA (WCDMA), whether 2G, 3G, High speed packet access (I ISPA), Universal Mobile Telecommunication System (UMTS) based technologies, Enhanced Data rates for Global Evolution (EDGE), Long Term Evolution (LTE) technologies, Orthogonal Frequency Division Multiplexing (OFDM) technologies, I J lira- Wideband (L WB) technologies, WiFi™, BlueTooth™ or WiMAX™ technologies, or other communication technologies and protocols as would readily be understood by a worker skilled in the art. In some embodiments, the wireless device 780 may be capable of operation using multiple protocols. The base stations 792, 792a may be part of a wireless network, such as a cellular network, local-area network, wide-area network, wireless hotspot network, or the like.
[0082] The mobile device, base station, network components, and the like, ma be configured for data communication, voice communication, or a combination thereof, possibly using additional components, configurations and procedures where appropriate, such as SIM cards, authorization and authentication procedures, handoff procedures, and the like, as would be readily understood by a worker skilled in the art. [0083] Appropriate communication protocols and network architectures that support various types of communication would be readily known to a worker skilled in the art. Exemplarily, audio signals may be transferred either in circuit-switched or packet- switched fashion through the communication. The communication signals may be broadcast or multicast.
[0084] A worker skilled in the art will readily appreciate that methods of the disclosure may not require any changes to the wireless communication network. In embodiments, minimal changes to the hardware architecture of the mobile device are required.
[0085] The invention will now be described with reference to specific examples. It will be understood that the following examples are intended to describe embodiments of the invention and are not intended to limit the invention in any way.
EXAMPLES
[0086] Implementations of the present technology will now be further explained with regard to the example scenario. In this example, the remote access request is sent by a user accessing the server via a website which contains software application code o the registration and authentication module component of the "Remote Memory Wipe". The mobile device to be accessed will have installed thereon the software application code of the action and authentication module component of the "Remote Memory Wipe". This two component "Remote Memory Wipe" software application code allows a user to register a mobile device to which a remote access request may be sent in order to initiate remote access and to delete specified data from the mobile device.
[0087] The following steps show the time sequence of installation and implementation of the present technology:
[0088] 1. User installs the action and authentication "Remote Memory Wipe" software code on the mobile device.
[0089] 2. The user configures the mobile device to specify data to be deleted. [0090] 3. The user then registers the mobile device on the website operating on a server containing the registration and authentication module component of the "Remote Memory Wipe". The registration and authentication module would subsequently detect that the "Remote Memory Wipe" action is available on that mobile device. The User subsequently provides a password for the mobile device.
[0091] When the mobile device is lost or stolen,
[0092] 4. The user accesses the registration and authentication module via the website and selects the desired mobile device from a list of mobile devices. The user subsequently selects the '"Remote Memory Wipe" action for the desired mobile device.
[0093] 5. The website prompts the user for the previously selected password for this device.
[0094] 6. The server then connects with the mobile device using the password entered by the user for authentication.
[0095] 7. The mobile device then deletes all previously selected data for deletion.
[0096] In the above example, the mobile device remote access system comprises two parts: the software application running on the mobile device itself, for this example hereinafter referred to as the mobile app and a web software application, in the form of a website, running on a server, for this example hereinafter referred to as the web app. The mobile app will be installed by the user onto the mobile device and will be configured on its first run. The user will then register the mobile device using the web app via a web browser. The web app will prompt the user to select a password for authorized entry to the web app in the future. The web app will also register the mobile device and prompt the user to provide a second password to protect against unauthorized use of the web app for this mobile device. Should the user's mobile device be lost or stolen, they will visit the website, log in, and select the "Remote Memory Wipe" option for the mobile device in question. The server will then generate the necessary credentials based on the password provided and connect to the device using these credentials. The application running on the device will then perform all configured tasks before deleting all data on the mobile device. [0097] This new technology has been described in terms of specific implementations and configurations (and variants thereof) which are intended to be exemplary only. The scope of the exclusive right sought by the applicant is therefore intended to be limited solely by the appended claims.

Claims

WE CLAIM:
1 A method for activating an action on a specific mobile device that is remotely located, the method comprising the steps of:
a) registering one or more mobile devices and one or more users with a registration and authentication module, the one or more mobile devices including the specific mobile device;
b) correlating, on the registration and authentication module, at least one of the users with the specific mobile device;
c) accessing the registration and authentication module by the at least one user and verifying user identity;
d) submitting, by the at least one user, a request for activation of the action on the specific mobile device;
e) sending a signal to the specific mobile device, said signal indicative of the request;
f) authenticating of the signal by an action and authentication module operative on the specific mobile device;
g) activating the action on the specific mobile device upon authentication of the signal.
2. The method according to claim 1 , wherein the signal is also indicative of a source of the request and wherein authentication is at least in part determined based on the source of the request.
3. The method according to claim 1 , wherein the at least one user is correlated with more than one mobile device.
4. The method according to claim 1 , wherein the action is a memory wiping action.
5. The method according to claim 4, wherein the memory wiping action is a multi-pass memory wiping action.
6. A system for activation of an action on a specific mobile device that is remotely located, the system comprising:
a) a registration and authentication module configured to register one or more mobile devices and one or more users, the one or more mobile devices including the specific mobile device, the registration and authentication module further configured to correlate the specific mobile device with at least one user, the registration and authentication module further configured to receive a request for activation of the action on the specific mobile device, authenticate said request and send a signal indicative of the request to the mobile device; and
b) an action and authentication module operative on the specific mobile device and communicatively coupled to the registration and authentication module, the action and authentication module configured to receive and authenticate the signal and activate the action upon authentication of the signal.
7. The system according to claim 6, wherein the registration and authentication module is operative on a peer mobile device.
8. The system according to claim 6, wherein the registration and authentication module is operative on a server.
9. The system according to claim 10, wherein the server is a web server.
10. The system according to claim 8, wherein the registration and authentication module is accessed by a computing device having a proprietary access program operative thereon.
1 1. The system according to claim 8, wherein the registration and authentication module is accessed by a computing device having a generic web browser program operative thereon.
12. A computer program product for activating an action on a specific mobile device that is remotely located, the computer program product comprising code which, when loaded into memory and executed on one or more processors, is adapted to: a) registering one or more mobile devices and one or more users with a registration and authentication module, the one or more mobile devices including the specific mobile device;
b) correlating, on the registration and authentication module, at least one of the users with the specific mobile device;
c) accessing the registration and authentication module by the at least one user and verifying user identity;
d) submitting, by the at least one user, a request for activation of the action on the specific mobile device;
e) sending a signal to the specific mobile device, said signal indicative of the request;
f) authenticating the signal by an action and authentication module operative on the specific mobile device;
g) activating the action on the specific mobile device upon authentication of the signal.
PCT/CA2011/050053 2010-01-29 2011-01-31 Method, device and system for remote access of a mobile device WO2011091538A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US29970810P 2010-01-29 2010-01-29
US61/299,708 2010-01-29

Publications (1)

Publication Number Publication Date
WO2011091538A1 true WO2011091538A1 (en) 2011-08-04

Family

ID=44318590

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2011/050053 WO2011091538A1 (en) 2010-01-29 2011-01-31 Method, device and system for remote access of a mobile device

Country Status (1)

Country Link
WO (1) WO2011091538A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2575384A1 (en) * 2011-09-30 2013-04-03 Research In Motion Limited System and method for remote wipe through voice mail
WO2015120283A1 (en) * 2014-02-07 2015-08-13 Driving Management Systems, Inc. Remote disabling of a mobile device
US9143910B2 (en) 2011-09-30 2015-09-22 Blackberry Limited Method and system for remote wipe through voice mail

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030065934A1 (en) * 2001-09-28 2003-04-03 Angelo Michael F. After the fact protection of data in remote personal and wireless devices
US20040204021A1 (en) * 2002-04-02 2004-10-14 Keith Cocita Cell phone feature
EP1933249A1 (en) * 2006-12-14 2008-06-18 Research In Motion Limited System and method for wiping and disabling a removed device
WO2008086611A1 (en) * 2007-01-19 2008-07-24 Research In Motion Limited Selectively wiping a remote device
US20080318550A1 (en) * 2007-06-22 2008-12-25 Deatley Dallas Device Activation and Access
US20090098857A1 (en) * 2007-10-10 2009-04-16 Dallas De Atley Securely Locating a Device
GB2469936A (en) * 2009-05-01 2010-11-03 Apple Inc Remotely locating and commanding a mobile device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030065934A1 (en) * 2001-09-28 2003-04-03 Angelo Michael F. After the fact protection of data in remote personal and wireless devices
US20040204021A1 (en) * 2002-04-02 2004-10-14 Keith Cocita Cell phone feature
EP1933249A1 (en) * 2006-12-14 2008-06-18 Research In Motion Limited System and method for wiping and disabling a removed device
WO2008086611A1 (en) * 2007-01-19 2008-07-24 Research In Motion Limited Selectively wiping a remote device
US20080318550A1 (en) * 2007-06-22 2008-12-25 Deatley Dallas Device Activation and Access
US20090098857A1 (en) * 2007-10-10 2009-04-16 Dallas De Atley Securely Locating a Device
GB2469936A (en) * 2009-05-01 2010-11-03 Apple Inc Remotely locating and commanding a mobile device

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
APPLE INC., IPHONE USER GUIDE FOR IPHONE OS 3.1 SOFTWARE. MANUAL., 2009 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2575384A1 (en) * 2011-09-30 2013-04-03 Research In Motion Limited System and method for remote wipe through voice mail
US9143910B2 (en) 2011-09-30 2015-09-22 Blackberry Limited Method and system for remote wipe through voice mail
WO2015120283A1 (en) * 2014-02-07 2015-08-13 Driving Management Systems, Inc. Remote disabling of a mobile device

Similar Documents

Publication Publication Date Title
CN108307674B (en) Method and equipment for guaranteeing terminal safety
US10511442B2 (en) Method and system for responding to an unauthorized action on a mobile communications device
US10447839B2 (en) Device locator disable authentication
US9622077B2 (en) Systems and methods for geolocation-based authentication and authorization
US9559907B2 (en) Remote verification for configuration updates
US8213971B2 (en) Apparatus and method for activating computer applications with SMS messaging
JP4838303B2 (en) How to disable a mobile device
US8195124B2 (en) Apparatus and methods for managing time sensitive application privileges on a wireless device
US9548781B2 (en) Enabling pre-provisioned proprietary carrier-specific feature services and applications for execution on a mobile device
CN112771826A (en) Application program login method, application program login device and mobile terminal
EP3386167B1 (en) Cloud operation interface sharing method, related device and system
US20060186199A1 (en) Apparatus for authorising access to an electronic device
CN107729759B (en) APP operation authority control method, storage device and mobile terminal
CN102215285A (en) Method and apparatus for protecting information in user terminal
US20140123277A1 (en) Mobile terminal apparatus, non-transitory computer readable mediums, signal processing method, document storage server, and document management system
EP3090376B1 (en) Method for accessing a service and a corresponding server
KR102184305B1 (en) Method for processing authorization, electronic device and server for supporting the same
WO2011091538A1 (en) Method, device and system for remote access of a mobile device
CN111316269A (en) Terminal security protection method and device
JP2012147398A (en) Mobile communication system, mobile communication terminal, mobile communication method, and program
KR100923909B1 (en) Method and apparatus for remotely controlling of a mobile device
EP2164014B1 (en) System, method and security device for authorizing use of a software tool

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11736586

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11736586

Country of ref document: EP

Kind code of ref document: A1