A system for enforcing security policies on mobile communications devices (115) adapted to be used in a mobile communications network (105) in operative association with a subscriber identity module (120). The system having a client-server architecture comprising a server (140) operated by a mobile communications network operator (110) and a client (135) resident on a mobile communications device on which security policies are to be enforced. The server is adapted to determine security policies to be applied on said mobile communications device, and to send thereto a security policy to be applied. The client is adapted to receive the security policy to be applied from the server, and to apply the received security policy. The server includes a server authentication function (327) adapted to authenticate the security policy to be sent to the mobile communications device; the client is further adapted to asses authenticity of the security policy received from the server by exploiting a client authentication function (435) resident on the subscriber identity module.

System for Enforcing Security Policies on Mobile Communications Devices

BASSO, ALESSANDRO;MIRAGLIA, MICHELE
2007-01-01

Abstract

A system for enforcing security policies on mobile communications devices (115) adapted to be used in a mobile communications network (105) in operative association with a subscriber identity module (120). The system having a client-server architecture comprising a server (140) operated by a mobile communications network operator (110) and a client (135) resident on a mobile communications device on which security policies are to be enforced. The server is adapted to determine security policies to be applied on said mobile communications device, and to send thereto a security policy to be applied. The client is adapted to receive the security policy to be applied from the server, and to apply the received security policy. The server includes a server authentication function (327) adapted to authenticate the security policy to be sent to the mobile communications device; the client is further adapted to asses authenticity of the security policy received from the server by exploiting a client authentication function (435) resident on the subscriber identity module.
2007
WO/2007/110094
Telecom Italia S.p.A.
http://www.wipo.int/pctdb/en/wo.jsp?IA=EP2006002788&WO=2007110094&DISPLAY=STATUS
policy enforcement; mobile device; PDA; security
C. ALDERA; P. DE LUTIIS; M. GRILLO; M. LEONE; A. BASSO; M. MIRAGLIA
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2318/28833
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact