| 发明名称 | Secure lock for mobile device | ||
| 摘要 | A secure lock procedure for mobile devices is disclosed. The secure lock process generally includes detecting a device access attempt at a telecommunication device during a security-enabled boot sequence. The device access attempt may include a cryptographic key, which when detected, initiates a cryptographic authentication operation. The cryptographic authentication operation results in access to one or more resource of the telecommunication device being enabled, when the cryptographic key is determined to be valid, or denied, when the cryptographic key is determined to be invalid. The device access attempt may be associated with a root-level device access attempt or software flash attempt, and the secure lock procedure can be implemented in conjunction with a boot loader stored within a memory of the telecommunication device. | ||
| 申请公布号 | US9426661(B2) | 申请公布日期 | 2016.08.23 |
| 申请号 | US201514874023 | 申请日期 | 2015.10.02 |
| 申请人 | T-Mobile USA, Inc. | 发明人 | Obaidi Ahmad Arash |
| 分类号 | H04W12/08;H04L9/28;H04W12/06;H04W12/12;G06F21/57;G06F21/44;G06F9/44;G06F21/31;G06F21/51;G06F21/88;H04L29/06 | 主分类号 | H04W12/08 |
| 代理机构 | Lee & Hayes, PLLC | 代理人 | Lee & Hayes, PLLC |
| 主权项 | 1. A telecommunication device comprising: one or more processors; an access attempt counter; and a memory coupled to the one or more processors, and having at least a secure lock component and a device operating system (OS), wherein the secure lock component is operable by the one or more processors to: initialize the access attempt counter to a default value n;detect a device access attempt during a boot sequence of the telecommunication device, wherein each of multiple layers in a boot stack of the boot sequence employs a cryptographic lock that is configured to be unlocked with a first security key;initiate a cryptographic validation operation when a second security key is encountered as a part of the device access attempt;in response to utilizing the first security key to determine that the second security key is valid during the cryptographic validation operation, enable access to at least one resource of the telecommunication device; andin response to utilizing the first security key to determine that the second security key is not valid during the cryptographic validation operation, deny access to the at least one resource of the telecommunication device:increment the access attempt counter value n to a value i, where i=n+1;compare the incremented access attempt counter value i to an access attempt threshold value Th;determine whether a counter equation i≧Th is satisfied based at least in part on the comparison; andreboot the telecommunication device in response to determining that the incremented access attempt counter value i satisfies the counter equation. | ||
| 地址 | Bellevue WA US | ||