Recent advances in hardware and communication technologies have brought about the proliferation of powerful mobile devices ranging from notebook computers to much smaller personal digital assistants (PDAs) that operate over wired and wireless networks. The productivity enhancements associated with exponential growth of mobile technologies have fundamentally changed the security landscape—no longer are devices and data landlocked, the free flow and distribution of information to any place, at any time, to any device, creates a unique set of challenges which will continue to evolve. These mobile devices (also known as handheld devices) operate on various platforms, such as palm computing platform, Windows CE, etc. Other types of mobile devices include paging and messaging devices, laptop computers, data-capable smart phones, etc. These devices can provide users with network access connectivity, which allows them to be quickly notified of changing events, and provide them with the resources necessary to respond even when in transit. In this way, users can be given the power to access mission critical information in quick and reliable manner. For example, data generated by client applications running on a wide variety of mobile devices may be transported over networks having various access protocols and wired and wireless links. One such protocol is Transmission Control Protocol/Internet Protocol (TCP/IP), which is designed to connect computer systems that use different operating systems and network technologies. Many popular network applications have been built directly on top of TCP over the past decade, making TCP/IP a de-facto network access protocol standard.
Many personal computer users use Personal Information Management (PIM) applications such as an address book, a daily organizer, and a To-Do list application-on their personal computers and mobile devices. The data for these PIMS are stored in corresponding databases at the personal computers and mobile devices. Often, data in these databases must be synchronized in order to maintain data uniformity. The synchronization of data between devices of this type is known. For example, U.S. Pat. No. 6,006,274 describes a “Method and Apparatus Using a Pass Through Personal Computer Connected to Both a Local Communication Link and a Computer Network for Identifying and Synchronizing a Preferred Computer with a Portable Computer.” Also, U.S. Pat. Nos. 6,000,000 and 5,884,323 both describe an “Extendible Method and Apparatus for Synchronizing Multiple Files on Two Different Computer Systems.” Generally, the synchronization process is activated either by detecting a mobile device on a cradle or by the manual press of a button. The synchronization process proceeds to synchronize data for several different applications that run on the mobile devices with data for corresponding application on other computers.
As society continues to adopt handheld devices as a standard computing platform and applications become more powerful with the standardization of wired and wireless computing, security threats to data stored in and access by these types of mobile devices have become a serious concern and have created a heightened awareness and increased need for security. In fact, the U.S. Air Force Research Laboratory (AFRL), which develops some of the government's most advanced technologies, is crafting a policy to deal with security risks for data stored in mobile devices.
Various types of security software incorporating different data security encryption standards have been used in the past for securing network, desktop, laptop, and PDA environments. On such suit of software is called the Trusted Mobility Suite™ offered by Trust Digital™, which is used to set access control, encryption, and other parameters and push them to such mobile devices as Palm Pilot™, Pocket PC™, Blackberry™ or Symbian™ OS devices to protect against fraud, theft, sabotage, malicious hacking, and other adverse exposure caused by data compromise. Mobile DesktopSecure™ is a security and encryption software designed to protect files, data, applications, databases, directories, or an entire hard drive. It is also used to push security profiles containing defined security policies from a server to protect laptops and desktops within a network. Generally, Trusted Mobility Suite™ implements security using a graphical user interface (GUI) that allows administrators and users to secure all or selected applications. In this way, the users and administrators can selectively secure application(s) from unwanted and unauthorized access.
Trusted Mobility Suite™ manages data security for mobile devices at different levels. At a higher server level, Trusted Mobility Server™ deploys, manages, and secures networks containing mobile devices using a centralized management solution. A policy-profile editor is used to set security parameters for groups of users based on defined security policies. At a lower device level, PDASecure™ encrypts the data on the mobile device itself and offers security-management for those devices through the Trust Mobility Server. Once installed on a mobile device, PDASecure™ provides for universal integration with all available mobile devices on the network, without the requirement for moving data into separate, secured applications. Also, Trusted Mobility Software Development Kit™ allows software developers to incorporate Trust Digital's Mobility Framework, comprising security, encryption, and centralized rule-based management technologies into their products, for mobile/PDA users.
Also, U.S. Pat. No. 6,158,010 discloses a system and method for maintaining security in a distributed computing environment that comprises a policy manager located on a server for managing and distributing a security policy, and an application guard located on a client for managing access to securable components as specified by the security policy. A global policy specifies access privileges of the user to securable components. The policy manager may then preferably distribute a local client policy based on the global policy to the client. An application guard located on the client then manages access to the securable components as specified by the local policy.
Implementation of comprehensive security policies in networks that support a large number of mobile devices has become an important issue for many enterprises, particularly in view of the complexities associated with supporting various hardware and software platforms in terms of network architectures, protocols, device types, etc. Add to this complexity,.the various situations under which data security may be breached, either on the network side or on the device side. Additionally, due to limited memory availability and fewer processing resources, creating security programs for mobile devices is much more complicated than with larger computers. There exists a need for an efficient and flexible system and method for securing data in mobile devices used under varying operating environments.