Network-based mobile wireless devices, such as wireless data terminals and mobile phones, among others, connect to a wireless network that facilitates communication among wireless devices. The core wireless network includes base stations, switching elements, and databases. These databases are used for call control and network management. For example, one such database, the Home Location Register (HLR), stores subscriber information as well as the current locations of subscribers. Similarly, the Equipment Identity Register (EIR) stores equipment data and state information. The EIR records the equipment identity (e.g., IMEI, ESN etc.) of all the devices that can be used in the network. The EIR can also maintain a “black list” of devices that are forbidden to use the network. Whenever a device attempts to connect to the network, the network can consult the EIR and deny service if the device's identity is found on the black list. The EIR could be a separate entity or could be collocated with the HLR.
With mobile wireless devices carrying increasing amounts of sensitive user data, when a device is lost or stolen, in addition to denying service, it may be necessary or desirable to secure any user data by locking out access to the device or erasing the data. Such actions are typically carried out by sending to the lost or stolen device one or more commands from a security module in a device management system associated with the device. Once a device is black listed, however, it is denied network access and it is not possible for the security module to reach the device for carrying out any such security operations. The security module must therefore carry out such operations before the device is black listed and denied access to the network.
There is therefore is a need for the EIR or the HLR in which the state of the device is stored to interact with the security manager of the device management system in order to ensure that any data in the device that is to be protected is secured before the device is black listed and denied access to the network.