In recent years, wireless communication network technologies and development of small easily portable mobile devices for operation via such networks has allowed users to be accessible for communication while actively moving about, in buildings, around campuses and even across large geographic areas. Common examples of mobile devices include mobile telephone stations or smart phones as well as various portable computer devices having wireless connectivity (e.g. netbooks or laptops). However, there are situations where it may be desirable to restrict use of a mobile device, to certain users and based on area of operation.
For example, an enterprise having a number of mobile devices may, for security and/or business reasons, want only its personnel (e.g. employees or members) to use the enterprise's mobile stations and only within its premises (e.g. building(s) or campus(es)). Parents may want children to be able to operate their mobile devices at certain places, e.g. home or public areas, but not other places, e.g. at school. There are a variety of ways to restrict use to authorized persons, by imposing varying degrees of strict username and password type requirements. However, such credential-based approaches do not guarantee location based security.
Consider the enterprise scenario by way of a more specific example. Many enterprises requiring security will have secure networks on their premises. The mobile devices interact with network elements to authenticate the devices. Devices not recognized as authentic are denied access. This prevents outside devices from entering and accessing the network. However, this does not stop a user with an authentic device from taking the device outside the enterprise premises and using it, including sometimes for communication via a broader area network. For example, a device having cellular network or WiFi capabilities may be able to operate through a public network. In particular, some WiFi networks may have low security or may be accessible to anyone for an agreement to pay a fee (e.g. via credit card).
The enterprise may have a guideline under which its personnel (users like employees or members) have guidelines prohibiting the users from taking the devices outside the premises. However, there is no way to enforce this. Traditionally, the enterprise could only rely on their personnel to use any enterprise mobile device as per the guideline. If the device and/or the user had the capability to access a network outside the premises, then sometimes, an employee could take the mobile device home or to a public place. The device is outside the secure premises and may be lost, stolen or compromised by its communications over the more public network. Confidentiality of data on the device may be compromised.