On November 8, 2012, the US Patent & Trademark Office published two security related patent applications from Apple. One reveals the secrets behind the security cables found attached to all devices at every Apple Store on the planet. The second security patent provides us with a serious look at a new adaptive security system for iDevices that will work easily for the regular home user while being able to be ramped right up to a multi-tiered high security level that could utilize retinal scans and other forms of biometrics that would be ideal for the savvy enterprise user.
Apple's Patent Background
Portable electronic devices have become ubiquitous and continue to evolve to have an ever-expanding range of capabilities. It is not uncommon for a single device to perform multiple functions, including playing music, displaying video, storing pictures, sending and receiving email, receiving and transmitting phone calls, etc. Because of the portability of modern electronic devices, users often carry them wherever they go.
The increased convenience brought about by these devices is not without attendant perils. One potential downside, for example, is that unauthorized access to an electronic device may pose a dangerous security risk for a user. Users often have access to personal information (e.g., bank accounts, contact lists, and email) and confidential data (e.g., work related information) through their electronic devices that can be compromised in the event that the device is lost or stolen. One solution may be to provide password protection for each interaction between a user and his or her device, though frequent authentication may become onerous. Accordingly, what is needed are systems and methods for supporting various adaptive security profiles on an electronic device.
Apple's iDevices May Support Adaptive Security Profiles in the Future
Apple's patent generally relates to electronic devices that support various adaptive security profiles and methods. According to some embodiments, a method for supporting various adaptive security profiles may include maintaining a database that defines expected zones in which the electronic device may be located, obtaining a current location of the electronic device, determining whether the current location is located in, or near, one of the expected zones, and selectively applying one of a plurality of different security profiles based on the determination of whether the current location is located in, or near, one of the expected zones.
According to Apple's filing, an expected zone could generally be a geographic area where an electronic device expects itself to be, the boundaries of which may be determined by any suitable method. The expected zone may be determined by ascertaining a user's normal routine. Many people follow the same routine day after day (i.e., they wake up at home, go to work, and go back home) so an expected zone may be based on where a user usually is at a particular time on a particular day of the week, for example. Alternatively, or additionally, the expected zone may be ascertained by referencing a user's calendar or social network.
Apple Introduces the Security Profile Preferences Interface
Apple's patent FIGS. 5A through to 5D are various illustrative screen shots of an iPhone using adaptive security profiles.
In Apple's patent FIG. 5A we see a schematic view of an iPhone with a Security Profile Preferences interface. The Security Profile Preferences interface may include a list of defined Security Profiles 531, a corresponding list of defined Security Zones 532, an Add New Security Profile option 533, and an Edit Security Zones option 534.
Each security profile could generally include access provisions for one or more features or applications available on the electronic device. For example, a security profile could define whether user authentication is required for a particular feature or application and, if so, what type of authentication is required. A typical security profile could also define the number of invalid authentication attempts that a user may try before the device takes some predetermined action. For example, upon reaching the maximum number of invalid authorization attempts, the device may enter a reduced functionality mode.
Each security profile could be associated with a particular security zone. Each security zone could be an expected zone, a trusted zone, or groups of expected or trusted zones. An "un-trusted security zone" can also be defined for all zones that do not correspond to any expected zones defined in expected zone database.
High Security Profile # 1 Interface
In Apple's patent FIG. 5B we see an exemplary Security Profile 1 which could include a table with at least three columns: an Application column, an Authentication ("Auth") column (536), and an Attempts column (537). Each row of the table may generally represent a single set of security preferences for a feature, application, or group of applications. Any suitable method for authenticating a user may be implemented for each feature or application, including, but not limited to, one or more passcodes, pin numbers, or biometric indicators, such as fingerprint scans, voice recognition, retinal scans, etc.
In the case of Security Profile 1, which may in some embodiments be considered a "high security" profile, all features and applications require authentication. In some embodiments, a high security profile may require a stronger authentication method than a "lower security" profile. For example, a high security profile may require a longer or stronger passcode, and/or combinations or one or more of the authentication methods listed above.
Medium Security Profile # 2 Interface
In Apple's patent FIG. 5C we see a schematic view of an iPhone with an exemplary Security Profile 2 interface which could be generally referred to as a "medium security" profile. For example, Security Profile 2 only requires authentication for Power-On, Wake-Up, and access to the user's Email and secure files. The permissible number of invalid authentication attempts in column 537 may also be increased. Security Profile 2 may be useful, for example, when a user could be fairly confident that the device is not being used by an unauthorized person. In that case, access to non-confidential files, applications, and contacts may be given freely without the user having to provide frequent or more stringent authentication. For example, if a passcode and retinal scan is required for access to secure files in a high security profile, a medium security profile may only require a passcode. A medium security profile like Security Profile 2 may be appropriate when the device is in an expected zone.
Low Security Profile # 3 Interface
In Apple's patent FIG. 5D we see a schematic view of an iPhone with an exemplary Security Profile 3 interface which could be generally referred to as a "low security" profile. For example, Security Profile 3 only requires authentication for access to the user's secure files. Security Profile 3 may be useful, for example, when a user could be highly confident that the device is not being used by an unauthorized person. In that case, even access to the user's email may be given freely without the user having to take the time to authenticate themselves. In some embodiments, when authentication is required to access a particular feature or application in a low security profile, a weaker authentication method than that used in a high or medium security profile may satisfy the authorization threshold of the low security profile. For example, if a passcode is required for access to secure files in a medium security profile, a lower security profile may require a shorter or weaker passcode. A "low security" profile like Security Profile 3 may be appropriate when the device is in a trusted zone (e.g., a user's home or office).
Apple's '779 patent application was originally filed under serial number 100851 by inventors Michael Ingrassia and Jeffery Lee in May 2011. The application was published today by the US Patent and Trademark Office.
An Apple Store Security Patent: Power Cable with Built-In Security
If you've ever been to Apple Store then you know full well that the devices laid out on their classy wooden tables are all tethered by a security cable. This is the patent that's behind that security feature. If you wish to study it further in detail, you could check out patent application 20120279780.
Note that technological revelations revealed in Apple's Intellectual Property filings are not to be interpreted as rumor. Furthermore, fictitious rumor site timetables associated with Apple inventions and/or designs should be dismissed.
NOTICE: Patently Apple presents a detailed summary of patent applications with associated graphics for journalistic news purposes as each such patent application is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent application should be read in its entirety for full and accurate details. About Comments: Patently Apple reserves the right to post, dismiss or edit comments.