`"'
`UTILITY
`PATENT APPLICATION
`TRANSMITTAL
`(Only for new nonprovisional applications under 37 CFR 1. 53(b))
`
`PTO/SB/05 (08-03)
`Approved for use through 07/31/2006. 0MB 0651-0032
`U.S. Patent and Trademark Office. U.S. DEPARTMENT OF COMMERCE
`
`Attorney Docket No.
`
`First Inventor
`
`Title
`
`555255-012798
`Neil P. Adams
`System and Method for Configuring Devices for Secure
`Operations
`
`Express Mail Label No. EV 302226610 US
`
`~
`
`r-1
`0
`
`\..
`
`-
`
`-APPl.;.ICA"l"ION-ELEMENTS -
`See MPEP chapter 600 concerning utility patent application contents.
`
`-
`
`-
`
`-
`--
`- -
`-
`ADDRESS TO:
`
`-
`
`-Mall Stop Patent Application-
`Commissioner for Patents
`P.O. Box 1460
`Alexandria VA 22313-1460
`
`-
`
`-
`
`-
`
`-
`
`1.@ Fee Transmittal Form (e.g., PTO/SB/17)
`(Submit an original and a duplicate for fee processing)
`2. □
`Applicant claims small entity status.
`3. IIZI See 37 CFR 1.27.
`
`27
`
`7.0 CD-ROM or CD-R in duplicate, large table or
`Computer Program (Appendix)
`8. Nucleotide and/or Amino Acid Sequence Submission
`(if apc:rle, all necessary)
`a.
`Computer Readable Form (CRF)
`
`I
`
`b.
`
`CD-ROM or CD-R (2 copies); or
`
`Paper
`
`[Total Pages
`Specification
`(preferred a"angement set forth below)
`- Descriptive title of the invention
`- Cross Reference to Related Applications
`- Statement Regarding Fed sponsored R & D
`- Reference to sequence listing, a table,
`or a computer program listing appendix
`- Background of the Invention
`- Brief Summary of the Invention
`- BriefDescription of the Drawings (if filed)
`- Detailed Description
`-Claim(s)
`• Abstract of the Disclosure
`
`4. m
`
`Drawing(s) (35 U.S.C. 113)
`
`[Total Sheets
`
`10
`
`5. Oath or Declaration
`
`(Total Sheets
`a. □ Newly executed (original or copy)
`b.0 Copy from a prior application (37 CFR 1.63(d))
`(for continuation/divisional with Box 18 completed)
`
`1
`
`I
`
`L □ DELETION OF INVENTOR($)
`Signed statement attached deleting inventor(s)
`name in the prior application, see 37 CFR
`1.63(d)(2) and 1.33(b).
`
`6. □ Application Data Sheet. See 37 CFR 1. 76
`
`15.0
`
`11.m
`
`Specification Sequence Listing on:
`i. D
`ii. D
`C. D
`Statements verifying identity of above copies
`ACCOMPANYING APPLICATION PARTS
`D
`Assignment Papers (cover sheet & document(s))
`9.
`10. D. 37 CFR 3.73(b) Statement □ Powerof
`(when there is an assignee)
`Attorney
`English Translation Document (if Olicable)
`11.D
`12. 0
`Information Disclosure
`Copies of IDS
`Statement (IDS)/PT0-1449
`Citations
`13. □
`Preliminary Amendment
`14,[Z] Return Receipt Postcard (MPEP 503)
`(Should be specifically itemized)
`Certified Copy of Priority Document(s)
`(if foreign priority is claimed)
`16.0 Nonpublication Request under 35 U.S.C. 122
`(b)(2)(B)(i). Applicant must attach form PTO/SB/35
`or its equivalent.
`Other: Claims priority on US Provisional
`601567,137 Filed 4/30/2004
`18. If a CONTINUING APPLICATION, check appropriate box, and supply the requisite information below and in the first sentence of the
`specification following the title, or in an Application Data Sheet under 37 CFR 1. 76:
`D Continuation-in-part (CIP)
`□ Divisional
`□ Continuation
`Art Unit:
`Examiner
`Prior application infonnation:
`For CONTINUATION OF DIVISIONAL APPS only; The entire disclosure of the prior application, from which an oath or declaration Is supplied under Box
`Sb, Is considered a part of the disclosure of the accompanying continuation or dlvlslonal application and Is hereby Incorporated by reference.
`The Incorporation~ be relied upon when a portion has been Inadvertently omitted from the submitted application parts.
`19. CORRESPONDENCE ADDRESS
`I
`
`of prior application No.:
`
`I
`
`OR m Correspondence address below
`
`□ Customer Number:
`Name
`
`John V. Biernacki, Esq.
`JONES DAY
`North Point 901 Lakeside Avenue
`Cleveland
`
`Address
`
`City
`Country
`
`USA
`/J .
`Name (Print/Type) Joh~ \Biernacki
`l ~ {)A 0- ~L..
`Signature
`
`I Zip Code 144114
`I State I Ohio
`I Telephone 1(216) 586-3939
`I Fax
`Registration No. (Attorney/Agent) 40,511
`Date
`
`1(216)579-0212
`
`I 02,2512005
`This collection of informati~t required by 37 CFR 1.53(b). The information is required to obtain or retain a benefit by the public which is to file (and by the
`USPTO to process) an appli
`ion. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR 1.14. This collection is estimated to take 12 minutes to complete,
`, and submitting the completed application form to the USPTO. Time will vary depending upon the individual case. Any comments
`including gathering, prepari
`on the amount of time you quire to complete this form and/or suggestions for reducing this burden. should be sent to the Chief Information Officer, U.S. Patent
`and Trademark Office, U.S. Department of Commerce, P.O. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND FEES OR COMPLETED FORMS TO THIS
`ADDRESS. SEND TO: Mall Stop Patent Application, Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450.
`If you need assistance in completing the fonn, call 1-800-PT0-9199 and select option 2.
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 001
`
`
`
`PTO/SB/17 (12-04v2)
`Approved for use through 07/31/2006. 0MB 0651-0032
`U.S. Patent and Trademark Office; U.S. DEPARTMENT OF COMMERCE
`..
`I Jnc1Ar thA P;mArwnrk RAth1r:tinn Ar:t nf 199fi nn nArsnns ;uA rAnuirAc1 tn rAsnnnct tn A rnllAr.tinn nf infnrm::1tinn unlP.ss it rtisnl::1vs ::1 vs:1lirt OMR r.nntrnl n11mhP.:r
`"'I
`Complete if Known
`
`Effective on 1210812004.
`Fees pursuant to the Consolidated Appropriations Act. 2005 (H.R. 4818).
`
`r
`
`FEE TRANSMITTAL Application Number
`For FY 2005
`0 Applicant claims small entity status. See 37 CFR 1.27
`Art Unit
`\..T_QT~L _AM~UN_! C>F__P~Th'IE_NJ: I{$)
`_ 1,300.00 - · ·Attomey·Docket·No. - 555255012798-
`
`METHOD OF PAYMENT {check all that apply)
`
`-
`
`Filing Date
`
`February 25, 2005
`First Named Inventor Neil P. Adams
`
`Examiner Name
`
`-
`
`·-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`~
`
`For the above-identified deposit account, the Director is hereby authorized to: (check all that apply)
`
`D Check D Credit Card DMoney Order 0None D Other (please identify):
`0 Deposit Account Deposit Account Number: 501432 (555255012798) Deposit Account Name: Jones Day
`D Charge fee(s) indicated below, except for the filing fee
`[Z] Credit any overpayments
`
`[Z]charge fee(s) indicated below
`
`[Z] Charge any additional fee(s) or underpayments of fee(s)
`under 37 CFR 1.16 and 1.17
`WARNING: Information on this form may become public. Credit card information should not be included on this form. Provide credit card
`information and authorization on PT0-2038,
`
`FEE CALCULATION
`
`1. BASIC FILING, SEARCH, AND EXAMINATION FEES
`FILING FEES
`SEARCH FEES
`Small Enti~
`Small Enti~
`
`Alllllication TJllle
`
`lli.111 ~ .Ett.W ~ .Ell1.l1 ~ Fees Paid m
`
`EXAMINATION FEES
`Small Entitll
`
`Utility
`
`Design
`
`Plant
`
`Reissue
`
`· Provisional
`
`300
`
`200
`
`200
`
`300
`
`200
`
`150
`
`100
`
`100
`
`150
`
`100
`
`500
`
`100
`
`300
`
`500
`
`0
`
`250
`
`· 50
`
`150
`
`250
`
`0
`
`200
`
`130
`
`160
`
`600
`
`0
`
`100
`
`65
`
`80
`
`300
`
`0
`
`1000
`
`2. EXCESS CLAIM FEES
`Fee Descri11tion
`Each claim over 20 (including Reissues)
`Each independent claim over 3 (including Reissues)
`Multiple dependent claims
`.Ell1.l1
`Total Claims
`Extra Claims
`22
`- 20 or HP=
`50
`?
`X
`HP = highest number of total claims paid for, if greater than 20.
`.Ell1.l1
`Extra Claims
`lnde11. Claims
`2QQ
`=
`4
`- 3 or HP =
`1
`X
`HP = highest number of independent claims paid for, if greater than 3.
`3. APPLICATION SIZE FEE
`If the specification and drawings exceed I 00 sheets of paper ( excluding electronically filed sequence or computer
`listings under 3 7 CFR I .52(e)), the application size fee due is $250 {$125 for small entity) for each additional 50
`sheets or fraction thereof. See 35 U.S.C. 41~){l){G) and 37 CFR l.16~s).
`Num er of each additional 50 or ractlon thereof
`Total Sheets
`Extra Sheets
`n
`0
`37
`(round up to a whole number) X
`- 100 =
`4. OTHER FEE{S)
`Non-English Specification, $130 fee (no small entity discount)
`
`Fee Paid (SI
`1QQ
`
`=
`
`Fee Paid ISi
`2QQ
`
`/ 50 =
`
`Small Entitll
`~ ~
`50
`25
`200
`100
`360
`180
`Mult111le De11endent Claims
`
`~ Fee Paid m
`0
`
`.Efil!.ill
`250
`
`=
`
`Fe!! Paid ISi
`0
`Fees Paid m
`
`0
`0
`
`SUBMITTED BY
`
`/
`
`Signature
`
`/'}
`
`/S.11_ ~ L: I Registration No.
`
`Other (e.g., late filing surcharge):
`'
`\ Af-£i
`
`Name (Print/Type) John½ Biernacki
`
`~
`
`.,
`
`IAttomev/Aoentl 40,511
`
`Telephone 21615a6-n47
`Date 02/25/2005
`
`This collection of informat:':f: required by 37 CFR 1.136. The information is required to obtain or retain a benefit by the public which is to file (and by the
`USPTO to process) an ap
`tion. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR 1.14. This collection is estimated to take 30 minutes to complete,
`including gathering, prepa g, and submitting the completed application form to the USPTO. Time will va dependin upon the individual case. An comments
`g
`ry
`y
`on the amount of time you require to complete this form and/or suggestions for reducing this burden, should be sent to the Chief Information Officer, U.S. Patent
`and Trademark Office, U.S. Department of Commerce, P.O. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND FEES OR COMPLETED FORMS TO THIS
`ADDRESS. SEND TO: Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450.
`If you need assistance in completing the form, ca/11-800-PTO-9199 and select option 2.
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 002
`
`
`
`- Under the Paoerwork Reduction Act of 1995 no oersons are reauired to resoond to a collection of information unless it disolavs a valid 0MB control number.
`"'
`UTILITY
`PATENT APPLICATION
`TRANSMITTAL
`(Only for new nonprovisional applications under 37 CFR 1. 53(b))
`
`PTO/SB/05 (08-03)
`Approved for use through 07/31/2006. 0MB 0651-0032
`U.S. Patent and Trademark Office. U.S. DEPARTMENT OF COMMERCE
`
`Attorney Docket No.
`
`First Inventor
`
`Title
`
`555255-012798
`Neil P. Adams
`System and Method for Configuring Devices for Secure
`Operations
`
`Express Mail Label No. EV 302226610 US
`
`~
`
`r-1
`0
`
`\..
`
`-
`
`-APPl.;.ICA"l"ION-ELEMENTS -
`See MPEP chapter 600 concerning utility patent application contents.
`
`-
`
`-
`
`-
`--
`- -
`-
`ADDRESS TO:
`
`-
`
`-Mall Stop Patent Application-
`Commissioner for Patents
`P.O. Box 1460
`Alexandria VA 22313-1460
`
`-
`
`-
`
`-
`
`-
`
`1.@ Fee Transmittal Form (e.g., PTO/SB/17)
`(Submit an original and a duplicate for fee processing)
`2. □
`Applicant claims small entity status.
`3. IIZI See 37 CFR 1.27.
`
`27
`
`7.0 CD-ROM or CD-R in duplicate, large table or
`Computer Program (Appendix)
`8. Nucleotide and/or Amino Acid Sequence Submission
`(if apc:rle, all necessary)
`a.
`Computer Readable Form (CRF)
`
`I
`
`b.
`
`CD-ROM or CD-R (2 copies); or
`
`Paper
`
`[Total Pages
`Specification
`(preferred a"angement set forth below)
`- Descriptive title of the invention
`- Cross Reference to Related Applications
`- Statement Regarding Fed sponsored R & D
`- Reference to sequence listing, a table,
`or a computer program listing appendix
`- Background of the Invention
`- Brief Summary of the Invention
`- BriefDescription of the Drawings (if filed)
`- Detailed Description
`-Claim(s)
`• Abstract of the Disclosure
`
`4. m
`
`Drawing(s) (35 U.S.C. 113)
`
`[Total Sheets
`
`10
`
`5. Oath or Declaration
`
`(Total Sheets
`a. □ Newly executed (original or copy)
`b.0 Copy from a prior application (37 CFR 1.63(d))
`(for continuation/divisional with Box 18 completed)
`
`1
`
`I
`
`L □ DELETION OF INVENTOR($)
`Signed statement attached deleting inventor(s)
`name in the prior application, see 37 CFR
`1.63(d)(2) and 1.33(b).
`
`6. □ Application Data Sheet. See 37 CFR 1. 76
`
`15.0
`
`11.m
`
`Specification Sequence Listing on:
`i. D
`ii. D
`C. D
`Statements verifying identity of above copies
`ACCOMPANYING APPLICATION PARTS
`D
`Assignment Papers (cover sheet & document(s))
`9.
`10. D. 37 CFR 3.73(b) Statement □ Powerof
`(when there is an assignee)
`Attorney
`English Translation Document (if Olicable)
`11.D
`12. 0
`Information Disclosure
`Copies of IDS
`Statement (IDS)/PT0-1449
`Citations
`13. □
`Preliminary Amendment
`14,[Z] Return Receipt Postcard (MPEP 503)
`(Should be specifically itemized)
`Certified Copy of Priority Document(s)
`(if foreign priority is claimed)
`16.0 Nonpublication Request under 35 U.S.C. 122
`(b)(2)(B)(i). Applicant must attach form PTO/SB/35
`or its equivalent.
`Other: Claims priority on US Provisional
`601567,137 Filed 4/30/2004
`18. If a CONTINUING APPLICATION, check appropriate box, and supply the requisite information below and in the first sentence of the
`specification following the title, or in an Application Data Sheet under 37 CFR 1. 76:
`D Continuation-in-part (CIP)
`□ Divisional
`□ Continuation
`Art Unit:
`Examiner
`Prior application infonnation:
`For CONTINUATION OF DIVISIONAL APPS only; The entire disclosure of the prior application, from which an oath or declaration Is supplied under Box
`Sb, Is considered a part of the disclosure of the accompanying continuation or dlvlslonal application and Is hereby Incorporated by reference.
`The Incorporation~ be relied upon when a portion has been Inadvertently omitted from the submitted application parts.
`19. CORRESPONDENCE ADDRESS
`I
`
`of prior application No.:
`
`I
`
`OR m Correspondence address below
`
`□ Customer Number:
`Name
`
`John V. Biernacki, Esq.
`JONES DAY
`North Point 901 Lakeside Avenue
`Cleveland
`
`Address
`
`City
`Country
`
`USA
`/J .
`Name (Print/Type) Joh~ \Biernacki
`l ~ {)A 0- ~L..
`Signature
`
`I Zip Code 144114
`I State I Ohio
`I Telephone 1(216) 586-3939
`I Fax
`Registration No. (Attorney/Agent) 40,511
`Date
`
`1(216)579-0212
`
`I 02,2512005
`This collection of informati~t required by 37 CFR 1.53(b). The information is required to obtain or retain a benefit by the public which is to file (and by the
`USPTO to process) an appli
`ion. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR 1.14. This collection is estimated to take 12 minutes to complete,
`, and submitting the completed application form to the USPTO. Time will vary depending upon the individual case. Any comments
`including gathering, prepari
`on the amount of time you quire to complete this form and/or suggestions for reducing this burden. should be sent to the Chief Information Officer, U.S. Patent
`and Trademark Office, U.S. Department of Commerce, P.O. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND FEES OR COMPLETED FORMS TO THIS
`ADDRESS. SEND TO: Mall Stop Patent Application, Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450.
`If you need assistance in completing the fonn, call 1-800-PT0-9199 and select option 2.
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 003
`
`
`
`PTO/SB/17 (12-04v2)
`Approved for use through 07/31/2006. 0MB 0651-0032
`U.S. Patent and Trademark Office; U.S. DEPARTMENT OF COMMERCE
`..
`I Jnc1Ar thA P;mArwnrk RAth1r:tinn Ar:t nf 199fi nn nArsnns ;uA rAnuirAc1 tn rAsnnnct tn A rnllAr.tinn nf infnrm::1tinn unlP.ss it rtisnl::1vs ::1 vs:1lirt OMR r.nntrnl n11mhP.:r
`"'I
`Complete if Known
`
`Effective on 1210812004.
`Fees pursuant to the Consolidated Appropriations Act. 2005 (H.R. 4818).
`
`r
`
`FEE TRANSMITTAL Application Number
`For FY 2005
`0 Applicant claims small entity status. See 37 CFR 1.27
`Art Unit
`\..T_QT~L _AM~UN_! C>F__P~Th'IE_NJ: I{$)
`_ 1,300.00 - · ·Attomey·Docket·No. - 555255012798-
`
`METHOD OF PAYMENT {check all that apply)
`
`-
`
`Filing Date
`
`February 25, 2005
`First Named Inventor Neil P. Adams
`
`Examiner Name
`
`-
`
`·-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`~
`
`For the above-identified deposit account, the Director is hereby authorized to: (check all that apply)
`
`D Check D Credit Card DMoney Order 0None D Other (please identify):
`0 Deposit Account Deposit Account Number: 501432 (555255012798) Deposit Account Name: Jones Day
`D Charge fee(s) indicated below, except for the filing fee
`[Z] Credit any overpayments
`
`[Z]charge fee(s) indicated below
`
`[Z] Charge any additional fee(s) or underpayments of fee(s)
`under 37 CFR 1.16 and 1.17
`WARNING: Information on this form may become public. Credit card information should not be included on this form. Provide credit card
`information and authorization on PT0-2038,
`
`FEE CALCULATION
`
`1. BASIC FILING, SEARCH, AND EXAMINATION FEES
`FILING FEES
`SEARCH FEES
`Small Enti~
`Small Enti~
`
`Alllllication TJllle
`
`lli.111 ~ .Ett.W ~ .Ell1.l1 ~ Fees Paid m
`
`EXAMINATION FEES
`Small Entitll
`
`Utility
`
`Design
`
`Plant
`
`Reissue
`
`· Provisional
`
`300
`
`200
`
`200
`
`300
`
`200
`
`150
`
`100
`
`100
`
`150
`
`100
`
`500
`
`100
`
`300
`
`500
`
`0
`
`250
`
`· 50
`
`150
`
`250
`
`0
`
`200
`
`130
`
`160
`
`600
`
`0
`
`100
`
`65
`
`80
`
`300
`
`0
`
`1000
`
`2. EXCESS CLAIM FEES
`Fee Descri11tion
`Each claim over 20 (including Reissues)
`Each independent claim over 3 (including Reissues)
`Multiple dependent claims
`.Ell1.l1
`Total Claims
`Extra Claims
`22
`- 20 or HP=
`50
`?
`X
`HP = highest number of total claims paid for, if greater than 20.
`.Ell1.l1
`Extra Claims
`lnde11. Claims
`2QQ
`=
`4
`- 3 or HP =
`1
`X
`HP = highest number of independent claims paid for, if greater than 3.
`3. APPLICATION SIZE FEE
`If the specification and drawings exceed I 00 sheets of paper ( excluding electronically filed sequence or computer
`listings under 3 7 CFR I .52(e)), the application size fee due is $250 {$125 for small entity) for each additional 50
`sheets or fraction thereof. See 35 U.S.C. 41~){l){G) and 37 CFR l.16~s).
`Num er of each additional 50 or ractlon thereof
`Total Sheets
`Extra Sheets
`n
`0
`37
`(round up to a whole number) X
`- 100 =
`4. OTHER FEE{S)
`Non-English Specification, $130 fee (no small entity discount)
`
`Fee Paid (SI
`1QQ
`
`=
`
`Fee Paid ISi
`2QQ
`
`/ 50 =
`
`Small Entitll
`~ ~
`50
`25
`200
`100
`360
`180
`Mult111le De11endent Claims
`
`~ Fee Paid m
`0
`
`.Efil!.ill
`250
`
`=
`
`Fe!! Paid ISi
`0
`Fees Paid m
`
`0
`0
`
`SUBMITTED BY
`
`/
`
`Signature
`
`/'}
`
`/S.11_ ~ L: I Registration No.
`
`Other (e.g., late filing surcharge):
`'
`\ Af-£i
`
`Name (Print/Type) John½ Biernacki
`
`~
`
`.,
`
`IAttomev/Aoentl 40,511
`
`Telephone 21615a6-n47
`Date 02/25/2005
`
`This collection of informat:':f: required by 37 CFR 1.136. The information is required to obtain or retain a benefit by the public which is to file (and by the
`USPTO to process) an ap
`tion. Confidentiality is governed by 35 U.S.C. 122 and 37 CFR 1.14. This collection is estimated to take 30 minutes to complete,
`including gathering, prepa g, and submitting the completed application form to the USPTO. Time will va dependin upon the individual case. An comments
`g
`ry
`y
`on the amount of time you require to complete this form and/or suggestions for reducing this burden, should be sent to the Chief Information Officer, U.S. Patent
`and Trademark Office, U.S. Department of Commerce, P.O. Box 1450, Alexandria, VA 22313-1450. DO NOT SEND FEES OR COMPLETED FORMS TO THIS
`ADDRESS. SEND TO: Commissioner for Patents, P.O. Box 1450, Alexandria, VA 22313-1450.
`If you need assistance in completing the form, ca/11-800-PTO-9199 and select option 2.
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 004
`
`
`
`11 EV3 □ 222661 □ usJ
`
`SYSTEM AND METHOD FOR CONFIGURING DEVICES
`
`FOR SECURE OPERA TIO NS
`
`CROSS-REFERENCE TO RELATED APPLICATIONS _ _ _ _ _ _
`
`5
`
`This application claims priority to and the benefit of commonly assigned United States
`
`Provisional Application having serial number 60/567,137, filed April 30, 2004, entitled
`
`"SYSTEM AND METHOD FOR CONFIGURING DEVICES FOR SECURE OPERATION,"
`
`which is hereby incorporated by reference in its entirety for all purposes.
`
`10
`
`.BACKGROUND
`
`Technical Field
`
`The present invention relates generally to the field of communications, and in particular
`
`to configuring devices for secure operations .
`
`. Description of the Related Art
`
`15
`
`Mobile wireless communications devices are increasingly being used within corporate
`
`and governmental organizations. With the increased usage of mobile devices, companies are
`
`faced with the issue of defining and enforcing a secure mode of operation for their deployed
`
`devices that they consider secure and in accordance with their corporate or government security
`
`policy.
`
`20
`
`For example, when government agencies purchase and deploy a product that has been
`
`validated to FIPS 140-2 ("Security Requirements for Cryptographic Modules") the product is
`
`only authorized for use by employees when it operates in a secure mode of operation referred to
`
`as the FIPS mode of operation. With the many different security settings that are potentially
`
`-1-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 005
`
`
`
`configurable, the task of defining and configuring a secure mode of operation on an individual IT
`
`policy basis for multiple devices is difficult. Also, once a device is configured into a secure
`
`mode, the device operator does not have an efficient way to know that the device has been so
`
`configured.
`
`5
`
`SUMMARY
`
`In accordance with the teachings disclosed herein, systems and methods are provided for
`
`establishing security-related modes of operation for computing devices. As an example of a
`
`system and method, a policy data store contains security mode configuration data related to the
`
`10
`
`computing devices. Security mode configuration data is used in establishing a security-related
`
`mode of operation for the computing devices.
`
`As another example, a computing device can be configured to utilize a centralized policy
`
`data store to implement a security-related mode of operation. The computing device includes a
`
`communication interface and a system processor. The communication interface facilitates
`
`15
`
`communication between a centralized policy data store and the computing device. Processing
`
`instructions that operate on the computing device include security instructions that place the
`
`computing device in a secure mode of operation responsive to configuration data received from
`
`the centralized policy data store via the communication interface. The system processor
`
`· instructions can also include user interface instructions for sending a notification to a display
`
`. '
`20
`
`associated with the computing device. The output can include a visual indication of the security
`
`mode of operation.
`
`As will be appreciated, the systems and methods disclosed herein are capable of different
`
`embodiments, and its details are capable of modifications in various respects. Accordingly, the
`
`-2-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 006
`
`
`
`drawings and description set forth below are to be regarded as illustrative in nature and not
`
`restrictive.
`
`BRIEF DESCRIPTION OF THE ORA WINGS
`
`5
`
`FIG. 1 is an overview of an example communication system in which a wireless
`
`communication device may be used.
`
`FIG. 2 is a block diagram of a further example communication system including multiple
`
`networks and multiple mobile communication devices.
`
`FIG. 3 is a block diagram depicting a system wherein an IT (information technology)
`
`10
`
`administrator can collect and store IT security policies.
`
`FIG. 4 is a block diagram depicting different security mode instructions being provided to
`
`devices.
`
`FIG. 5 is a block diagram depicting the generation of visual indicators for display to users
`
`that indicate the devices' secure mode of operation type.
`
`15
`
`FIG. 6 is a flowchart depicting an operational scenario wherein a security policy is
`
`deployed to multiple devices.
`
`FIG. 7 is a block diagram depicting the deployment of a FIPS mode of operation.
`
`FIGS. 8 and 9 are block diagrams depicting multiple security mode settings being
`
`deployed to the devices.
`
`20
`
`FIG. 10 is a block diagram of an example mobile device.
`
`-3-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 007
`
`
`
`DETAILED DESCRIPTION OF THE DRAWINGS
`
`FIG. 1 is an overview of an example communication system in which a wireless
`
`communication device may be used. One skilled in the art will appreciate that there may be
`
`_______ hundreds of different top..9lQgie~, _huJ the_ sys_tem_sho.wn in EIG._l _helps-demonstrate the operation-
`
`s
`
`of the encoded message processing systems and methods described in the present application.
`
`There may also be many message senders and recipients. The simple system shown in FIG. 1 is
`
`for illustrative purposes only, and shows perhaps the most prevalent Internet e-mail environment
`
`where security is not generally used.
`
`FIG. 1 shows an e-mail sender 10, the Internet 20, a message server system 40, a wireless
`
`10
`
`gateway 85, wireless infrastructure 90, a wireless network 105 and a mobile communication.
`
`device 100.
`
`An e-mail sender system 10 may, for example, be connected to an ISP (Internet Service
`
`Provider) on which a user of the system 10 has an account, located within a company, possibly
`
`connected to a local area network (LAN), and connected to the Internet 20, or connected to the
`
`15
`
`Internet 20 through a large ASP (application service provider) such as America Online (AOL).
`
`Those skilled in the art will appreciate that the systems shown in FIG. 1 may instead be
`
`· connected to a wide area network (WAN) other than the Internet, although e-mail transfers are
`
`commonly accomplished through Internet-connected arrangements as shown in FIG. 1.
`
`The message server 40 may be implemented, for example, on a network computer within
`
`20
`
`the firewall of a corporation, a computer within an ISP or ASP system or the like, and acts as the
`
`• main interface for e-mail exchange over the Internet 20. Although other messaging systems
`
`might not require a message server system 40, a mobile device 100 configured for receiving and
`
`possibly sending e-mail will normally be associated with an account on a message server.
`
`-4-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 008
`
`
`
`Perhaps the two most common message servers are Microsoft Exchange™ and Lotus Domino™.
`
`These products are often used in conjunction with Internet mail routers that route and deliver
`
`mail. These intermediate components are not shown in FIG. 1, as they do not directly play a role
`
`__ ii!_ the se_c!!!~ mess_age_pr_oc~s~ipg clescrihed _belo.w. _Message_servers_such_as-server -40 typically -
`
`5
`
`extend beyond just e-mail sending and receiving; they also include dynamic database storage
`
`engines that have predefined database formats for data like calendars, to-do lists, task lists, e(cid:173)
`
`mail and documentation.
`
`The wireless gateway 85 and infrastructure 90 provide a link between the Internet 20 and
`
`wireless network 105. The wireless infrastructure 90 determines the most likely network for
`
`10
`
`_ locating a given user and tracks the user as they roam between countries or networks. A message
`
`is then delivered to the mobile device 100 via wireless transmission, typically at a radio
`
`frequency (RF), from a base station in the wireless network 105 to the mobile device 100. The
`
`particular network 105 may be virtually any wireless network over which messages may be
`
`exchanged with a mobile communication device.
`
`15
`
`As shown in FIG. 1, a composed e-mail message 15 is sent by the e-mail sender 10,
`
`located somewhere on the Internet 20. This message 15 is normally fully in the clear and uses
`
`traditional Simple Mail Transfer Protocol (SMTP), RFC822 headers and Multipurpose Internet
`
`Mail Extension (MIME) body parts to define the format of the mail message. These techniques
`
`are all well known to those skilled in the art. The message 15 arrives at the message server 40
`
`. '·
`20
`
`and is normally stored in a message store. Most known messaging systems support a so-called
`
`"pull" message access scheme, wherein the mobile device 100 must request that stored messages
`
`be forwarded by the message server to the mobile device 100. Some systems provide for
`
`automatic routing of such messages which are addressed using a specific e-mail address
`
`-5-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 009
`
`
`
`associated with the mobile device 100. In a preferred embodiment described in further detail
`
`below, messages addressed to a message server account associated with a host system such as a
`
`. home computer or office computer which belongs to the user of a mobile device 100 are
`
`redirected from the message server 4Q_tQ t]l~ !J1Qbik d_e\.'.ice_ L00_as they_are-received.- -- - - - -
`- - - -
`-
`-
`-
`-
`---
`- --- -
`-
`-
`
`-
`
`-
`
`-
`
`5
`
`Regardless of the specific mechanism controlling the forwarding of messages to the
`
`mobile device 100, the message 15, or possibly a translated or reformatted version thereof, is
`
`sent to the wireless gateway 85. The wireless infrastructure 90 includes a series of connections
`
`to wireless network 105. These connections could be Integrated Services Digital Network
`
`(ISDN), Frame Relay or Tl connections using the TCP/IP protocol used throughout the Internet.
`
`10 As used herein, the term "wireless network" is intended to include three different types of
`
`networks, those being (1) data-centric wireless networks, (2) voice-centric wireless networks and
`
`(3) dual-mode networks that can support both voice and data communications over the same
`
`physical base stations. Combined dual-mode networks include, but are not limited to, (1) Code
`
`Division Multiple Access (CDMA) networks, (2) the Groupe Special Mobile or the Global
`
`15
`
`System for Mobile Communications (GSM) and the General Packet Radio Service (GPRS)
`
`networks, and (3) future third-generation (3G) networks like Enhanced Data-rates for Global
`
`l;J
`Evolution (EDGE) and Universal Mobile Telecommunications Systems (UMTS). Some older
`
`examples of data-centric network include the Mobitex ™ Radio Network and the Data TAC™
`
`Radio Network.
`
`Examples of older voice-centric data networks
`
`include Personal
`
`20 Communication Systems (PCS) networks like GSM, and TOMA systems.
`
`FIG. 2 is a block diagram of a further example communication system including multiple
`
`networks and multiple mobile communication devices. The system of FIG. 2 is substantially
`
`similar to the FIG. 1 system, but includes a host system 30, a redirection program 45, a mobile
`
`-6-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 010
`
`
`
`device cradle 65, a wireless virtual private network (VPN) router 75, an additional wireless
`
`network 110 and multiple mobile communication devices 100. As described above in conjunction
`
`with FIG. 1, FIG. 2 represents an overview of a sample network topology. Although the encoded
`
`message processing systems and methods described hereiD, _l}l_ay _ _be_ applied to-networks -having -
`- - -
`- -
`·- - -
`-
`-
`- -
`- - -
`-
`- - - -
`- - - --- ~
`- -- - -
`- -
`-
`
`-
`
`5
`
`many different topologies, the network of FIG. 2 is useful in understanding an automatic e-mail
`
`redirection system mentioned briefly above.
`
`The central host system 30 will typically be a corporate office or other LAN, but may
`
`instead be a home office computer or some other private system where mail messages are being
`
`exchanged. Within the host system 30 is the message server 40, running on some computer
`
`10 within the firewall of the host system, that acts as the main interface for the host system to
`
`exchange e-mail with the Internet 20.
`
`In the system of FIG. 2, the redirection program 45
`
`enables redirection of data items from the server 40 to a mobile communication device 100.
`
`Although the redirection program 45 is 'shown to reside on the same machine as the message
`
`server 40 for ease of presentation, there is no requirement that it must reside on the message
`
`15
`
`server. The redirection program 45 and the message server 40 are designed to co-operate and
`
`',
`
`interact to allow the pushing of information to mobile devices 100.
`
`In this installation, the
`
`redirection program 45 takes confidential and non-confidential corporate information for a
`
`specific user and redirects it out through the corporate firewall to mobile devices 100. A more
`
`detailed description of the redirection software 45 may be found in the commonly assigned
`
`20 United States Patent 6,219,694 ("the '694 Patent"), entitled "System and Method for Pushing
`
`Information From A Host System To A Mobile Data Communication Device Having A Shared
`
`Electronic Address", and issued to the assignee of the instant application on April 17, 2001,
`
`which is hereby incorporated into the present application by reference. This push technique may
`
`-7-
`
`MOBILEIRON, INC. - EXHIBIT 1004
`Page 011
`
`
`
`use a wireless friendly encoding, compression and encryption technique to deliver all
`
`. information to a mobile device, thus effectively extending the security firewall to include each
`
`mobile device 100 associated with the host system 30 .
`
`... As shown in FIG. 2, ther~ may be_many .alternative paths for. getting-information to the -