Safe application distribution and execution in a wireless environment
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04M-001/68
H04M-001/66
H04Q-007/20
출원번호
US-0728904
(2010-03-22)
등록번호
US-8112076
(2012-02-07)
발명자
/ 주소
Lundblade, Laurence
Phillips, Marc S.
Minear, Brian
Zhuang, Yan
Krishnan, Anand
Sprigg, Stephen A.
Chmaytelli, Mazen
Oliver, Mitchell B.
Horel, Gerald Charles
Crossland, Karen
출원인 / 주소
QUALCOMM Incorporated
대리인 / 주소
Yadegar-Bandari, Fariba
인용정보
피인용 횟수 :
7인용 특허 :
43
초록▼
The present invention provides safe and secure application distribution and execution by providing systems and methods that test an application to ensure that it satisfies predetermined criteria associated with the environment in which it will execute. Furthermore, by using rules and permission list
The present invention provides safe and secure application distribution and execution by providing systems and methods that test an application to ensure that it satisfies predetermined criteria associated with the environment in which it will execute. Furthermore, by using rules and permission lists, application removal, and a modification detection technique, such as digital signatures, the present invention provides mechanisms to safely distribute and execute tested, or untested, applications by determining whether the application has been modified, determining if it has permission to execute in a given wireless device environment, and removing the application should it be desirable to do so.
대표청구항▼
1. A non-transitory computer-readable medium containing computer-executable instructions for distributing an application for use on a wireless device communicating over a wireless network, comprising the steps of: receiving the application and a first identification information associated with the a
1. A non-transitory computer-readable medium containing computer-executable instructions for distributing an application for use on a wireless device communicating over a wireless network, comprising the steps of: receiving the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;determining that the application satisfies each criterion in a set of criteria, wherein at least one criterion in the set of criteria is established by a managing authority for a managed environment;after the determining, assigning a set of permissions to the application, each permission in the set of permissions being associated with a respective criterion in the set of criteria; andtransmitting the application and the set of permissions to the wireless device. 2. The non-transitory computer-readable medium of claim 1, wherein the set of criteria comprises a first criterion associated with a generic wireless network and a second criterion associated with a specific wireless network. 3. The non-transitory computer-readable medium of claim 2, wherein the first criterion is associated with operations the application is allowed to perform on the wireless device, and the second criterion is associated with an authorization needed for operation with the specific wireless network. 4. The non-transitory computer-readable medium of claim 1, wherein in the transmitting, at least the application is transmitted using a modification detection technique. 5. The non-transitory computer-readable medium of claim 4, wherein the modification detection technique uses a digital signature. 6. The non-transitory computer-readable medium of claim 1, wherein the managed environment comprises the wireless network. 7. A system for processing and distributing an application for use on a wireless device communicating over a wireless network, comprising: a server configured to: receive the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;determine that the application satisfies each criterion in a set of criteria, wherein at least one criterion in the set of criteria is established by a managing authority for a managed environment;after the determination, assign a set of permissions to the application, each permission in the set of permissions being associated with a respective criterion in the set of criteria; andtransmit the application and the set of permissions to the wireless device. 8. The system of claim 7, wherein a modification detection technique is used in the step to transmit the application and the set of permissions to the wireless device. 9. The system of claim 7, wherein the server comprises: an inter-server network;a first server configured to receive the application;a second server configured to determine that the application satisfies the criteria; anda third server configured to assign the set of permissions and transmit the application,wherein the first, second, and third server are each coupled to the inter-server network. 10. A system for processing and distributing an application for use on a wireless device communicating over a wireless network, comprising: a server means, comprising: means for receiving the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;means for determining that the application satisfies each criterion in a set of criteria, wherein at least one criterion in the set of criteria is established by a managing authority for a managed environment;means for assigning a set of permissions to the application, each permission in the set of permissions being associated with a respective criterion in the set of criteria; andmeans for transmitting the application and the set of permissions to the wireless device. 11. A non-transitory computer-readable medium containing computer-executable instructions for processing an application for execution on a wireless device communicating over a wireless network comprising the steps of: receiving, from a server over the wireless network, a transmission comprising the application and a set of permissions;determining, based upon evaluating a rule previously stored in the wireless device on the set of permissions, whether to enable the application for execution on the wireless device;executing the application if the application has been enabled for execution; anddisabling the application if the application has not been enabled for execution on the wireless device. 12. The non-transitory computer-readable medium of claim 11, further comprising: repeating the determining step each time a request to execute the application occurs. 13. The non-transitory computer-readable medium of claim 11, further comprising: determining whether the application has been modified; andif it is determined that the application has been modified, disabling the application from executing on the wireless device. 14. The non-transitory computer-readable medium of claim 11, wherein disabling the application comprises disabling the application and leaving the application on the wireless device. 15. The non-transitory computer-readable medium of claim 11, wherein disabling the application comprises disabling the application and deleting the application from the wireless device. 16. The non-transitory computer-readable medium of claim 11, wherein determining whether to enable the application for execution on the wireless device comprises determining whether the application is enabled for execution in the wireless network. 17. A wireless device which communicates over a wireless network and is capable of executing an application, comprising: a wireless interface for receiving the application, a set of permissions, and an identification information, the application being independent of any act for performing wireless communication between the wireless device and the wireless network; anda computer platform coupled to the wireless interface, the computer platform comprising a storage for storing a previously defined rule, the application, the set of permissions, and the identification information,wherein the computer platform is configured to determine, based upon evaluating one or more rules against the set of permissions: whether to enable the application for execution on the wireless device; andwhether to enable the application for execution in the wireless network; and further wherein the computer platform is configured to:execute the application if the application has been enabled for execution; andremove the application if the application has not been enabled for execution. 18. The wireless device of claim 17, wherein the computer platform is further configured to remove the application by disabling the application and leaving the application on the wireless device. 19. The wireless device of claim 17, wherein the wireless interface is further operative for receiving identification information that identifies an originator of the application. 20. A wireless device which communicates over a wireless network and is capable of executing an application, comprising: a wireless interface means for receiving the application, a set of permissions, and an identification information, the application being independent of any act for performing wireless communication between the wireless device and the wireless network; anda computer platform means, coupled to the wireless interface means, the computer platform means comprising: a storage means for storing one or more previously defined rules, the application, the set of permissions, and the identification information;means for determining, based upon evaluating at least one rule against the set of permissions, whether to enable the application for execution on the wireless device and whether to enable the application for execution in the wireless network; andmeans for executing the application if the application has been enabled for execution on the wireless device and in the wireless network. 21. The wireless device of claim 20, wherein the computer platform means further comprises: means for disabling the application if the application has not been enabled for execution either on the wireless device or in the wireless network. 22. A non-transitory computer-readable medium containing computer-executable instructions for processing and distributing an application for use on a wireless device communicating over a wireless network, comprising the steps of: receiving the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;certifying the application satisfies each criterion in a set of criteria, wherein each criterion is respectively associated with a wireless environment;after the certifying, assigning a set of permissions to the application, the set of permissions having a plurality of permissions each associated with a respective criterion in the set of criteria; andtransmitting the application, the set of permissions, and a second identification information usable to confirm an identity of a server, to the wireless device. 23. The non-transitory computer-readable medium of claim 22, wherein the set of criterion comprises a first criterion associated with a generic wireless network and a second criterion associated with a specific wireless network. 24. The non-transitory computer-readable medium of claim 22, wherein in the step of transmitting, at least the application is transmitted using a modification detection technique. 25. The non-transitory computer-readable medium of claim 24, wherein the modification detection technique uses a digital signature. 26. A method for a server processing and distributing an application for use on a wireless device communicating over a wireless network, comprising: receiving the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;certifying the application satisfies each criterion in a set of criteria, wherein each criterion is respectively associated with a wireless environment;after the certifying, assigning a set of permissions to the application, the set of permissions having a plurality of permissions each associated with a respective criterion in the set of criteria; andtransmitting the application, the set of permissions, and a second identification information usable to confirm an identity of the server, to the wireless device. 27. The method of claim 26, wherein the set of criteria comprises a first criterion associated with a generic wireless network and a second criterion associated with a specific wireless network. 28. The method of claim 26, wherein in the transmitting, at least the application is transmitted using a modification detection technique. 29. The method of claim 28, wherein the modification detection technique uses a digital signature. 30. A system for processing and distributing an application for use on a wireless device communicating over a wireless network, comprising: a server configured to: receive the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;certify that the application satisfies each criterion in a set of criteria, wherein each criterion is respectively associated with a wireless environment;after the certify, assign a set of permissions to the application, the set of permissions having a plurality of permissions each associated with a respective criterion in the set of criteria, andtransmit the application, the set of permissions, and a second identification information usable to confirm an identity of the server, to the wireless device over the carrier network and the infrastructure. 31. The system of claim 30, wherein a modification detection technique is used in the step to transmit the application, the set of permissions, and the second identification information to the wireless device. 32. The system of claim 31, wherein the server comprises: an inter-server network;a first server configured to receive the application;a second server configured to certify the application; anda third server configured to assign a set of permissions and transmit the application,wherein the first, second, and third server are each coupled to the inter-server network. 33. A system for processing and distributing an application for use on a wireless device communicating over a wireless network, comprising: a server means, comprising: means for receiving the application and a first identification information associated with the application, the application being independent of any act for performing wireless communication between the wireless device and the wireless network, the first identification information being used to confirm an identity of a source of the application;means for certifying the application satisfies each criterion in a set of criteria, wherein each criterion is respectively associated with a wireless environment;means for assigning a set of permissions to the application after the application has been certified by the means for certifying, the set of permissions having a plurality of permissions each associated with a respective criterion in the set of criteria; andmeans for transmitting the application, the set of permissions, and a second identification information usable to confirm an identity of the server, to the wireless device. 34. A non-transitory computer-readable medium containing computer-executable instructions for processing an application for execution on a wireless device communicating over a wireless network, comprising the steps of: receiving a transmission comprising the application, a set of permissions, and an identification information;determining, based upon evaluating a rule previously stored in the wireless device on the set of permissions, whether to enable the application for execution; andexecuting the application if the application has been enabled for execution. 35. The non-transitory computer-readable medium of claim 34, further comprising: removing the application from the wireless device if the application has not been enabled for execution. 36. The non-transitory computer-readable medium of claim 34, further comprising: determining whether the application was modified during the transmission; andif it is determined that the application was modified during the transmission, removing the application from the wireless device. 37. A method of processing an application for execution on a wireless device communicating over a wireless network, comprising: receiving a transmission comprising the application, a set of permissions, and an identification information;determining, based upon evaluating a rule previously stored in the wireless device on the set of permissions, whether to enable the application for execution; andexecuting the application if the application has been enabled for execution. 38. The method of claim 37, further comprising: removing the application from the wireless device if the application has not been enabled for execution. 39. The method of claim 37, further comprising: determining whether the application was modified during the transmission; andif it is determined that the application was modified during the transmission, removing the application from the wireless device. 40. A wireless device which communicates over a wireless network and is capable of executing an application, comprising: a wireless interface for receiving the application, a set of permissions, and an identification information, the application being independent of any act for performing wireless communication between the wireless device and the wireless network; anda computer platform, coupled to the wireless interface, the computer platform comprising a storage for storing a rule, the application, the set of permissions, and the identification information,wherein the computer platform is configured to determine, based upon evaluating the rule on the set of permissions: whether to enable the application for execution;execute the application if the application has been enabled for execution; andremove the application if the application has not been enabled for execution. 41. A wireless device which communicates over a wireless network and is capable of executing an application, comprising: a wireless interface means for receiving the application, a set of permissions, and an identification information, the application being independent of any act for performing wireless communication between the wireless device and the wireless network; anda computer platform means, coupled to the wireless interface, the computer platform means comprising: a storage means for storing a rule, the application, the set of permissions, and the identification information; andmeans for determining, based upon evaluating the rule on the set of permissions whether to enable the application for execution, execute the application if the application has been enabled for execution, and remove the application if the application has not been enabled for execution.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (43)
White,Christopher, Automated device behavior management based on network charging and rating conditions.
Kent Fillmore Hayes, Jr. ; Brett Graham King, Client-server system for maintaining a user desktop consistent with server application user access permissions.
Basilier, Henrik; Gustafson, Ulf, Method and system for combined transmission of access specific access independent and application specific information over public IP networks between visiting and home networks.
Geiger, Robert L.; Lin, Jyh-Han; Van Peursem, James E.; Palaniswamy, Avinash C.; Subramanian, Ambiga; Battenhouse, Anna, Method for validating an application for use in a mobile communication device.
Coleman Andrew (Vestal NY) Henry John A. (Endwell NY) Maslak Barbara A. M. (Endwell NY) Pruul Edmond A. (Afton NY) Showalter James M. (Endicott NY) Stone Richard L. (Johnson City NY) Szczygielski Tho, Registration of resources for commit procedures.
Moles, Bryan J.; Herle, Sudhindra P., System and method for automatically creating and updating a mobile station configuration database in a wireless network.
Nilsen Arild,NOX ; Berntzen Rune,NOX, System for monitoring telephone networks and/or data communication networks, especially mobile telephone networks.
Rachabathuni, Sailesh; Griffiths, Jonathan; Rankin, Paul John, Wireless system, a method of selecting an application while receiving application specific messages and user location method using user location awareness.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.