Systems and methods for classifying permissions on mobile devices
First Claim
1. A computer-implemented method for classifying permissions on mobile devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
- detecting, by the at least one processor, that an application installed and executing on a mobile device is issuing a request, through an operating system of the mobile device, for one or more requested permissions to access one or more components of the mobile device that would otherwise be blocked by the operating system of the mobile device;
determining, by the at least one processor, an intended use of the application;
in response to detecting that the application is issuing the request, performing, by the at least one processor and through a security system distinct from the application and the operating system, an analysis of the request being issued by the application at least in part by determining whether the intended use of the application corresponds to an expected use of the one or more requested permissions; and
providing, by the at least one processor via a graphical user interface and prior to an end user of the mobile device granting the one or more requested permissions to the application, a result of the analysis to the end user of the mobile device that indicates a security implication that would be caused by the end user granting the one or more requested permissions to the application.
2 Assignments
0 Petitions
Accused Products
Abstract
The disclosed computer-implemented method for classifying permissions on mobile devices may include (1) detecting that an application executing on a mobile device is issuing a request for one or more requested permissions to access one or more components of the mobile device, (2) determining an intended use of the application, (3) performing, through a security system distinct from the application and the operating system, an analysis of the request issued by the application at least in part by determining whether the intended use of the application corresponds to an expected use of the requested permission, and (4) providing, via a graphical user interface, a result of the analysis to an end user of the mobile device that indicates a security implication caused by granting the one or more requested permissions to the application. Various other methods, systems, and computer-readable media are also disclosed.
17 Citations
20 Claims
-
1. A computer-implemented method for classifying permissions on mobile devices, at least a portion of the method being performed by a computing device comprising at least one processor, the method comprising:
-
detecting, by the at least one processor, that an application installed and executing on a mobile device is issuing a request, through an operating system of the mobile device, for one or more requested permissions to access one or more components of the mobile device that would otherwise be blocked by the operating system of the mobile device; determining, by the at least one processor, an intended use of the application; in response to detecting that the application is issuing the request, performing, by the at least one processor and through a security system distinct from the application and the operating system, an analysis of the request being issued by the application at least in part by determining whether the intended use of the application corresponds to an expected use of the one or more requested permissions; and providing, by the at least one processor via a graphical user interface and prior to an end user of the mobile device granting the one or more requested permissions to the application, a result of the analysis to the end user of the mobile device that indicates a security implication that would be caused by the end user granting the one or more requested permissions to the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system for classifying permissions on mobile devices, the system comprising:
-
a detection module, stored in a memory of the system, that detects that an application installed and executing on a mobile device is issuing a request, through an operating system of the mobile device, for one or more requested permissions to access one or more components of the mobile device that would otherwise be blocked by the operating system of the mobile device; a determination module, stored in the memory, that determines an intended use of the application; a performing module, stored in the memory, that, in response to detecting that the application is issuing the request, performs, through a security system distinct from the application and the operating system, an analysis of the request issued by the application at least in part by determining whether the intended use of the application corresponds to an expected use of the one or more requested permissions; a providing module, stored in the memory, that provides, via a graphical user interface and prior to an end user of the mobile device granting the one or more requested permissions to the application, a result of the analysis to the end user of the mobile device that indicates a security implication that would be caused by the end user granting the one or more requested permissions to the application; and at least one physical computing processor configured to execute the detection module, the determination module, the performing module, and the providing module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A non-transitory computer-readable medium comprising one or more computer-readable instructions that, when executed by at least one processor of a computing device, cause the computing device to:
-
detect, by the at least one processor, that an application installed and executing on a mobile device is issuing a request, through an operating system of the mobile device, for one or more requested permissions to access one or more components of the mobile device that would otherwise be blocked by the operating system of the mobile device; determine, by the at least one processor, an intended use of the application; in response to detecting that the application is issuing the request, perform, by the at least one processor and through a security system distinct from the application and the operating system, an analysis of the request being issued by the application at least in part by determining whether the intended use of the application corresponds to an expected use of the one or more requested permissions; and provide, by the at least one processor via a graphical user interface and prior to an end user of the mobile device granting the one or more requested permissions to the application, a result of the analysis to the end user of the mobile device that indicates a security implication that would be caused by the end user granting the one or more requested permissions to the application.
-
Specification