Token-based scheme for granting permissions

US 10,176,333 B2
Filed: 09/18/2015
Issued: 01/08/2019
Est. Priority Date: 09/18/2014
Status: Active Grant

First Claim

Patent Images

1. An electronic device comprising:

a memory; and

at least one processor configured to;

install an application by using an installation file associated with the application;

detect whether the installation file includes a permission setting token;

verify a validity of the permission setting token, wherein the verification is performed based on authentication information that is embedded in the permission setting token;

grant at least one permission to the application based on verifying that the permission setting token is valid;

store, in a database, an indication that the application is granted the permission;

when the application is executed, search the database for the indication;

if the indication of the permission is present in the database, execute one or more functions of the application permitted by the permission; and

if the indication of the permission is absent from the database, execute one or more functions of the application permitted by a signature of the installation file,wherein the permission setting token is signed with a key uniquely identifying a manufacturer of the electronic device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An electronic device comprising: a memory; and at least one processor configured to: install an application by using an installation file associated with the application; grant at least one permission to the application based on a permission setting token that is included in the installation file; and store, in a database, an indication that the application is granted the permission.

66 Citations

13 Claims

1. An electronic device comprising:
- a memory; and
  
  at least one processor configured to;
  
  install an application by using an installation file associated with the application;
  
  detect whether the installation file includes a permission setting token;
  
  verify a validity of the permission setting token, wherein the verification is performed based on authentication information that is embedded in the permission setting token;
  
  grant at least one permission to the application based on verifying that the permission setting token is valid;
  
  store, in a database, an indication that the application is granted the permission;
  
  when the application is executed, search the database for the indication;
  
  if the indication of the permission is present in the database, execute one or more functions of the application permitted by the permission; and
  
  if the indication of the permission is absent from the database, execute one or more functions of the application permitted by a signature of the installation file,wherein the permission setting token is signed with a key uniquely identifying a manufacturer of the electronic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The electronic device of claim 1, wherein the at least one processor is further configured to terminate a permission setting process in response to detecting that the permission setting token is absent from the installation file.
  - 3. The electronic device of claim 2, wherein the indication that the application is granted the permission is stored in the database in response to the permission setting token being valid.
  - 4. The electronic device of claim 1, wherein the at least one processor is further configured to perform a search of the database in response to a function of the application being accessed and perform the function based on an outcome of the search.
  - 5. The electronic device of claim 1, wherein the permission setting token comprises:
    - identification information of a manufacturer or a developer;
      
      permission information defining the at least one permission;
      
      period information defining an effective period of the at least one permission; and
      
      authentication information for validating the permission setting token.
  - 6. The electronic device of claim 5, wherein the at least one processor is further configured to grant the permission to the application for the effective period.
  - 7. The electronic device of claim 1, wherein the at least one processor is further configured to update the database based on a control signal that is received from an external electronic device.
  - 8. The electronic device of claim 1, wherein the at least one processor is further configured to execute the application based on the indication of the permission.
  - 9. The electronic device of claim 8, wherein the indication of the permission is retrieved by searching the database.

10. A method comprising:
- installing, by an electronic device, an application by using an installation file associated with the application;
  
  detecting whether the installation file includes a permission setting token;
  
  verifying a validity of the permission setting token, wherein the verification is performed based on authentication information that is embedded in the permission setting token;
  
  granting at least one permission to the application based on verifying that the permission setting token is valid;
  
  storing, in a database, an indication that the application is granted the permission;
  
  when the application is executed, searching the database for the indication;
  
  if the indication is present in the database, executing one or more functions of the application permitted by the permission; and
  
  if the indication is absent from the database, executing one or more functions of the application permitted by a signature of the installation file,wherein the permission setting token is signed with a key uniquely identifying a manufacturer of the electronic device.
- View Dependent Claims (11, 12)
- - 11. The method of claim 10, further comprising performing a search of the database in response to a function of the application being accessed, and performing the function based on an outcome of the search.
  - 12. The method of claim 10, further comprising terminating a permission setting process in response to detecting that the permission setting token is absent from the installation file.

13. An electronic device comprising:
- a memory; and
  
  at least one processor configured to;
  
  install an application by using an installation file associated with the application;
  
  detect whether the installation file includes a permission setting token;
  
  verify a validity of the permission setting token, wherein the verification is performed based on authentication information that is embedded in the permission setting token;
  
  grant at least one permission to the application based on the permission setting token and a signature of the installation file when the permission setting token is verified;
  
  store, in a database, an indication that the application is granted the permission;
  
  when the application is executed, search the database for the indication;
  
  if the indication of the permission is present in the database, execute one or more functions of the application permitted by the permission; and
  
  if the indication of the permission is absent from the database, execute one or more functions of the application permitted by the signature of the installation file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
Oh, Myeong Jin, Park, Ju Ha, Pak, Michael, Cho, Sung Kyu
Primary Examiner(s)
Turchen, James R

Application Number

US14/858,146
Publication Number

US 20160085977A1
Time in Patent Office

1,208 Days
Field of Search
US Class Current
CPC Class Codes

G06F 16/242   Query formulation

G06F 16/245   Query processing

G06F 21/44   Program or device authentic...

G06F 21/51   at application loading time...

G06F 21/62   Protecting access to data v...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 8/61   Installation

Token-based scheme for granting permissions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

66 Citations

13 Claims

Specification

Use Cases

Quick Links

Others

Token-based scheme for granting permissions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

13 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others