Verification that particular information is transferred by an application
First Claim
1. A method to test an application, the method comprising:
- providing substitute information, temporarily replacing information received in a request from the application, as the information to the application using a shim;
receiving a request from the application to output application information to an external computing device;
inspecting the application information before encryption using another shim during execution of the application to determine whether the substitute information is included in the application information;
obtaining an indication of consent of a user to transfer the application information to the external computing device; and
after replacing the substitute information, outputting the application information to the external computing device after testing indicates that the application intends to transfer the application information, wherein the application information includes a video signal.
2 Assignments
0 Petitions
Accused Products
Abstract
The technology includes a method to test what information an application transfers to an external computing device. A user'"'"'s consent is explicitly obtained before the application transfers certain types of information, such as sensitive information. When a determination is made that an application is transferring sensitive information, a prompt for consent from a user may be provided that is accurate and detailed. In pre-production environments, technology can be used to detect whether this sensitive information is being transferred, and to validate whether a prompt for consent is necessary or unnecessary. To determine this, shimming is used to intercept application calls to APIs that return sensitive information. Requested sensitive information may be substituted with recorded or forged information from those APIs to produce a sentinel or canary. Similarly, network traffic of the application may be analyzed by another shim to determine when the substitute information is present.
23 Citations
17 Claims
-
1. A method to test an application, the method comprising:
-
providing substitute information, temporarily replacing information received in a request from the application, as the information to the application using a shim; receiving a request from the application to output application information to an external computing device; inspecting the application information before encryption using another shim during execution of the application to determine whether the substitute information is included in the application information; obtaining an indication of consent of a user to transfer the application information to the external computing device; and after replacing the substitute information, outputting the application information to the external computing device after testing indicates that the application intends to transfer the application information, wherein the application information includes a video signal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An apparatus comprising:
-
at least one camera to obtain a video signal; at least one processor; and at least one processor readable memory to store an application having processor readable instructions and an authorization list comprising one or more authorized network addresses that the application can communicate with when executing, and the at least one processor readable memory to store an operating system that may allow the application to transfer at least a portion of the video signal to a computing device at one of the one or more authorized network addresses, wherein the at least one processor executes the processor readable instructions of the operating system and the application to; receive, by the operating system, a request from the application for the video signal obtained by the at least one camera, provide a substitute video signal comprising at least one of false recorded and forged information, by the operating system, to the application, receive, by the operating system, a request from the application to output application information to an external computing device, and before obtaining a user consent during execution of the application, determine whether the application outputs the application information by identifying the application as a trusted or non-trusted application based on the authorization list read from the application, wherein the request from the application for the video signal includes a call to an application programming interface to retrieve the video signal and the request from the application to output application information to the external computing device includes a call to an application programming interface to output the application information to a network address of the computing device. - View Dependent Claims (11, 12, 13)
-
-
14. One or more processor readable memories having instructions encoded thereon which when executed cause one or more processors to perform a method, the method comprising:
-
receiving a request for sensitive information from an application by calling a first application programming interface that returns the sensitive information; replacing the sensitive information with substitute information by intercepting the calls to the first application programming interface using a shim; providing the substitute information as the sensitive information to the application; receiving a request from the application to output application information to an external computing device at a network address by calling a second application programming interface; searching the application information, prior to encryption, to determine whether the substitute information is included in the application information using another shim to intercept the call to the second application programming interface; after replacing the substitute information, outputting the application information to the external computing device after testing indicates that the application intends to transfer the application information; and receiving the sensitive information, wherein the sensitive information includes at least a frame of a video signal and the substitute information is a frame of another video signal. - View Dependent Claims (15, 16, 17)
-
Specification