Systems and methods for security analysis of applications on user mobile devices while maintaining user application privacy
First Claim
1. A method, comprising:
- generating at least one cryptographic representation for a company identifier and at least one type of application information for an application residing on a mobile device, the at least one type of application information comprising an application name, the at least one cryptographic representation being a composite hash of both the application name and the company identifier;
transmitting the at least one cryptographic representation for determination of whether the application is permitted for a company identified by the company identifier; and
receiving the determination indicating whether the application is permitted for the company, the company being associated with a company specific permitted list or not permitted list comprising composite hashes of application names and company identifiers.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for analyzing applications (“apps”) on a mobile device for security risks for a company while maintaining the mobile device owner'"'"'s privacy and confidentiality concerning the applications. The mobile device may be a user'"'"'s personal device (a “bring your own device”). In an example method, a process generates one or more cryptographic representations of application information for each application on the mobile device. The cryptographic representations may comprise a hash or composite hash. The cryptographic representations may be transmit outside the mobile device to a system which makes a determination and provides an indication whether the application is permitted or not permitted for use at the company. The company can be associated with a hashed permitted or not permitted list. The application information can include application name, executable code, and a version number. The method may include automatically remediating the application if it matches a known risk.
61 Citations
20 Claims
-
1. A method, comprising:
-
generating at least one cryptographic representation for a company identifier and at least one type of application information for an application residing on a mobile device, the at least one type of application information comprising an application name, the at least one cryptographic representation being a composite hash of both the application name and the company identifier; transmitting the at least one cryptographic representation for determination of whether the application is permitted for a company identified by the company identifier; and receiving the determination indicating whether the application is permitted for the company, the company being associated with a company specific permitted list or not permitted list comprising composite hashes of application names and company identifiers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system, comprising:
-
a processor; and a memory for storing executable instructions, the instructions being executed by the processor for; generating at least one cryptographic representation for a company identifier and at least one type of application information for an application residing on a mobile device, the at least one type of application information comprising an application name, the at least one cryptographic representation being a composite hash of both the application name and the company identifier; transmitting the at least one cryptographic representation for determination of whether the application is permitted for a company identified by the company identifier; and receiving the determination indicating whether the application is permitted for the company, the company being associated with a company specific permitted list or not permitted list comprising composite hashes of application names and company identifiers. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
-
-
20. A method, comprising:
-
generating at least one cryptographic representation for a company identifier and at least one type of application information for an application residing on a mobile device, the at least one type of application information comprising an application name, the at least one cryptographic representation being a composite hash of both the application name and the company identifier; transmitting the at least one cryptographic representation for determination of whether the application is permitted to access an enterprise network with enterprise services of a company associated with the company identifier; and receiving the determination in the form of a message from an application risk control system indicating whether the application is permitted or not permitted to access the enterprise network with the enterprise services of the company associated with the company identifier, the indication based on a risk score calculated for the application, wherein the company is associated with a company specific permitted list and not permitted list each comprising composite hashes of application names and company identifiers.
-
Specification