Privilege management and revocation
First Claim
1. A method for managing privileges in a computer system, the method comprising:
- setting privileges associated with applications capable of running on one or more electronic devices in the system;
recording which of the electronic devices in the system have which applications;
detecting a revocation of a privilege associated with at least one of the applications by comparing an old set of privileges associated with the applications to a new set of privileges associated with the applications; and
responsive to detecting the revocation of the privilege, automatically instructing those electronic devices having applications to which the privilege is associated to reset themselves.
2 Assignments
0 Petitions
Accused Products
Abstract
This disclosure relates to management of privileges associated with applications accessible by users of electronic devices. In one aspect, an electronic device detects that a privilege has been revoked, shuts down any application running on the electronic device that has previously accessed the privilege, and restarts any application that was shut down, the restarted application no longer having any access to the revoked privilege. In another aspect, an electronic device keeps a log of which applications have previously accessed which privileges, receives a new set of privileges associated with applications, determines that a privilege has been revoked, and if the log indicates that an application previously accessed the privilege, resets the electronic device. In a further aspect, a method sets privileges associated with applications, records which electronic devices have which applications, revokes a privilege, and instructs those electronic devices having applications to which the privilege is associated to reset themselves.
-
Citations
18 Claims
-
1. A method for managing privileges in a computer system, the method comprising:
-
setting privileges associated with applications capable of running on one or more electronic devices in the system; recording which of the electronic devices in the system have which applications; detecting a revocation of a privilege associated with at least one of the applications by comparing an old set of privileges associated with the applications to a new set of privileges associated with the applications; and responsive to detecting the revocation of the privilege, automatically instructing those electronic devices having applications to which the privilege is associated to reset themselves. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer system comprising:
-
a processor; and a memory storing instructions which, when executed by the processor, cause the processor to; set privileges associated with applications capable of running on one or more electronic devices in the system; record which of the electronic devices in the system have which applications; detect a revocation of a privilege associated with at least one of the applications by comparing an old set of privileges associated with the applications to a new set of privileges associated with the applications; and responsive to detecting the revocation of the privilege, automatically instruct those electronic devices having applications to which the privilege is associated to reset themselves. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium storing instructions which, when executed by a processor of a computer system, result in:
-
setting privileges associated with applications capable of running on one or more electronic devices in the system; recording which of the electronic devices in the system have which applications; detecting a revocation of a privilege associated with at least one of the applications by comparing an old set of privileges associated with the applications to a new set of privileges associated with the applications; and responsive to detecting the revocation of the privilege, automatically instructing those electronic devices having applications to which the privilege is associated to reset themselves. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification