Mobile application peer-to-peer security system and method

US 20010051515A1
Filed: 01/18/2001
Published: 12/13/2001
Est. Priority Date: 06/09/2000
Status: Active Grant

First Claim

Patent Images

1. A mobile application security system, comprising:

one or more nodes of a peer-to-peer network wherein each node is configured to execute a mobile application;

a central security enforcement node connected to each node of the peer-to-peer network for controlling the security of a mobile application;

the central security enforcement node further comprising means for monitoring the security of the mobile application as it jumps between the nodes wherein data about the mobile application is communicated to the central security enforcement node when the mobile application is communicated from a first node to a second node; and

wherein the security monitoring means further comprises means for detecting unwanted changes in the code associated with the mobile application when the mobile application is jumping between hosts.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The mobile application security system and method in accordance with the invention increases the overall level of security in using a mobile application. In a preferred embodiment, the system may use a peer-to-peer architecture wherein each host of a mobile application is a node of the peer-to-peer network. In operation, when a mobile application jumps between hosts (nodes), information about the mobile application is generated and sent to a central security enforcement node so that the central security enforcement node may perform various security checks. The security checks ensure that the security of the mobile application is not compromised.

66 Citations

View as Search Results

20 Claims

1. A mobile application security system, comprising:
- one or more nodes of a peer-to-peer network wherein each node is configured to execute a mobile application;
  
  a central security enforcement node connected to each node of the peer-to-peer network for controlling the security of a mobile application;
  
  the central security enforcement node further comprising means for monitoring the security of the mobile application as it jumps between the nodes wherein data about the mobile application is communicated to the central security enforcement node when the mobile application is communicated from a first node to a second node; and
  
  wherein the security monitoring means further comprises means for detecting unwanted changes in the code associated with the mobile application when the mobile application is jumping between hosts.
- View Dependent Claims (2, 3)
- - 2. The system of claim 1, wherein the detecting means further comprises means for storing a copy of the mobile application when the mobile application is created by having the creating node send a copy of the mobile application to the central security enforcement node, means for receiving data about the mobile application when it is received by another node and means for comparing the code of the mobile application received by the other node to the stored copy of the mobile application to determine if changes have been made to the code of the mobile application.
  - 3. The system of claim 1, wherein the detecting means further comprises means for receiving a checksum of the mobile application when the mobile application is created, means for receiving the mobile application after it is sent to another node, means for computing the checksum of the received mobile application and means for comparing the checksum of the mobile application after it is received by another node to the stored checksum of the mobile application to determine if changes have been made to the code of the mobile application.

4. A mobile application security system, comprising:
- one or more nodes of a peer-to-peer network wherein each node is configured to execute a mobile application;
  
  a central security enforcement node connected to each node of the peer-to-peer network for controlling the security of a mobile application;
  
  the central security enforcement node further comprising means for monitoring the security of the mobile application as it jumps between the nodes wherein data about the mobile application is communicated to the central security enforcement node when the mobile application is communicated from a first node to a second node; and
  
  wherein the security monitoring means further comprises means for preventing a node from transmitting hostile code in a mobile application to another node.
- View Dependent Claims (5)
- - 5. The system of claim 4, wherein the preventing means further comprises means for determining if the node dispatching the mobile application is trusted, means for stripping the code from an initially received mobile application if the host is not trusted, means for saving the code of the mobile application, and means, when requested by another node, for providing the code for the mobile application to the requesting node.

6. A mobile application security system, comprising:
- one or more nodes of a peer-to-peer network wherein each node is configured to execute a mobile application;
  
  a central security enforcement node connected to each node of the peer-to-peer network for controlling the security of a mobile application;
  
  the central security enforcement node further comprising means for monitoring the security of the mobile application as it jumps between the nodes wherein data about the mobile application is communicated to the central security enforcement node when the mobile application is communicated from a first node to a second node; and
  
  wherein security monitoring means further comprises means for detecting unwanted changes in the state of the mobile application.
- View Dependent Claims (7)
- - 7. The system of claim 6, wherein the detecting means further comprises means for saving a copy of the state of a mobile application received from a node that received the mobile application, means for receiving data about the same mobile application after a jump to another node and means for comparing the state of the mobile application after the jump to another node with the stored state of the mobile application to ensure that the state of the mobile application has not changed.

8. A mobile application security system, comprising:
- one or more nodes of a peer-to-peer network wherein each node is configured to execute a mobile application;
  
  a central security enforcement node connected to each node of the peer-to-peer network for controlling the security of a mobile application;
  
  the central security enforcement node further comprising means for monitoring the security of the mobile application as it jumps between the nodes wherein data about the mobile application is communicated to the central security enforcement node when the mobile application is communicated from a first node to a second node; and
  
  wherein the security monitoring means further comprises means for detecting unwanted changes in the itinerary of the mobile application.
- View Dependent Claims (9, 10)
- - 9. The system of claim 8, wherein the detecting means further comprises means for saving a copy of the itinerary of a mobile application received from the node that received the mobile application, means for receiving the same mobile application after a jump to another node and means for comparing the itinerary of the mobile application after the jump to another node with the stored itinerary of the mobile application to ensure that the itinerary of the mobile application has not changed.
  - 10. The system of claim 8, wherein the itinerary comprises past historical itinerary data.

11. A mobile application security method, comprising:
- receiving data about a mobile application at a central security enforcement node each time the mobile application jumps between a first node and a second node of a peer-to-peer network; and
  
  monitoring the security of the mobile application as it jumps between the nodes, wherein the security monitoring further comprises detecting unwanted changes in the code associated with the mobile application when the mobile application is jumping between hosts.
- View Dependent Claims (12)
- - 12. The method of claim 11, wherein the detecting further comprises storing a copy of the mobile application when the mobile application is created, receiving the mobile application after it is received by another node and comparing the code of the mobile application after it is received by another node to the stored copy of the mobile application to determine if changes have been made to the code of the mobile application.

13. A mobile application security method, comprising:
- receiving data about a mobile application at a central security enforcement node each time the mobile application jumps between a first node and a second node of a peer-to-peer network; and
  
  monitoring the security of the mobile application as it jumps between the nodes, wherein the security monitoring further comprises preventing a host from transmitting hostile code in a mobile application to another node.
- View Dependent Claims (14)
- - 14. The method of claim 13, wherein the preventing further comprises determining if the node dispatching the mobile application is trusted, stripping the code from a mobile application if the host is not trusted, saving the code of the mobile application, and, when requested by another node, providing the code for the mobile application to the requesting node.

15. A mobile application security method, comprising:
- receiving data about a mobile application at a central security enforcement node each time the mobile application jumps between a first node and a second node of a peer-to-peer network; and
  
  monitoring the security of the mobile application as it jumps between the nodes, wherein the security monitoring further comprises detecting unwanted changes in the state of the mobile application.
- View Dependent Claims (16)
- - 16. The method of claim 15, wherein the detecting further comprises saving a copy of the state of a received mobile application, receiving data about the same mobile application after a jump to another node and comparing the state of the mobile application after the jump to another node with the stored state of the mobile application to ensure that the state of the mobile application has not changed.

17. A mobile application security method, comprising:
- receiving data about a mobile application at a central security enforcement node each time the mobile application jumps between a first node and a second node of a peer-to-peer network; and
  
  monitoring the security of the mobile application as it jumps between the nodes, wherein the security monitoring further comprises detecting unwanted changes in the itinerary of the mobile application.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17, wherein the detecting further comprises saving a copy of the itinerary of a received mobile application, receiving data about the same mobile application after a jump to another node and comparing the itinerary of the mobile application after the jump to another node with the stored itinerary of the mobile application to ensure that the itinerary of the mobile application has not changed.
  - 19. The method of claim 17, wherein the itinerary comprises past historical itinerary data.

20. A mobile application security method, comprising:
- receiving data about a mobile application at a central security enforcement node each time the mobile application jumps between a first node and a second node of a peer-to-peer network; and
  
  monitoring the security of the mobile application as it jumps between the nodes, wherein the security monitoring further comprises preventing untrusted hosts from initially launching mobile applications

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aramira Corporation
Original Assignee
Aramira Corporation
Inventors
Rygaard, Christopher A.

Granted Patent

US 7,046,995 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/410
CPC Class Codes

G06F 21/12   Protecting executable software

G06F 21/64   Protecting data integrity, ...

G06F 9/4862   the task being a mobile age...

H04L 63/12   Applying verification of th...

H04L 63/123   received data contents, e.g...

H04L 63/20   for managing network securi...

Mobile application peer-to-peer security system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

66 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile application peer-to-peer security system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

66 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links