Risk detection

US 20030149897A1
Filed: 12/09/2002
Published: 08/07/2003
Est. Priority Date: 12/11/2001
Status: Active Grant

First Claim

Patent Images

1. A method for detecting a condition in a communication system including at least one user equipment comprising the steps of:

determining at least one parameter associated with a communication link between an application and a node of said user equipment; and

detecting said condition in response to said at least one parameter.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and device for detecting a condition in a communication system, including at least one user equipment, for determining at least one parameter associated with a communication link between an application and a node of said user equipment, and detecting the condition in response to the at least one parameter.

39 Citations

View as Search Results

21 Claims

1. A method for detecting a condition in a communication system including at least one user equipment comprising the steps of:
- determining at least one parameter associated with a communication link between an application and a node of said user equipment; and
  
  detecting said condition in response to said at least one parameter.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. A method as claimed in claim 1 wherein said step of determining at least one parameter comprises:
    - determining if said application communicating with said node via the communication link is authorised to access a service provided at said node.
  - 3. The method as claimed in claim 2 wherein said step of determining if said application is authorised comprises:
    - when the communication link is opened between said application and said node, determining if a memory address associated with said application resides in an area of a data store in said user equipment identifying respective authorised client applications; and
      
      determining if the application is authorised in response to the location of said memory address.
  - 4. The method as claimed in claim 3 wherein said data store comprises a ROM data store in the mobile user equipment.
  - 5. The method as claimed in one of claims 2 to 4 wherein said step of determining whether said application is authorised comprises:
    - determining whether the application software has been downloaded into said user equipment from a third party; and
      
      identifying that said application is not authorised to access a service from the node if it is determined that the client application has been so downloaded.
  - 6. The method as claimed in anyone of claims 2 to 5 further comprising:
    - when an application requires access to a service, opening a communication link via which said client application may access a service from a service provider node offering that service; and
      
      detecting from the call stack of a processor running said application, a memory address, identifying where said application resides, for indicating that the client application is authorised to access that service.
  - 7. The method as claimed in claim 6 further comprising:
    - subsequent to the application being determined to be authorised to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said a communication link, said entry being held in a data store of the user equipment.
  - 8. The method as claimed in claim 7 further comprising:
    - subsequent to the communication link being opened and a thread identifier being stored, determining if the application is authorised to access the service by checking if the thread identifier associated with that communication link has been altered since the previous check; and
      
      determining that said client application is authorised to access the service from said service provides if said thread identifier has not altered.
  - 9. The method as claimed in claim 1 wherein said at least one parameter comprises a message type indicating a type of service to which access is requested by the application, said method further comprising the step of:
    - determining whether said message type is of a type which is predetermined as safe and if so determining that no security risk exists.
  - 10. The method as claimed in claim 9 wherein said step of determining a safe message type comprises comparing said a message type with a predetermined list of safe message types.
  - 11. The method as claimed in claim 9 or claim 10 further comprising if said message type is determined to be not safe, determining at least one parameter associated with a communication link between an application and a node of said user terminal;
    - and detecting said a condition in response to said at least one parameter.
  - 12. The method as claimed in any preceding claims further comprising the steps of:
    - initiating at least one security measure if said a condition is identified.
  - 13. The method as claimed in claim 1 wherein said a condition comprises whether said application'"'"'is authorised to access a service from said node.
  - 14. The method as claimed in claim 1 wherein said a condition comprises a security risk.
  - 15. The method as claimed in any preceding claim wherein said communication system is a wireless communication system and said user equipment is mobile user equipment.

16. The method as claimed wherein said communication link comprises a data link and said node comprises a service provider node.

17. User equipment arranged to identify a condition in a communication system comprising:
- processor means for running an application;
  
  a node for providing access to a service;
  
  means for identifying at least one parameter associated with a communication link established between said processor means and said node; and
  
  means responsive to said identified parameter for detecting a condition.
- View Dependent Claims (18)
- - 18. The user equipment as claimed in claim 17 further comprising;
    - a data store including an area holding a plurality of authorised client applications authorised to access services from said node;
      
      whereby a memory address of an application run by said processor means may be determined to thereby indicate if said client application is authorized to access said service.

19. A method for detecting a potential security attack to the telephony service interface of a mobile user equipment comprising:
- when a data link is opened between a client application, run by a processor in said user equipment, and the telephony service interface;
  
  identifying whether the client application is authorised to access telephony services from said mobile user equipment and if not, determining that a security risk exists.
- View Dependent Claims (20)
- - 20. The method as claimed in claim 19 further comprising the steps of:
    - subsequent to a data link being opened and access to a service being authorised, storing an identifier of a lightweight process run by said client application in a data store of the mobile user equipment, said identifier being associated with said a one data link; and
      
      thereafter upon each subsequent use of said a data link by the lightweight process to gain access to said telephony service, determining if the identifier associated with said a data link has been modified since the previous use and if no modification has been made authorising the lightweight process to access the telephony service.

21. A method for detecting if an application running on user equipment of a communication system is authorised to obtain a facility from a node in said user equipment, the method comprising the steps of:
- determining at least one parameter associated with a communication link between said application and said node; and
  
  responsive to said parameter detecting if said application is authorised.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Ylitalo, Jouni, Leskela, Jyrki V.

Granted Patent

US 7,861,295 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

H04M 1/724   User interfaces specially a...

Risk detection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Risk detection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links