METHOD AND APPARATUS FOR MANAGING ACCESS PRIVILEGE IN CLDC OSGI ENVIRONMENT

US 20090031402A1
Filed: 07/23/2008
Published: 01/29/2009
Est. Priority Date: 07/23/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method of managing an access privilege of an application to resources in an execution environment where applications are driven by using a Virtual Machine (VM), the method comprising:

marking a privileged code in the application;

executing the privileged code in a secured thread comprising a unique thread identifier;

identifying the privileged code by comparing the unique thread identifier to a corresponding application identifier from a mapping table;

checking a permission policy file to determine resource access privileges the privileged code has; and

permitting the application to access the resources according to the resource access privileges.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided are a method and apparatus for managing an access privilege of an application in a Connected Limited Device Configuration (CLDC) and Open Service Gateway initiative (OSGi) environment. The method includes: marking a privileged code in the application; executing the privileged code in a secured thread having a unique thread identifier; identifying the privilege code by mapping the unique thread identifier with an application identifier from a mapping table; checking a permission policy file to determine what kind of resource access privilege the identified privileged code has; and permitting the application to access the resources according to the determination results. Accordingly, when an application tries to access resources in a framework, an access privilege of the application can be managed so that no applications can maliciously access the resources by identifying the application by using the mapping table and checking the security policy file of the identified application.

33 Citations

View as Search Results

15 Claims

1. A method of managing an access privilege of an application to resources in an execution environment where applications are driven by using a Virtual Machine (VM), the method comprising:
- marking a privileged code in the application;
  
  executing the privileged code in a secured thread comprising a unique thread identifier;
  
  identifying the privileged code by comparing the unique thread identifier to a corresponding application identifier from a mapping table;
  
  checking a permission policy file to determine resource access privileges the privileged code has; and
  
  permitting the application to access the resources according to the resource access privileges.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising executing an exception if the application does not have access privilege to the resources.
  - 3. The method of claim 1, further comprising terminating the secured thread after the executing of the privileged code.
  - 4. The method of claim 1, wherein the permitting of the application to access the resources comprises assigning a set of permissions to the secured thread.
  - 5. The method of claim 1, wherein the privileged code is detected by a privilege interface.
  - 6. The method of claim 1, wherein the mapping table stores a plurality of application identifiers of a plurality of applications in the execution environment corresponding with a plurality of unique thread identifiers of threads in which the plurality of applications are executed.
  - 7. The method of claim 1, wherein the execution environment is a Connected Limited Device Configuration (CLDC) Open Service Gateway initiative (OSGi) environment.
  - 8. A computer-readable recording medium having a program recorded thereon, the program if executed by a computer causes the computer to execute the method of claim 1.

9. An apparatus for managing an access privilege of an application to resources in an execution environment where applications are driven by using a Virtual Machine (VM), the apparatus comprising:
- a thread providing unit which provides a secured thread comprising a unique thread identifier to execute a privileged code marked in the application;
  
  an identifying unit which identifies the privileged code by comparing the unique thread identifier to a corresponding application identifier from a mapping table; and
  
  a checking unit which checks a permission policy file to determine resource access privileges of the identified privileged code and permits the application to access the resources according to the resource access privileges.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The apparatus of claim 9, further comprising an exception executing unit which executes an exception if the application has no access privilege to the resources.
  - 11. The apparatus of claim 9, wherein the thread providing unit terminates the secured thread after execution of the privileged code.
  - 12. The apparatus of claim 9, wherein the checking unit assigns a set of permissions to the secured thread so that the application can access the resources.
  - 13. The apparatus of claim 9, wherein the privileged code is detected by a privilege interface.
  - 14. The apparatus of claim 9, wherein the mapping table stores a plurality of application identifiers of a plurality of applications in the execution environment with a plurality of corresponding unique thread identifiers of threads in which the plurality of applications are executed.
  - 15. The apparatus of claim 9, wherein the execution environment is a Connected Limited Device Configuration (CLDC) Open Service Gateway initiative (OSGi) environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Samsung Electronics Co. Ltd.
Original Assignee
Samsung Electronics Co. Ltd.
Inventors
KRISHNAMOORTHY, Subramanian, SASIDHARAN, Vinoth, VALA, Vanraj, VRUSHABENDRAPPA, Lohith, JUNG, Dong-shin

Application Number

US12/178,254
Publication Number

US 20090031402A1
Time in Patent Office

Days
Field of Search
US Class Current

726/4
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/54   by adding security routines...

G06F 21/6218   to a system of files or obj...

METHOD AND APPARATUS FOR MANAGING ACCESS PRIVILEGE IN CLDC OSGI ENVIRONMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

15 Claims

Specification

Use Cases

Quick Links

Others

METHOD AND APPARATUS FOR MANAGING ACCESS PRIVILEGE IN CLDC OSGI ENVIRONMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

15 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others