METHOD AND APPARATUS FOR MANAGING ACCESS PRIVILEGE IN CLDC OSGI ENVIRONMENT
First Claim
1. A method of managing an access privilege of an application to resources in an execution environment where applications are driven by using a Virtual Machine (VM), the method comprising:
- marking a privileged code in the application;
executing the privileged code in a secured thread comprising a unique thread identifier;
identifying the privileged code by comparing the unique thread identifier to a corresponding application identifier from a mapping table;
checking a permission policy file to determine resource access privileges the privileged code has; and
permitting the application to access the resources according to the resource access privileges.
1 Assignment
0 Petitions
Accused Products
Abstract
Provided are a method and apparatus for managing an access privilege of an application in a Connected Limited Device Configuration (CLDC) and Open Service Gateway initiative (OSGi) environment. The method includes: marking a privileged code in the application; executing the privileged code in a secured thread having a unique thread identifier; identifying the privilege code by mapping the unique thread identifier with an application identifier from a mapping table; checking a permission policy file to determine what kind of resource access privilege the identified privileged code has; and permitting the application to access the resources according to the determination results. Accordingly, when an application tries to access resources in a framework, an access privilege of the application can be managed so that no applications can maliciously access the resources by identifying the application by using the mapping table and checking the security policy file of the identified application.
33 Citations
15 Claims
-
1. A method of managing an access privilege of an application to resources in an execution environment where applications are driven by using a Virtual Machine (VM), the method comprising:
-
marking a privileged code in the application; executing the privileged code in a secured thread comprising a unique thread identifier; identifying the privileged code by comparing the unique thread identifier to a corresponding application identifier from a mapping table; checking a permission policy file to determine resource access privileges the privileged code has; and permitting the application to access the resources according to the resource access privileges. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An apparatus for managing an access privilege of an application to resources in an execution environment where applications are driven by using a Virtual Machine (VM), the apparatus comprising:
-
a thread providing unit which provides a secured thread comprising a unique thread identifier to execute a privileged code marked in the application; an identifying unit which identifies the privileged code by comparing the unique thread identifier to a corresponding application identifier from a mapping table; and a checking unit which checks a permission policy file to determine resource access privileges of the identified privileged code and permits the application to access the resources according to the resource access privileges. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
Specification