Evaluating Whether to Block or Allow Installation of a Software Application

US 20130333039A1
Filed: 06/07/2012
Published: 12/12/2013
Est. Priority Date: 06/07/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method, comprising:

receiving a request to install an application on a programmable device; and

deciding whether to install the application, comprising;

determining a risk level of the application responsive to a set of permissions requested by the application, comprising;

determining one or more characteristics of the application;

evaluating the set of permissions requested by the application in relation to the one or more determined characteristics of the application; and

assigning a risk level responsive to the evaluation; and

blocking installation of the application if the risk level exceeds a predetermined risk threshold,wherein the determined characteristics comprise at least one characteristic not contained in a manifest associated with the application.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A programmable device for which an application is to be installed analyzes permissions requested by the application and other application information to assist the user in deciding whether to allow installation of the application. The analysis may either block or allow the installation, or may provide a calculated risk level to the user and request a decision. Application information, such as a category of application, typical permissions requested by similar applications, and trustworthiness of the application source, in addition to whitelists and blacklists may be employed as part of the analysis and evaluation of the permissions. As a result, the user need not be burdened with overly technical information and may make a better informed decision on installation.

57 Citations

View as Search Results

27 Claims

1. A method, comprising:
- receiving a request to install an application on a programmable device; and
  
  deciding whether to install the application, comprising;
  
  determining a risk level of the application responsive to a set of permissions requested by the application, comprising;
  
  determining one or more characteristics of the application;
  
  evaluating the set of permissions requested by the application in relation to the one or more determined characteristics of the application; and
  
  assigning a risk level responsive to the evaluation; and
  
  blocking installation of the application if the risk level exceeds a predetermined risk threshold,wherein the determined characteristics comprise at least one characteristic not contained in a manifest associated with the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein blocking installation comprises:
    - presenting a warning dialog to a user of the programmable device,wherein the user can force installation of the application through the dialog.
  - 3. The method of claim 1, wherein determining a risk level of the application further comprises:
    - parsing a manifest file provided by the application, the manifest file identifying the set of permissions requested by the application;
      
      assigning a risk based on the set of permissions.
  - 4. The method of claim 1, wherein determining a risk level further comprises:
    - checking a whitelist of known good applications.
  - 5. The method of claim 1, wherein determining a risk level further comprises:
    - checking a blacklist of known malware applications.
  - 6. The method of claim 1, further comprising:
    - adding the application to a whitelist.
  - 7. The method of claim 6, further comprising:
    - encrypting the whitelist.
  - 8. The method of claim 6, wherein the whitelist is local to the programmable device.
  - 9. The method of claim 6, wherein adding the application to a whitelist comprises:
    - requesting a remote server to add the application to a remote whitelist.
  - 10. The method of claim 6, further comprising:
    - removing the application from the whitelist responsive to a revocation notice received by the programmable device.
  - 11. The method of claim 1, wherein blocking installation comprises:
    - adding the application to a blacklist.
  - 12. The method of claim 11, further comprising:
    - encrypting the blacklist.
  - 13. The method of claim 11, wherein the blacklist is remote to the programmable device.
  - 14. The method of claim 1, further comprising:
    - receiving an update from a remote server; and
      
      updating a whitelist of known good applications with the update.
  - 15. The method of claim 1, further comprising:
    - receiving an update from a remote server; and
      
      updating a blacklist of known malware applications with the update.
  - 16. The method of claim 1, wherein determining a risk level comprises:
    - sending information about the application to a remote server; and
      
      receiving a determination of the risk level from the remote server.

17. A system, comprising:
- a processor;
  
  a storage subsystem, coupled to the processor;
  
  an application database stored on the storage subsystem comprising;
  
  information associated with applications configured for installation on a programmable client device; and
  
  software stored on the storage subsystem comprising instructions that when executed cause the processor to;
  
  receive a request from the programmable client device responsive to an attempt to install an application on the programmable client device;
  
  determine one or more characteristics of the application;
  
  evaluate a set of permissions requested by the application in relation to the one or more determined characteristics of the application; and
  
  transmit a risk determination to the programmable client device responsive to evaluating the set of permissions,wherein the one or more determined characteristics comprise at least one characteristic not contained in a manifest associated with the application.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The system of claim 17, further comprising:
    - a whitelist of known good applications,wherein the instructions that when executed cause the processor to evaluate the set of permissions requested by the application comprise instructions that when executed cause the processor to;
      
      determine whether the application is on the whitelist.
  - 19. The system of claim 17, further comprising:
    - a blacklist of known mal ware applications,wherein the instructions that when executed cause the processor to evaluate the set of permissions requested by the application comprise instructions that when executed cause the processor to;
      
      determine whether the application is on the blacklist.
  - 20. The system of claim 17, further comprising:
    - a whitelist of known good applications; and
      
      a blacklist of known malware applications,wherein the software further comprises instructions that when executed cause the processor to;
      
      receive a request from the programmable client to add the application to the whitelist or to add the application to the blacklist.
  - 21. The system of claim 17, wherein the software further comprises instructions that when executed cause the processor to:
    - send an update to the programmable device comprising updates to a whitelist of known good applications or a blacklist of known malware applications maintained local to the programmable device.

22. A programmable device comprising:
- a programmable control device;
  
  an operating system configured to control the programmable control device;
  
  a storage subsystem, coupled to the programmable control device; and
  
  software stored on the storage subsystem comprising instructions that when executed by the programmable control device cause the programmable control device to;
  
  evaluate a set of permissions requested by an application to be installed on the programmable device in relation to one or more determined characteristics of the application, to determine a risk level of the application; and
  
  block installation of the application if risk level exceeds a predetermined risk threshold,wherein the determined characteristics comprise at least one characteristic not contained in a manifest associated with the application.
- View Dependent Claims (23, 24, 25, 26)
- - 23. The programmable device of claim 22, wherein the software further comprises instructions that when executed cause the programmable control device to:
    - identify the risk level to a user of the programmable device; and
      
      ask the user whether to install the application.
  - 24. The programmable device of claim 22, wherein the determined characteristics comprise at least one of:
    - a categorization of the application in an application marketplace;
      
      a trust level associated with a source of the application;
      
      a number of applications from the source of the application known to be good; and
      
      a functionality of the application.
  - 25. The programmable device of claim 22, wherein the programmable device is a mobile programmable device.
  - 26. The programmable device of claim 22, wherein the software further comprises instructions that when executed cause the programmable control device to:
    - update a white list or a blacklist responsive to evaluating the set of permissions.

27. The programmable device of claim wherein the software further comprises instructions that when executed cause the programmable control device to:
- send information about the application to a remote server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, Inc. (McAfee, LLC)
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Kelly, Nicholas Paul

Application Number

US13/490,954
Publication Number

US 20130333039A1
Time in Patent Office

Days
Field of Search
US Class Current

726/24
CPC Class Codes

G06F 21/51   at application loading time...

H04L 63/20   for managing network securi...

H04L 67/34   involving the movement of s...

Evaluating Whether to Block or Allow Installation of a Software Application

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

57 Citations

27 Claims

Specification

Use Cases

Quick Links

Others

Evaluating Whether to Block or Allow Installation of a Software Application

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

57 Citations

27 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others