SYSTEM AND METHOD FOR WHITELISTING APPLICATIONS IN A MOBILE NETWORK ENVIRONMENT

US 20150180908A1
Filed: 12/23/2014
Published: 06/25/2015
Est. Priority Date: 10/17/2011
Status: Abandoned Application

First Claim

Patent Images

1. At least one non-transitory, machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:

identify a query from a first mobile device, wherein the query identifies an attempt, by the first mobile device, to access a particular application;

determine whether the particular application has been assessed for inclusion in one or more of the plurality of whitelists;

cause an assessment of the particular application, wherein the assessment comprises;

accessing a copy of the particular application; and

assessing the copy of the particular application to identify one or more attributes of the particular application; and

determine, for each of a plurality of whitelists, whether the particular application should be included in the whitelist based on the attributes, wherein each whitelist is associated with a respective one of a plurality of entities and based on a policy corresponding to the respective entity, and each entity is associated with a respective plurality of mobile devices.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A query from a particular mobile device is identified that indicates an attempt, by the particular mobile device, to access a particular application. It is determined whether the particular application has been assessed for inclusion in one or more of the plurality of whitelists and, based on the determination, an assessment of the particular application can be performed, which can include accessing a copy of the particular application and assessing the copy of the particular application to identify one or more attributes of the particular application. For each of a plurality of whitelists, a determination is made whether the particular application should be included in the whitelist based on the attributes. Each whitelist can be associated with a respective one of a plurality of entities and based on a policy corresponding to the respective entity, each entity is associated with a respective plurality of mobile devices.

26 Citations

View as Search Results

20 Claims

1. At least one non-transitory, machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- identify a query from a first mobile device, wherein the query identifies an attempt, by the first mobile device, to access a particular application;
  
  determine whether the particular application has been assessed for inclusion in one or more of the plurality of whitelists;
  
  cause an assessment of the particular application, wherein the assessment comprises;
  
  accessing a copy of the particular application; and
  
  assessing the copy of the particular application to identify one or more attributes of the particular application; and
  
  determine, for each of a plurality of whitelists, whether the particular application should be included in the whitelist based on the attributes, wherein each whitelist is associated with a respective one of a plurality of entities and based on a policy corresponding to the respective entity, and each entity is associated with a respective plurality of mobile devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The storage medium of claim 1, wherein the copy of the particular application is assessed to identify a set of functions of the particular application.
  - 3. The storage medium of claim 2, wherein at least some of the policies identify one or more allowed functions.
  - 4. The storage medium of claim 2, wherein at least some of the policies identify one or more restricted functions.
  - 5. The storage medium of claim 2, wherein application of at least a particular one of the whitelists is to cause one or more of functions of the particular application to be disabled at the first mobile computing device.
  - 6. The storage medium of claim 1, wherein assessing the copy of the particular application comprises executing the copy of the particular application in a test environment and observing functionality of the particular application.
  - 7. The storage medium of claim 6, wherein the instructions, when executed, further cause the machine to load the copy of the particular application in the test environment, initiate execution of the copy of the particular application in the test environment, and observe functionality of the copy of the particular application based on the execution.
  - 8. The storage medium of claim 1, wherein the plurality of entities comprise at least two different mobile device manufacturers.
  - 9. The storage medium of claim 1, wherein the plurality of entities comprise at least two different mobile network service providers.
  - 10. The storage medium of claim 1, wherein the plurality of entities comprise at least two different enterprises.
  - 11. The storage medium of claim 1, wherein accessing the copy of the particular application comprises:
    - identifying a source of the particular application remote from the first mobile device; and
      
      downloading the copy of the particular application from the source.
  - 12. The storage medium of claim 11, wherein a plurality of copies of the particular application are to be downloaded, the plurality of copies to include a copy of a first version of the particular application and a copy of a second version of the particular application.
  - 13. The storage medium of claim 1, wherein the assessment is to be performed in response to determining that the particular application has not been assessed for inclusion in one or more of the plurality of whitelists.
  - 14. The storage medium of claim 1, wherein the instructions, when executed, further cause the machine to:
    - determine a particular one of the plurality of whitelists applicable to the first mobile device; and
      
      return a response to the first mobile device to indicate whether the particular application is in compliance with a particular policy.
  - 15. The storage medium of claim 14, wherein the response is to cause the first mobile device to perform an action on the particular application based on the particular policy.
  - 16. The storage medium of claim 14, wherein the instructions, when executed, further cause the machine to:
    - receive a second query from a second mobile device, wherein the query identifies an attempt, by the second mobile device, to access the particular application;
      
      determine another one of the plurality of whitelists applicable to the second mobile device; and
      
      return a response to the second mobile device to indicate whether the particular application is in compliance with a policy corresponding to the other whitelist.

17. A method comprising:
- maintaining a plurality of whitelists, wherein each whitelist is associated with a respective one of a plurality of entities and based on a policy corresponding to the respective entity, and each entity is associated with a respective plurality of mobile devices;
  
  identifying a query from a first mobile device, wherein the query identifies an attempt, by the first mobile device, to access a particular application;
  
  determining whether the particular application has been assessed for inclusion in one or more of the plurality of whitelists;
  
  causing an assessment of the particular application, wherein the assessment comprises;
  
  accessing a copy of the particular application; and
  
  assessing the copy of the particular application to identify one or more attributes of the particular application; and
  
  determining for each of the plurality of whitelists, based on the corresponding policy, whether the particular application should be included in whitelist based on the attributes.

18. A system comprising:
- a memory configured to store data; and
  
  a processor operable to execute instructions associated with the data;
  
  a mobile application approval engine, adapted when executed by the at least one processor device to;
  
  identify a query from a particular mobile device, wherein the query identifies an attempt, by the particular mobile device, to access a particular application;
  
  determine whether the particular application has been assessed for inclusion in one or more of the plurality of whitelists;
  
  cause an assessment of the particular application, wherein the assessment comprises;
  
  accessing a copy of the particular application; and
  
  assessing the copy of the particular application to identify one or more attributes of the particular application; and
  
  determine, for each of a plurality of whitelists, whether the particular application should be included in the whitelist based on the attributes, wherein each whitelist is associated with a respective one of a plurality of entities and based on a policy corresponding to the respective entity, and each entity is associated with a respective plurality of mobile devices.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, further comprising a whitelist server to:
    - maintain the plurality of whitelists;
      
      identify a particular one of the whitelists applicable to the particular mobile; and
      
      generate a response to the query to indicate to the particular mobile device whether the application complies with one or more particular policies.
  - 20. The system of claim 19, wherein the assessment is performed in response to the query.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Dang, Amit, Das, Sudeep, Divakarla, Jayasankar, Khare, Praneet, Shukla, Alok

Application Number

US14/580,930
Publication Number

US 20150180908A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/52   during program execution, e...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/10   for controlling access to d...

H04L 63/205   involving negotiation or de...

H04W 12/08   Access security

H04W 12/128   Anti-malware arrangements, ...

H04W 12/37   Managing security policies ...

SYSTEM AND METHOD FOR WHITELISTING APPLICATIONS IN A MOBILE NETWORK ENVIRONMENT

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR WHITELISTING APPLICATIONS IN A MOBILE NETWORK ENVIRONMENT

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others