SYSTEM AND METHOD FOR PROFILE BASED FILTERING OF OUTGOING INFORMATION IN A MOBILE ENVIRONMENT

US 20150237011A1
Filed: 05/04/2015
Published: 08/20/2015
Est. Priority Date: 10/13/2011
Status: Abandoned Application

First Claim

Patent Images

1. A non-transitory computer-readable storage medium comprising logic that includes code for execution and when executed on a processor configures the processor to perform operations comprising:

detecting an access request by an application to access information in a mobile device;

determining whether the information being requested by the access request matches a category of information described by at least one policy filter;

flagging the application as a potential threat in response to determining that the information being requested by the access request matches the category of information described by the at least one policy filter, wherein the application is allowed to access the information matching the category of information even though the application is flagged; and

in response to flagging the application, blocking send requests by the flagged application to send the information matching the category of information from the mobile device without user'"'"'s consent.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method in one embodiment includes modules for detecting an access request by an application to access information in a mobile device, determining that the application is a potential threat according to at least one policy filter, and blocking a send request by the application to send the information from the mobile device without a user'"'"'s consent. More specific embodiments include user selecting the information through a selection menu on a graphical user interface that includes information categories pre-populated by an operating system of the mobile device, and keywords that can be input by the user. Other embodiments include queuing the send request in a queue with other requests, and presenting an outbox comprising the queue to the user to choose to consent to the requests. The outbox includes graphical elements configured to permit the user to selectively consent to any requests in the queue.

9 Citations

View as Search Results

20 Claims

1. A non-transitory computer-readable storage medium comprising logic that includes code for execution and when executed on a processor configures the processor to perform operations comprising:
- detecting an access request by an application to access information in a mobile device;
  
  determining whether the information being requested by the access request matches a category of information described by at least one policy filter;
  
  flagging the application as a potential threat in response to determining that the information being requested by the access request matches the category of information described by the at least one policy filter, wherein the application is allowed to access the information matching the category of information even though the application is flagged; and
  
  in response to flagging the application, blocking send requests by the flagged application to send the information matching the category of information from the mobile device without user'"'"'s consent.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The non-transitory computer-readable storage medium of claim 1, further comprising presenting an outbox comprising the send requests and the other requests to the user to choose to consent to individual ones of the send requests and the other requests.
  - 3. The non-transitory computer-readable storage medium of claim 2, further comprising placing the send requests in a queue with other requests waiting for the user'"'"'s consent, wherein the outbox comprises the queue.
  - 4. The non-transitory computer-readable storage medium of claim 3, wherein the outbox is presented to the user on a graphical user interface, and comprises graphical elements configured to permit the user to selectively consent to any requests in the queue.
  - 5. The non-transitory computer-readable storage medium of claim 2, wherein the outbox is presented to the user on a graphical user interface, and comprises graphical elements configured to permit the user to selectively consent to any requests in the outbox.
  - 6. The non-transitory computer-readable storage medium of claim 1, wherein:
    - a portion of the code comprises privileged code implemented as at least one of;
      
      (i) a kernel module;
      
      (ii) modified existing system services;
      
      (iii) new system services;
      
      (iv) modified existing libraries; and
      
      (v) new libraries; and
      
      another portion of the code comprises unprivileged code.
  - 7. The non-transitory computer-readable storage medium of claim 1, wherein the category of information being described by at least one policy filter is selected by a user of the mobile device.
  - 8. The non-transitory computer-readable storage medium of claim 7, wherein the user selects the category of information through a selection menu on a graphical user interface, the selection menu comprising:
    - categories of information that are pre-populated by an operating system of the mobile device; and
      
      entries that can be input by the user, wherein the entries comprise at least one selection from;
      
      keywords, selected text, patterns and natural language commands.
  - 9. The non-transitory computer-readable storage medium of claim 8, wherein the category of information selected by the user is incorporated into the at least one policy filter.

10. An apparatus comprising:
- a memory configured to store data, anda processor operable to execute instructions associated with the data and configured, when executing the instructions, to;
  
  detect an access request by an application to access information in a mobile device;
  
  determine whether the information being requested by the access request matches a category of information described by at least one policy filter;
  
  flag the application as a potential threat in response to determining that the information being requested by the access request matches the category of information described by the at least one policy filter, wherein the application is allowed to access the information matching the category of information even though the application is flagged; and
  
  in response to flagging the application, block send requests by the flagged application to send the information matching the category of information from the mobile device without user'"'"'s consent.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The apparatus of claim 10, wherein the processor is further configured to present an outbox comprising the send requests and the other requests to the user to choose to consent to individual ones of the send requests and the other requests.
  - 12. The apparatus of claim 11, wherein the processor is further configured to place the send requests in a queue with other requests waiting for the user'"'"'s consent, wherein the outbox comprises the queue.
  - 13. The apparatus of claim 12, wherein the outbox is presented to the user on a graphical user interface and comprises graphical elements configured to permit the user to selectively consent to any requests in the queue.
  - 14. The apparatus of claim 11, wherein the outbox is presented to the user on a graphical user interface and comprises graphical elements configured to permit the user to selectively consent to any requests in the outbox.
  - 15. The apparatus of claim 10, wherein the category of information being described by at least one policy filter is selected by a user of the mobile device.
  - 16. The apparatus of claim 15, wherein the user selects the category of information through a selection menu on a graphical user interface, the selection menu comprising:
    - categories of information that are pre-populated by an operating system of the mobile device; and
      
      entries that can be input by the user, wherein the entries comprise at least one selection from;
      
      keywords, selected text, patterns and natural language commands.
  - 17. The apparatus of claim 16, wherein the category of information selected by the user is incorporated into the at least one policy filter.

18. A method comprising a processor performing steps of:
- detecting an access request by an application to access information in a mobile device;
  
  determining whether the information being requested by the access request matches a category of information described by at least one policy filter;
  
  flagging the application as a potential threat in response to determining that the information being requested by the access request matches the category of information described by the at least one policy filter, wherein the application is allowed to access the information matching the category of information even though the application is flagged; and
  
  in response to flagging the application, blocking send requests by the flagged application to send the information matching the category of information from the mobile device without user'"'"'s consent.
- View Dependent Claims (19, 20)
- - 19. The method according to claim 18, further comprising:
    - placing the send requests in a queue with other requests waiting for the user'"'"'s consent; and
      
      presenting an outbox comprising the queue having the send requests and the other requests to the user to choose to consent to individual ones of the send requests and the other requests.
  - 20. The method according to claim 19, wherein the outbox is presented to the user on a graphical user interface, and comprises graphical elements configured to permit the user to selectively consent to any requests in the queue.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, Inc. (McAfee, LLC)
Inventors
Singh, Balbir, Bhattacharjee, Rajbir

Application Number

US14/702,815
Publication Number

US 20150237011A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

G06F 21/6245   Protecting personal data, e...

G06F 21/6281   at program execution time, ...

H04L 63/0227   Filtering policies mail mes...

H04L 63/10   for controlling access to d...

H04L 63/1408   by monitoring network traff...

H04M 1/72403   with means for local suppor...

H04W 12/02   Protecting privacy or anony...

H04W 12/08   Access security

H04W 12/128   Anti-malware arrangements, ...

SYSTEM AND METHOD FOR PROFILE BASED FILTERING OF OUTGOING INFORMATION IN A MOBILE ENVIRONMENT

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR PROFILE BASED FILTERING OF OUTGOING INFORMATION IN A MOBILE ENVIRONMENT

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links