Protecting Data From Unauthorized Access
First Claim
1. A computer-implemented method, comprising:
- identifying, by a computing system, that an application program does not have permission to access a first type of data that is provided by a first application program;
identifying, by the computing system, that a second application program has permission to access the first type of data that is provided by the first application program, wherein the second application program provides a second type of data and is able to modify the second type of data to include the first type of data;
identifying, by the computing system, that the application program has permission to access the second type of data that is provided by the second application program;
determining, by the computing system, that the second type of data that is provided by the application program and that the application program has permission to access, includes the first type of data; and
performing, by the computing system as a result of having determined that the second type of data includes the first type of data, an action to prevent the first type of data from being provided, in the second type of data, from the second application program to the application program, without user authorization.
2 Assignments
0 Petitions
Accused Products
Abstract
In general, the subject matter described in this disclosure can be embodied in methods, systems, and program products for identifying that an application program does not have permission to access a first type of data that is provided by a first application program. A computing system identifies that a second application program has permission to access the first type of data. The second application program provides a second type of data and is able to modify the second type of data to include the first type of data. The computing system identifies that the application program has permission to access the second type of data. The computing system determines that the second type of data includes the first type of data. The computing system performs an action to prevent the first type of data from being provided from the second application program to the application program without user authorization.
-
Citations
20 Claims
-
1. A computer-implemented method, comprising:
-
identifying, by a computing system, that an application program does not have permission to access a first type of data that is provided by a first application program; identifying, by the computing system, that a second application program has permission to access the first type of data that is provided by the first application program, wherein the second application program provides a second type of data and is able to modify the second type of data to include the first type of data; identifying, by the computing system, that the application program has permission to access the second type of data that is provided by the second application program; determining, by the computing system, that the second type of data that is provided by the application program and that the application program has permission to access, includes the first type of data; and performing, by the computing system as a result of having determined that the second type of data includes the first type of data, an action to prevent the first type of data from being provided, in the second type of data, from the second application program to the application program, without user authorization. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. One or more computer-readable devices including instructions that, when executed by one or more processors, cause performance of operations that include:
-
identifying, by a computing system, that an application program does not have permission to access a first type of data that is provided by a first application program; identifying, by the computing system, that a second application program has permission to access the first type of data that is provided by the first application program, wherein the second application program provides a second type of data and is able to modify the second type of data to include the first type of data; identifying, by the computing system, that the application program has permission to access the second type of data that is provided by the second application program; determining, by the computing system, that the second type of data that is provided by the application program and that the application program has permission to access, includes the first type of data; and performing, by the computing system as a result of having determined that the second type of data includes the first type of data, an action to prevent the first type of data from being provided, in the second type of data, from the second application program to the application program, without user authorization. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification