LOCAL API ACCESS AUTHORIZATION

US 20190312874A1
Filed: 04/10/2018
Published: 10/10/2019
Est. Priority Date: 04/10/2018
Status: Active Grant

First Claim

Patent Images

1. A computing device comprising:

one or more output devices; and

a processor configured to;

download a web application, wherein the web application includes;

an authorization certificate; and

a metadata file that includes an identifier of at least one local application program interface (API) of the computing device that is not included in an API whitelist of a web host application program executed by the processor;

determine, based on the authorization certificate and the metadata file, that the web application is authorized to access the at least one local API that is not included in the API whitelist;

execute the web application at the web host application program, wherein executing the web application includes utilizing the at least one local API that is not included in the API whitelist; and

convey at least one output of the web application for output at the one or more output devices.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing device, including one or more output devices and a processor. The processor may be configured to download a web application. The web application may include an authorization certificate and a metadata file that includes an identifier of at least one local application program interface (API) of the computing device that is not included in an API whitelist of a web host application program. The processor may determine, based on the authorization certificate and the metadata file, that the web application is authorized to access the at least one local API. The processor may execute the web application at the web host application program. Executing the web application may include utilizing the at least one local API. The processor may convey at least one output of the web application for output at the one or more output devices.

48 Citations

View as Search Results

20 Claims

1. A computing device comprising:
- one or more output devices; and
  
  a processor configured to;
  
  download a web application, wherein the web application includes;
  
  an authorization certificate; and
  
  a metadata file that includes an identifier of at least one local application program interface (API) of the computing device that is not included in an API whitelist of a web host application program executed by the processor;
  
  determine, based on the authorization certificate and the metadata file, that the web application is authorized to access the at least one local API that is not included in the API whitelist;
  
  execute the web application at the web host application program, wherein executing the web application includes utilizing the at least one local API that is not included in the API whitelist; and
  
  convey at least one output of the web application for output at the one or more output devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The computing device of claim 1, wherein the at least one output is conveyed for output at the one or more output devices by the at least one local API that is not included in the API whitelist.
  - 3. The computing device of claim 1, further comprising one or more input devices, wherein the at least one local API that is not included in the API whitelist is configured to convey at least one input from the one or more input devices to the web application.
  - 4. The computing device of claim 1, wherein the web application is downloaded from an application store server.
  - 5. The computing device of claim 1, wherein the metadata file indicates at least one additional local API that is included in the API whitelist.
  - 6. The computing device of claim 1, wherein the processor is further configured to add the at least one local API to the API whitelist.
  - 7. The computing device of claim 1, wherein the web host application program is a web browser.
  - 8. The computing device of claim 1, wherein the at least one local API is selected from a group consisting of a notification API, a contacts API, a calendar API, a messaging API, a virtual assistant API, a graphics API, a camera API, a microphone API, a speaker API, and a motion sensor API.
  - 9. The computing device of claim 1, wherein the web application is a progressive web application configured to be executed at each web host application program of a plurality of web host application programs.
  - 10. The computing device of claim 1, wherein the web application is downloaded via the web host application program.

11. A method for use with a computing device, the method comprising:
- downloading a web application, wherein the web application includes;
  
  an authorization certificate; and
  
  a metadata file that includes an identifier of at least one local application program interface (API) of the computing device;
  
  determining that the at least one local API is not included in an API whitelist of a web host application program;
  
  determining, based on the authorization certificate and the metadata file, that the web application is authorized to access the at least one local API that is not included in the API whitelist;
  
  executing the web application at the web host application program, wherein executing the web application includes utilizing the at least one local API that is not included in the API whitelist; and
  
  conveying at least one output of the web application for output at one or more output devices of the computing device.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The method of claim 11, wherein the at least one output is conveyed for output at the one or more output devices by the at least one local API that is not included in the API whitelist.
  - 13. The method of claim 11, wherein the at least one local API that is not included in the API whitelist is configured to convey at least one input from one or more input devices of the computing device to the web application.
  - 14. The method of claim 11, wherein the web application is downloaded from an application store server.
  - 15. The method of claim 11, wherein the method further includes determining that the metadata file indicates at least one additional local API that is included in the API whitelist.
  - 16. The method of claim 11, further comprising adding the at least one local API to the API whitelist.
  - 17. The method of claim 11, wherein the web host application program is a web browser.
  - 18. The method of claim 11, wherein the web application is a progressive web application configured to be executed at each web host application program of a plurality of web host application programs.
  - 19. The method of claim 11, wherein the web application is downloaded via the web host application program.

20. A computing device comprising:
- one or more input devices;
  
  one or more output devices; and
  
  a processor configured to;
  
  download a web application via a web host application program executed by the processor, wherein the web application includes;
  
  an authorization certificate; and
  
  a metadata file that includes an identifier of a plurality of local application program interfaces (APIs) of the computing device;
  
  determine that a first local API and a second local API of the plurality of APIs are not included in an API whitelist of the web host application program;
  
  determine, based on the authorization certificate and the metadata file, that the web application is authorized to access the first local API and the second local API;
  
  execute the web application at the web host application program, wherein executing the web application includes;
  
  conveying at least one input from the one or more input devices to the web application via the first local API; and
  
  conveying at least one output of the web application for output at the one or more output devices via the second local API.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Inventors
CHINNATHAMBI, Kirupa, SEKSENOV, Kiril Nikolov, DALTON, John-David Lewis, RISNEY, David L.

Granted Patent

US 10,931,675 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/53   by executing in a restricte...

G06F 8/60   Software deployment

H04L 63/101   Access control lists [ACL]

H04L 67/02   based on web technology, e....

LOCAL API ACCESS AUTHORIZATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

48 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

LOCAL API ACCESS AUTHORIZATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

48 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links