Mobile application peer-to-peer security system and method

US 7,046,995 B2
Filed: 01/18/2001
Issued: 05/16/2006
Est. Priority Date: 06/09/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A system, including:

a centralized security enforcement node, in communication with at least a receiving host on a peer-to peer network, the receiving host operable to execute a mobile application that jumps to the receiving host from a dispatching host during execution, the centralized security enforcement node including;

a first module to store, prior to a jump to the receiving host, first content data associated with the mobile application;

a second module to receive from the receiving host, prior to instantiation of the mobile application on the receiving host, second content data associated with the mobile application; and

a third module, in communication with the first and second modules, to detect unwanted changes in contents of the mobile application including comparing the first and second content data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The mobile application security system and method in accordance with the invention increases the overall level of security in using a mobile application. In a preferred embodiment, the system may use a peer-to-peer architecture wherein each host of a mobile application is a node of the peer-to-peer network. In operation, when a mobile application jumps between hosts (nodes), information about the mobile application is generated and sent to a central security enforcement node so that the central security enforcement node may perform various security checks. The security checks ensure that the security of the mobile application is not compromised.

68 Citations

View as Search Results

18 Claims

1. A system, including:
- a centralized security enforcement node, in communication with at least a receiving host on a peer-to peer network, the receiving host operable to execute a mobile application that jumps to the receiving host from a dispatching host during execution, the centralized security enforcement node including;
  
  a first module to store, prior to a jump to the receiving host, first content data associated with the mobile application;
  
  a second module to receive from the receiving host, prior to instantiation of the mobile application on the receiving host, second content data associated with the mobile application; and
  
  a third module, in communication with the first and second modules, to detect unwanted changes in contents of the mobile application including comparing the first and second content data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, further including:
    - a fourth module, in communication with the third module, to prevent the receiving host from instantiating the mobile application responsive to detecting unwanted changes.
  - 3. The system of claim 1, wherein the second module receives the second content data associated with the mobile application from the receiving host responsive to the mobile application jumping from an untrusted host to the receiving host.
  - 4. The system of claim 1, wherein the peer-to-peer network includes the dispatching host, and the first module stores the first content data responsive to the dispatching host creating the mobile application.
  - 5. The system of claim 1, further including:
    - a fourth module, in communication with the third module, to provide a copy of the mobile application to the receiving host responsive to detecting unwanted changes.
  - 6. The system of claim 1, wherein the first and the second content data includes one from the group containing a first and a second copy of the mobile application, a first and a second digest of the contents of the mobile application, a first and a second itinerary, and first and second security breach information.
  - 7. The system of claim 1, wherein the first and second content data are related to one from the group containing code, state, and itinerary.

8. A method, including:
- storing at a centralized security enforcement node, prior to a jump to a receiving host from a dispatching host, a first content data associated with a mobile application;
  
  receiving, at the centralized security enforcement node, from the receiving host, second content data associated with the mobile application prior to instantiation of the mobile application at a receiving host, wherein the first and the second content data include one from the group containing a first and a second copy of the mobile application, a first and a second digest of the contents of the mobile application, a first and a second itinerary, and first and second security breach information; and
  
  detecting, at the centralized security enforcement node, unwanted changes in contents of the mobile application including comparing the first and second content data.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The method of claim 8, further including:
    - preventing instantiation of the mobile application on the receiving host responsive to detecting unwanted changes.
  - 10. The method of claim 8, wherein receiving includes receiving the second content data associated with the mobile application, responsive to the mobile application jumping from an untrusted host to the receiving host.
  - 11. The method of claim 8, further including:
    - storing the first content data responsive to creating the mobile application.
  - 12. The method of claim 8, further including:
    - providing a copy of the mobile application responsive to detecting unwanted changes.
  - 13. The method of claim 8, wherein the first and second content are related to one from the group containing code, state, and itinerary.

14. A computer program product including program instructions tangibly stored on a computer-readable medium and operable to cause a computer system to perform a method, including:
- storing at a first module of a centralized security enforcement node, prior to a jump from a receiving host to a dispatching host, first content data associated with a mobile application;
  
  receiving, at a second module of the centralized security enforcement node, from the receiving host second content data associated with the mobile application prior to instantiation of the mobile application; and
  
  detecting, at a third module of the centralized security enforcement node, unwanted changes in contents of the mobile application including comparing the first and second content data.
- View Dependent Claims (15, 16, 17, 18)
- - 15. The computer program product of claim 14, wherein the method further includes:
    - preventing instantiation of the mobile application on the receiving host responsive to detecting unwanted changes.
  - 16. The computer program product of claim 14, wherein receiving includes receiving the second content data associated with the mobile application, responsive to the mobile application jumping from an untrusted host to the receiving host.
  - 17. The computer program product of claim 14, wherein the method further includes:
    - storing the first content data responsive to creating the mobile application.
  - 18. The computer program product of claim 14, wherein the method further includes:
    - providing a copy of the mobile application to the receiving host responsive to detecting unwanted changes in the contents of the mobile application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aramira Corporation
Original Assignee
Aramira Corporation
Inventors
Rygaard, Christopher A.
Primary Examiner(s)
D AGOSTA, STEPHEN M

Application Number

US09/764,548
Publication Number

US 20010051515A1
Time in Patent Office

1,944 Days
Field of Search

455/410, 455/411, 455/422, 455/466, 455/414, 455/418, 709/201, 709/202, 709/203, 709/208, 709/237, 709/317, 370/401, 370/428, 370/429
US Class Current

455/418
CPC Class Codes

G06F 21/12   Protecting executable software

G06F 21/64   Protecting data integrity, ...

G06F 9/4862   the task being a mobile age...

H04L 63/12   Applying verification of th...

H04L 63/123   received data contents, e.g...

H04L 63/20   for managing network securi...

Mobile application peer-to-peer security system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

68 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Mobile application peer-to-peer security system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

68 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links