Mobile application security system and method

US 7,269,845 B1
Filed: 08/23/2000
Issued: 09/11/2007
Est. Priority Date: 06/09/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method for verifying integrity of a jumping mobile application, the method including:

storing, prior to a jump and at a server, a first instance of a mobile application that jumps from a first host to a second host during execution, an instance of the mobile application including executable code for the mobile application;

receiving, during the jump and at the server, a second instance of the mobile application; and

detecting unwanted changes in contents of the mobile application, including the server comparing the first and second instances.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The mobile application security system and method in accordance with the invention increases the overall level of security in using a mobile application. In a preferred embodiment, the system may use a client/server architecture wherein each host of a mobile application is treated as a client and a central computer is treated as the server. In operation, any time that a mobile application is going to jump between hosts, it must first pass through the central computer so that the central computer may perform various security checks. The security checks ensure that the security of the mobile application is not compromised and overcomes the above problems with typical mobile application systems.

29 Citations

View as Search Results

23 Claims

1. A method for verifying integrity of a jumping mobile application, the method including:
- storing, prior to a jump and at a server, a first instance of a mobile application that jumps from a first host to a second host during execution, an instance of the mobile application including executable code for the mobile application;
  
  receiving, during the jump and at the server, a second instance of the mobile application; and
  
  detecting unwanted changes in contents of the mobile application, including the server comparing the first and second instances.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the contents are one or more from the group containing code, state data, and itinerary data.
  - 3. The method of claim 1, wherein detecting unwanted changes includes detecting unwanted changes responsive to receiving the mobile application from an untrusted host.
  - 4. The method of claim 1, wherein storing includes storing the first instance of the mobile application responsive to the mobile application being received from a trusted host.
  - 5. The method of claim 1, wherein the first instance includes a first checksum and the second instance includes a second checksum.
  - 6. The method of claim 1, wherein the first instance includes a copy of the mobile application as it existed prior to the jump and the second instance includes a copy of the mobile application as it existed during the jump.
  - 7. The method of claim 1, further comprising:
    - forwarding the mobile application to the second host.

8. A system, including:
- a server, in communication with a first host and a second host, the first and second hosts executing a mobile application that jumps from the first host to the second host during execution, where during the jump from the first host to the second host the mobile application passes through the server,the server storing, prior to the jump from the first host to the second host, a first instance of the mobile application, an instance of the mobile application including executable code for the mobile application,the server receiving from the first host, during the jump to the second host, a second instance of the mobile application, andthe server detecting unwanted changes in contents of the mobile application including comparing the first and second instances.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16)
- - 9. The system of claim 8, wherein the contents are one or more from the group containing code, state data, and itinerary data.
  - 10. The system of claim 8, wherein the server detects unwanted changes responsive to receiving the mobile application from an untrusted host.
  - 11. The system of claim 8, wherein the server stores the first instance of the mobile application responsive to the mobile application being received from a trusted host.
  - 12. The system of claim 8, wherein the first instance includes a first checksum and the second instance includes a second checksum.
  - 13. The system of claim 8, wherein the first instance includes a copy of the mobile application as it existed prior to the jump and the second instance includes a copy of the mobile application as it existed during the jump.
  - 14. The system of claim 8, wherein the server forwards the mobile application to the second host.
  - 15. The system of claim 8, wherein the server is operable to:
    - in response to receiving a request from the mobile application for code for execution on the second host, determine whether the first host is allowed to inject code;
      
      when the first host is determined as being allowed to inject code, retrieve the code from the first host and send the code to the mobile application; and
      
      when the first host is determined as not being allowed to inject code, search for the code on the server and, if the code is found on the server, send the code found on the server to the mobile application.
  - 16. The system of claim 8, wherein the server is operable to:
    - determine whether the first host is allowed to inject code and whether the mobile application has been previously dispatched;
      
      when the first host is determined as not being allowed to inject code and the mobile application is determined to have not been previously dispatched, remove the mobile application'"'"'s code;
      
      when the first host is determined as not being allowed to inject code, the mobile application is determined to have been previously dispatched, restore the mobile application'"'"'s datastore as the datastore existed for the previous dispatch; and
      
      when the first host is determined as being allowed to inject code, determine whether a host originating the mobile application is trusted and, when the host originating the mobile application is trusted, dispatch the mobile application.

17. A computer program product including program instructions tangibly stored on a computer-readable medium and operable to cause a computer system to perform a method for verifying integrity of a jumping mobile application, the method including:
- storing, prior to a jump and at a location other than a first host or a second host, a first instance of a mobile application that jumps from the first host to the second host during execution, an instance of the mobile application including executable code for the mobile application,receiving, during the jump and at the location, a second instance of the mobile application, anddetecting unwanted changes in contents of the mobile application including comparing, at the location, the first and second instances.
- View Dependent Claims (18, 19, 20, 21, 22, 23)
- - 18. The computer program product of claim 17, wherein the contents are one or more from the group containing code, state data, and itinerary data.
  - 19. The computer program product of claim 17, wherein detecting unwanted changes includes detecting unwanted changes responsive to receiving the mobile application from an untrusted host.
  - 20. The computer program product of claim 17, wherein storing includes storing the first instance of the mobile application responsive to the mobile application being received from a trusted host.
  - 21. The computer program product of claim 17, wherein the first instance includes a first checksum and the second instance includes a second checksum.
  - 22. The computer program product of claim 17, wherein the first instance includes a copy of the mobile application as it existed prior to the jump and the second instance includes a copy of the mobile application as it existed during the jump.
  - 23. The computer program product of claim 17, further comprising:
    - forwarding the mobile application to the second host.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Aramira Corporation
Original Assignee
Aramira Corporation
Inventors
Bisted, Morris J. Jr., Rygaard, Chris
Primary Examiner(s)
Arani; Taghi
Assistant Examiner(s)
JACKSON, JENISE E

Application Number

US09/645,028
Time in Patent Office

2,575 Days
Field of Search

713200-201, 709223-229, 709/232, 709/238, 709/246, 717/116, 717/108, 717126-127, 726/2, 726/3
US Class Current

726/3
CPC Class Codes

G06F 21/12   Protecting executable software

G06F 21/64   Protecting data integrity, ...

H04L 63/123   received data contents, e.g...

Mobile application security system and method

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

29 Citations

23 Claims

Specification

Use Cases

Quick Links

Others

Mobile application security system and method

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

29 Citations

23 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others