Communication device, control method of communication device, program and communication method
First Claim
1. A communication device, comprising:
- an executing unit configured to execute software;
a memory configured to store permission data, the permission data indicating permissible behavior for an application, the application being a group of functions provided by execution of the software;
a checking unit configured to check, by accessing an external device before the software is executed, whether the permission data are valid; and
an execution control unit configured to;
permit the executing unit to execute the software when, on the basis of a result of the check carried out by the checking unit, the permission data are determined to be valid, and when, on the basis of the permission data, that the software to be executed is determined to include permissible behavior, and;
not permit the executing unit to execute the software when, on the basis of the result of the check executed by the checking unit, the permission data are determined to be invalid or when, on the basis of the permission data, that the software to be executed is determined not to include permissible behavior.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a means for reflecting modifications made in a server to data with regard to a scope of rights, which are granted to an application program operable in a communication device such as a mobile station, on data stored in the communication device. To achieve the aim, in a system according to the present invention, Java-AP software is provided to a mobile station by transmitting an ADF, a SDF and a JAR file from servers to the mobile station in that order. The SDF is a file containing data indicating restrictions of behavior of a Java-AP in a mobile station. The SDF also contains data indicating a validity state of the SDF, namely ‘valid’ or ‘invalid’, which is managed by management server device 18. Before a mobile station runs a Java-APP which is installed in the mobile station, the mobile station accesses management server device 18 and checks whether a SDF corresponding to the Java-APP is valid. When the SDF is valid, the mobile station runs the Java-APP following the restrictions indicated in the SDF.
55 Citations
21 Claims
-
1. A communication device, comprising:
-
an executing unit configured to execute software; a memory configured to store permission data, the permission data indicating permissible behavior for an application, the application being a group of functions provided by execution of the software; a checking unit configured to check, by accessing an external device before the software is executed, whether the permission data are valid; and an execution control unit configured to; permit the executing unit to execute the software when, on the basis of a result of the check carried out by the checking unit, the permission data are determined to be valid, and when, on the basis of the permission data, that the software to be executed is determined to include permissible behavior, and; not permit the executing unit to execute the software when, on the basis of the result of the check executed by the checking unit, the permission data are determined to be invalid or when, on the basis of the permission data, that the software to be executed is determined not to include permissible behavior. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for controlling a communication device, the method comprising:
-
transmitting to the communication device permission data, the permission data indicating permissible behavior for an application, the application being a group of functions provided by execution of software in the communication device; checking, by communicating data between the communication device and an external device, whether the permission data are valid, before the software is executed in the communication device; permitting the software to be executed only when the permission data are determined to be valid on the basis of a result of the check and when the software to be executed is determined to include permissible behavior on the basis of the permission data, and disallowing the executing unit to execute the software when, on the basis of the result of the check executed by the checking unit, the permission data are determined to be invalid or when, on the basis of the permission data, that the software to be executed is determined not to include permissible behavior. - View Dependent Claims (17)
-
-
18. A computer readable storage medium storing a program for causing a computer to execute a process, the process comprising:
-
storing, in a memory, permission data indicating permissible behavior for an application, the application being a group of functions provided by execution of software; checking, by accessing an external device, whether the permission data are valid, before the software is executed; permitting the software to be executed only when the permission data are determined to be valid on the basis of a result of the check and when the software to be executed is determined to include permissible behavior on the basis of the permission data; and disallowing the software to be executed when, on the basis of the result of the check, the permission data are determined to be invalid or when, on the basis of the permission data, that the software to be executed is determined not to include permissible behavior. - View Dependent Claims (19)
-
-
20. A communication method in a communication system comprising (a) a software data providing server device which stores software data containing software for providing a group of functions forming an application, (b) a management server device which stores security descriptor data containing permission data indicating permissible behavior for the application, and (c) an application descriptor data providing server device which stores application descriptor data indicating a storage location of the software data and a storage location of the security descriptor data, the method comprising:
-
transmitting the application descriptor data from said communication system to said communication device; transmitting data indicating the storage location of the security descriptor data contained in the application descriptor data from said communication device to said communication system; transmitting the security descriptor data from said communication system to said communication device on the basis of the data indicating the storage location of the security descriptor data; storing the security descriptor data in said communication device; transmitting data indicating the storage location of the software data contained in the security descriptor data from said communication device to said communication system; transmitting the software data from said communication system to said communication device on the basis of the data indicating the storage location of the software data; installing, in said communication device, the software contained in the software data transmitted from said communication system to said communication device; checking, by communicating data between said communication device and said communication system before the software is executed in said communication device, whether the security descriptor data stored in said communication device are valid; permitting said software to be executed in said communication device only when the security descriptor data are determined to be valid on the basis of a result of the check and when the software to be executed is determined to include permissible behavior on the basis of the permission data; and disallowing the software to be executed in said communication device when the security descriptor data are determined to be invalid on the basis of the result of the check or when, on the basis of the permission data, that the software to be executed is determined not to include permissible behavior. - View Dependent Claims (21)
-
Specification