Risk detection

US 7,861,295 B2
Filed: 12/09/2002
Issued: 12/28/2010
Est. Priority Date: 12/11/2001
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

determining at least one parameter associated with a communication link between an application running on user equipment and a node of said user equipment, wherein the user equipment is included in a communication system and the at least one parameter comprises a memory address representing a location in a data store of said user equipment where the application is stored; and

detecting, at said user equipment, a condition in the communication system in response to said at least one parameter;

wherein said determining of said at least one parameter comprises determining, at said user equipment, if said application communicating with said node via the communication link is authorized to access a service provided at said node, wherein the application is authorized to access the service when the memory address of the application corresponds to a pre-selected storage area in the data store of the user equipment that includes applications placed in the pre-selected storage area only by a manufacturer of the user equipment or by other predetermined trustworthy sources, wherein only the applications in the pre-selected storage area are authorized to, when executed on the user equipment, establish communications links between the user equipment and the node, and wherein determination of the memory address of said application is performed by accessing memory address information for said application stored on a call stack of the user equipment;

subsequent to determining that the application is authorized to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said communication link, said entry being held in the data store of the user equipment to indicate the that application is authorized to access the service;

subsequent to opening the communication link and storing a thread identifier, determining if the application is authorized to access the service by checking if the thread identifier associated with that communication link has been altered since a previous check; and

determining that said client application is authorized to access the service from said service provides if said thread identifier has not altered.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and device for detecting a condition in a communication system, including at least one user equipment, for determining at least one parameter associated with a communication link between an application and a node of said user equipment, and detecting the condition in response to the at least one parameter.

22 Citations

View as Search Results

15 Claims

1. A method comprising:
- determining at least one parameter associated with a communication link between an application running on user equipment and a node of said user equipment, wherein the user equipment is included in a communication system and the at least one parameter comprises a memory address representing a location in a data store of said user equipment where the application is stored; and
  
  detecting, at said user equipment, a condition in the communication system in response to said at least one parameter;
  
  wherein said determining of said at least one parameter comprises determining, at said user equipment, if said application communicating with said node via the communication link is authorized to access a service provided at said node, wherein the application is authorized to access the service when the memory address of the application corresponds to a pre-selected storage area in the data store of the user equipment that includes applications placed in the pre-selected storage area only by a manufacturer of the user equipment or by other predetermined trustworthy sources, wherein only the applications in the pre-selected storage area are authorized to, when executed on the user equipment, establish communications links between the user equipment and the node, and wherein determination of the memory address of said application is performed by accessing memory address information for said application stored on a call stack of the user equipment;
  
  subsequent to determining that the application is authorized to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said communication link, said entry being held in the data store of the user equipment to indicate the that application is authorized to access the service;
  
  subsequent to opening the communication link and storing a thread identifier, determining if the application is authorized to access the service by checking if the thread identifier associated with that communication link has been altered since a previous check; and
  
  determining that said client application is authorized to access the service from said service provides if said thread identifier has not altered.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein said data store compromises a read only memory data store in a mobile user equipment.
  - 3. The method of claim 1, further comprising:
    - determining whether the application has been downloaded into said user equipment from a third party; and
      
      identifying that said application is not authorized to access a service from the node if it is determined that a client application has been so downloaded.
  - 4. The method of claim 3, further comprising:
    - when an application requires access to a service, opening a communication link via which said client application may access a service from a service provider node offering that service; and
      
      detecting from a call stack of a processor running said application, a memory address, identifying where said application resides, for indicating that the client application is authorized to access that service.
  - 5. The method of claim 1, wherein said at least one parameter comprises a message type indicating a type of service to which access is requested by the application, said method further comprising:
    - determining whether said message type is of a type which is predetermined as safe and if so determining that no security risk exists.
  - 6. The method of claim 5, wherein said determining a safe message type comprises comparing said message type with a predetermined list of safe message types.
  - 7. The method claim 5, further comprising:
    - if said message type is determined to be not safe, determining at least one parameter associated with a communication link between an application and a node of said user terminal; and
      
      detecting said condition in response to said at least one parameter.
  - 8. The method of claim 1, further comprising:
    - initiating at least one security measure if said condition is identified.
  - 9. The method of claim 1, wherein said condition comprises whether said application is authorized to access a service from said node.
  - 10. The method of claim 1, wherein said condition comprises a security risk.
  - 11. The method of claim 1, wherein said communication system is a wireless communication system and said user equipment is mobile user equipment.
  - 12. The method of claim 1, wherein said communication link comprises a data link and said node comprises a service provider node.

13. An apparatus comprising:
- at least one processor;
  
  at least one memory, the processor and memory configure to provide a process comprising;
  
  determining at least one parameter associated with a communication link between an application running on user equipment and a node of said user equipment, wherein the user equipment is included in a communication system and the at least one parameter comprises a memory address representing a location in a data store of said user equipment where the application is stored; and
  
  detecting, at said user equipment, a condition in the communication system in response to said at least one parameter;
  
  wherein said determining of said at least one parameter comprises determining, at said user equipment, if said application communicating with said node via the communication link is authorized to access a service provided at said node, wherein the application is authorized to access the service when the memory address of the application corresponds to a pre-selected storage area in the data store of the user equipment that includes applications placed in the pre-selected storage area only by a manufacturer of the user equipment or by other predetermined trustworthy sources, wherein only the applications in the pre-selected storage area are authorized to, when executed on the user equipment, establish communications links between the user equipment and the node, and wherein determination of the memory address of said application is performed by accessing memory address information for said application stored on a call stack of the user equipment;
  
  subsequent to determining that the application is authorized to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said communication link, said entry being held in the data store of the user equipment to indicate the that application is authorized to access the service;
  
  subsequent to opening the communication link and storing a thread identifier, determining if the application is authorized to access the service by checking if the thread identifier associated with that communication link has been altered since a previous check; and
  
  determining that said client application is authorized to access the service from said service provides if said thread identifier has not altered.
- View Dependent Claims (14, 15)
- - 14. The apparatus of claim 13, wherein the process further comprises:
    - determining whether the application has been downloaded into said user equipment from a third party; and
      
      identifying that the application is not authorized to access the service from the node if it is determined that the application has been so downloaded.
  - 15. The apparatus of claim 13, wherein said at least one parametercomprises a message type indicating a type of service to which access is requested by the application, the process further comprising:
    - determining whether said message type is of a type which is predetermined as safe and if so determining that no security risk exists.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Ylitalo, Jouni, Leskela, Jyrki V.
Primary Examiner(s)
PATEL, NIRAV B

Application Number

US10/314,572
Publication Number

US 20030149897A1
Time in Patent Office

2,941 Days
Field of Search

726/2, 726/3, 726/16, 726/17, 726 22- 30, 726/32, 713164-168, 713/187, 713/190, 380/270, 380/247, 455/410, 455/411, 455/419, 709/227, 709/229, 709220-221, 711/170, 711/168, 718/100, 705 56- 59, 705/50, 705/51
US Class Current

726/22
CPC Class Codes

G06F 21/554   involving event detection a...

G06F 21/566   Dynamic detection, i.e. det...

H04M 1/724   User interfaces specially a...

Risk detection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

22 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Risk detection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links