Risk detection
First Claim
Patent Images
1. A method comprising:
- determining at least one parameter associated with a communication link between an application running on user equipment and a node of said user equipment, wherein the user equipment is included in a communication system and the at least one parameter comprises a memory address representing a location in a data store of said user equipment where the application is stored; and
detecting, at said user equipment, a condition in the communication system in response to said at least one parameter;
wherein said determining of said at least one parameter comprises determining, at said user equipment, if said application communicating with said node via the communication link is authorized to access a service provided at said node, wherein the application is authorized to access the service when the memory address of the application corresponds to a pre-selected storage area in the data store of the user equipment that includes applications placed in the pre-selected storage area only by a manufacturer of the user equipment or by other predetermined trustworthy sources, wherein only the applications in the pre-selected storage area are authorized to, when executed on the user equipment, establish communications links between the user equipment and the node, and wherein determination of the memory address of said application is performed by accessing memory address information for said application stored on a call stack of the user equipment;
subsequent to determining that the application is authorized to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said communication link, said entry being held in the data store of the user equipment to indicate the that application is authorized to access the service;
subsequent to opening the communication link and storing a thread identifier, determining if the application is authorized to access the service by checking if the thread identifier associated with that communication link has been altered since a previous check; and
determining that said client application is authorized to access the service from said service provides if said thread identifier has not altered.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and device for detecting a condition in a communication system, including at least one user equipment, for determining at least one parameter associated with a communication link between an application and a node of said user equipment, and detecting the condition in response to the at least one parameter.
22 Citations
15 Claims
-
1. A method comprising:
-
determining at least one parameter associated with a communication link between an application running on user equipment and a node of said user equipment, wherein the user equipment is included in a communication system and the at least one parameter comprises a memory address representing a location in a data store of said user equipment where the application is stored; and detecting, at said user equipment, a condition in the communication system in response to said at least one parameter; wherein said determining of said at least one parameter comprises determining, at said user equipment, if said application communicating with said node via the communication link is authorized to access a service provided at said node, wherein the application is authorized to access the service when the memory address of the application corresponds to a pre-selected storage area in the data store of the user equipment that includes applications placed in the pre-selected storage area only by a manufacturer of the user equipment or by other predetermined trustworthy sources, wherein only the applications in the pre-selected storage area are authorized to, when executed on the user equipment, establish communications links between the user equipment and the node, and wherein determination of the memory address of said application is performed by accessing memory address information for said application stored on a call stack of the user equipment; subsequent to determining that the application is authorized to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said communication link, said entry being held in the data store of the user equipment to indicate the that application is authorized to access the service; subsequent to opening the communication link and storing a thread identifier, determining if the application is authorized to access the service by checking if the thread identifier associated with that communication link has been altered since a previous check; and determining that said client application is authorized to access the service from said service provides if said thread identifier has not altered. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
at least one processor; at least one memory, the processor and memory configure to provide a process comprising; determining at least one parameter associated with a communication link between an application running on user equipment and a node of said user equipment, wherein the user equipment is included in a communication system and the at least one parameter comprises a memory address representing a location in a data store of said user equipment where the application is stored; and detecting, at said user equipment, a condition in the communication system in response to said at least one parameter; wherein said determining of said at least one parameter comprises determining, at said user equipment, if said application communicating with said node via the communication link is authorized to access a service provided at said node, wherein the application is authorized to access the service when the memory address of the application corresponds to a pre-selected storage area in the data store of the user equipment that includes applications placed in the pre-selected storage area only by a manufacturer of the user equipment or by other predetermined trustworthy sources, wherein only the applications in the pre-selected storage area are authorized to, when executed on the user equipment, establish communications links between the user equipment and the node, and wherein determination of the memory address of said application is performed by accessing memory address information for said application stored on a call stack of the user equipment; subsequent to determining that the application is authorized to access the service, storing a thread identifier, associated with a lightweight process run by said application, in an entry associated with said communication link, said entry being held in the data store of the user equipment to indicate the that application is authorized to access the service; subsequent to opening the communication link and storing a thread identifier, determining if the application is authorized to access the service by checking if the thread identifier associated with that communication link has been altered since a previous check; and determining that said client application is authorized to access the service from said service provides if said thread identifier has not altered. - View Dependent Claims (14, 15)
-
Specification