Application security in an interactive media environment
First Claim
Patent Images
1. A method for ensuring security of an application in an interactive multimedia environment, comprising:
- a. receiving an application comprising instructions for synchronously managing graphics, audio, and video multimedia objects responsively to user input, the instructions not executable to implement a security policy for the application;
b. detecting whether the application has an associated digital signature, wherein the detecting comprises reading a manifest file associated with the application, and determining if the manifest is signed with an author'"'"'s signature and certificate;
c. if a valid digital signature associated with the application is detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, execution of the application resulting in the application having access to a source of local storage of the multimedia player and a network resource;
d. if a valid digital signature associated with the application is not detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, while prohibiting the executing application from accessing a source of local storage of the multimedia player and a network resource;
e. receiving another application;
f. detecting whether the other application has an associated digital signature; and
g. if either a valid digital signature associated with the application or a valid digital signature associated with the other application is not detected, then denying permission for both applications to access both a source of local storage and a network resource of the multimedia player;
orh. if both a valid digital signature associated with the application and a valid digital signature associated with the other application are detected, then granting permission for both applications to access both a source of local storage and a network resource.
2 Assignments
0 Petitions
Accused Products
Abstract
A security system is described which controls the access of applications to system resources in the field of interactive multimedia. The system establishes a framework for application security, including a signature system, and further provides file formats that support security. Signed applications are afforded high access privileges, while unsigned applications are afforded low access privileges. The combination of signed and unsigned applications on, e.g., a disk, provides for low access privileges for all applications, signed and unsigned.
127 Citations
17 Claims
-
1. A method for ensuring security of an application in an interactive multimedia environment, comprising:
-
a. receiving an application comprising instructions for synchronously managing graphics, audio, and video multimedia objects responsively to user input, the instructions not executable to implement a security policy for the application; b. detecting whether the application has an associated digital signature, wherein the detecting comprises reading a manifest file associated with the application, and determining if the manifest is signed with an author'"'"'s signature and certificate; c. if a valid digital signature associated with the application is detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, execution of the application resulting in the application having access to a source of local storage of the multimedia player and a network resource; d. if a valid digital signature associated with the application is not detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, while prohibiting the executing application from accessing a source of local storage of the multimedia player and a network resource; e. receiving another application; f. detecting whether the other application has an associated digital signature; and g. if either a valid digital signature associated with the application or a valid digital signature associated with the other application is not detected, then denying permission for both applications to access both a source of local storage and a network resource of the multimedia player;
orh. if both a valid digital signature associated with the application and a valid digital signature associated with the other application are detected, then granting permission for both applications to access both a source of local storage and a network resource. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 17)
-
-
10. A multimedia playback system for applications comprising instructions for synchronously managing graphics, audio, and video multimedia objects responsively to user input events, the instructions not executable to implement a security policy for the applications, comprising:
-
a network resource; a source of local storage; a device to receive at least a first application; a processor to detect whether any received application has an associated digital signature; wherein if only a first application is received, and if a valid digital signature associated with the first application is detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, execution of the first application resulting in the first application having access to a source of local storage of the multimedia player and a network resource; wherein if only a first application is received, and if a valid digital signature associated with the first application is not detected, then executing the first application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, while prohibiting the executing application from accessing a source of local storage of the multimedia player and a network resource; wherein if a valid digital signature associated with the first application and a valid digital signature associated with a second application are detected, wherein the detecting comprises reading a manifest file associated with the application, and determining if the manifest is signed with an author'"'"'s signature and certificate, the first application and the second application are executed by the processor to synchronously manage graphics, audio, and video multimedia objects responsively to user events, and both the first application and the second application are given permission to access the source of local storage and the network resource; and wherein if a valid digital signature associated with the first application or a valid digital signature associated with the second application is not detected, the first application and the second application are executed by the processor to synchronously manage graphics, audio, and video multimedia objects responsively to user events, but denied permission to access the source of local storage and the network resource. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
Specification