Authorizing local application activity using remotely defined security data
First Claim
1. A method comprising:
- receiving, from a server, a sequence of instructions executable by a virtual machine on an electronic device and at least one permission indicator associated with the sequence of instructions, a first of the at least one permission indicators associated with a protected activity on the electronic device, wherein the sequence of instructions, when executed by the virtual machine, are adapted to present, through a user interface of the electronic device, content associated with a particular information channel of a plurality of interactive information channels defined on the electronic device in response to a selection of the particular information channel through the user interface;
storing the sequence of instructions and the associated at least one permission indicator in a particular segment of a feed store of the electronic device, wherein the feed store includes a plurality of segments, with each segment corresponding to one of the plurality of information channels and the particular segment corresponds to the particular information channel;
receiving a request, through the user interface, to display the content associated with the particular information channel;
retrieving the sequence of instructions from the particular segment of the feed store in response to the request;
executing the sequence of instructions using the virtual machine;
identifying, using the virtual machine, an instruction within the sequence of instructions as being associated with the protected activity;
determining, using the virtual machine, whether execution of the identified instruction is permitted based, at least in part, on the first permission indicator; and
performing the protected activity if execution of the identified instruction is permitted.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods, including computer software adapted to perform certain operations, can be implemented for preventing content received from non-trusted sources from accessing protected data. A sequence of instructions and multiple permission indicators associated with the sequence of instructions are received. One or more of permission indicators are associated with a protected activity. An instruction within the sequence of instructions associated with the protected activity is identified. A determination is made whether execution of the identified instruction is permitted based, at least in part, on the one or more permission indicators, and the protected activity is performed if execution of the identified instruction is permitted.
21 Citations
25 Claims
-
1. A method comprising:
-
receiving, from a server, a sequence of instructions executable by a virtual machine on an electronic device and at least one permission indicator associated with the sequence of instructions, a first of the at least one permission indicators associated with a protected activity on the electronic device, wherein the sequence of instructions, when executed by the virtual machine, are adapted to present, through a user interface of the electronic device, content associated with a particular information channel of a plurality of interactive information channels defined on the electronic device in response to a selection of the particular information channel through the user interface; storing the sequence of instructions and the associated at least one permission indicator in a particular segment of a feed store of the electronic device, wherein the feed store includes a plurality of segments, with each segment corresponding to one of the plurality of information channels and the particular segment corresponds to the particular information channel; receiving a request, through the user interface, to display the content associated with the particular information channel; retrieving the sequence of instructions from the particular segment of the feed store in response to the request; executing the sequence of instructions using the virtual machine; identifying, using the virtual machine, an instruction within the sequence of instructions as being associated with the protected activity; determining, using the virtual machine, whether execution of the identified instruction is permitted based, at least in part, on the first permission indicator; and performing the protected activity if execution of the identified instruction is permitted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A computer program product, encoded on a non-transitory computer-readable medium, operable to cause data processing apparatus to perform operations comprising:
-
receiving, from a server, a permission indicator associated with an information source and further associated with a protected activity; storing, in a persistent storage device on a mobile device, the permission indicator, wherein the persistent storage device includes a plurality of segments with each segment storing content received from the information source for one of a plurality of information channels and one of the segments storing content and the permission indicator for the information source, with the content for the information source including a plurality of instructions executable by a virtual machine player on the mobile device; receiving, through a user interface on the mobile device, a request to display the content for the information source on a user interface of the mobile device; retrieving the plurality of instructions for execution on a virtual machine player; identifying an instruction of the plurality of instructions associated with the protected activity; determining that the protected activity is permitted based, at least in part, on the permission indicator stored in the persistent storage device; and executing the instruction using the virtual machine player in response to determining that the protected activity is permitted, wherein executing the instruction comprises performing the protected activity. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A system comprising:
-
a user interface device; a persistent storage device; and one or more processors operable to interact with the user interface device and the persistent storage device, the one or more processors further operable to; receive a transmission from a remote source, the transmission comprising a sequence of instructions executable by a virtual machine on the user interface device and a permissions data structure associated with the sequence of instructions, the permissions data structure comprising at least one permission indicator, the at least one permission indicator associated with at least one protected activity on the user interface device, wherein the sequence of instructions, when executed by the virtual machine, are adapted to present content associated with a particular information channel of a plurality of interactive information channels defined in the persistent storage device in response to a selection of the particular information channel through a user interface of the electronic device; store the sequence of instructions and the permissions data structure in a particular segment of the persistent storage device, wherein the persistent storage device includes a plurality of segments, with each segment corresponding to one of the plurality of information channels and the particular segment corresponds to the particular information channel; retrieve the sequence of instructions and the permissions data structure from the persistent storage device in response to a stimulus received through the user interface device, the stimulus indicating a request to display the content associated with the particular information channel; execute the sequence of instructions using the virtual machine; determine, using the virtual machine, that a first protected activity is prohibited based, at least in part, on the at least one permission indicator; and block the first protected activity based on the determination that the first protected activity is prohibited. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25)
-
Specification