System and method for privilege management and revocation
First Claim
1. A method for managing privileges in a system comprising electronic devices having applications resident on the electronic devices, comprising:
- monitoring a plurality of electronic devices that are present in the system;
detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein the change in privileges comprises an indication that privileges are to be revoked; and
in response to a detection of the change in privileges, resetting all of the plurality of electronic devices such that for each of the plurality of electronic devices that is reset, each application of the one or more applications resident on the electronic device no longer has access to any revoked privileges upon a restart of the application.
2 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure relates generally to the management of privileges associated with certain applications that are accessible by users of electronic equipment, such as, for example, networked computers, mobile wireless communications devices, and the like. In particular, the disclosure is directed to systems and methods for managing privileges associated with particular applications and for revoking these privileges in a timely and robust manner. For example, the device keeps track of which applications get access to which privileges. When policies or application control changes, the system detects which privileges have been revoked for which applications. This can be accomplished by simply comparing the old set of privileges with the new set of privileges. For each revoked privilege for a given application, the system determines if the application has ever accessed that privilege in the past. If an application has accessed a privilege that is now revoked at any time in the past, the device is reset. To ensure that privileges that may be passed between applications are not overlooked, the device is arranged to perform a reset if any revoked privilege accessible by the device is one that may be passed between applications.
-
Citations
18 Claims
-
1. A method for managing privileges in a system comprising electronic devices having applications resident on the electronic devices, comprising:
-
monitoring a plurality of electronic devices that are present in the system; detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein the change in privileges comprises an indication that privileges are to be revoked; and in response to a detection of the change in privileges, resetting all of the plurality of electronic devices such that for each of the plurality of electronic devices that is reset, each application of the one or more applications resident on the electronic device no longer has access to any revoked privileges upon a restart of the application. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for managing privileges for a plurality of electronic devices having applications resident thereon, the system comprising at least one processor configured to:
-
monitor the plurality of electronic devices; detect a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein the change in privileges comprises an indication that privileges are to be revoked; and in response to a detection of the change in privileges, resetting all of the plurality of electronic devices such that for each of the plurality of electronic devices that is reset, each application of the one or more applications resident on the electronic device no longer has access to any revoked privileges upon a restart of the application. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-readable medium comprising instructions executable by a processor, wherein the instructions cause the process to perform acts of a method for managing privileges in a system comprising electronic devices having applications resident on the electronic devices, the acts comprising:
-
monitoring a plurality of electronic devices that are present in the system; detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein the change in privileges comprises an indication that privileges are to be revoked; and in response to a detection of the change in privileges, resetting all of the plurality of electronic devices such that for each of the plurality of electronic devices that is reset, each application of the one or more applications resident on the electronic device no longer has access to any revoked privileges upon a restart of the application. - View Dependent Claims (14, 15, 16, 17, 18)
-
Specification