Information processing apparatus and method for preventing unauthorized cooperation of applications

US 8,566,937 B2
Filed: 09/26/2011
Issued: 10/22/2013
Est. Priority Date: 10/04/2010
Status: Active Grant

First Claim

Patent Images

1. An information processing apparatus, comprising:

a network control unit configured to establish a connection to an external communications network;

an installation control unit configured to install a first application;

a process control unit configured to start up the first application and establish cooperation among a plurality of applications, the plurality of applications including the first application;

an access-history map updating unit configured to update an access-history map which represents history information on an access relationship among the plurality of applications when a request is made to start up the first application or to establish cooperation among the plurality of applications, so that the updated access-history map is a map when the requested startup is executed or when the requested cooperation is established; and

an unauthorized-cooperation-of-applications control unit configured to (i) determine whether or not an unauthorized cooperation, which is directed at sensitive information kept secret, is established among the plurality of applications with reference to information obtained from the access-history map and an application authorizing list which includes access authority information of the first application, and (ii) control execution of the first application using an application execution control technique for the unauthorized cooperation, which is directed at the sensitive information, found among the plurality of applications in the case where a result of the determination shows that the unauthorized cooperation is established.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An information processing terminal (40) includes: a network control unit (250); an installation control unit (260); a process control unit (200) for starting up an application and establishing cooperation among applications including the application; an access-history map updating unit (290) for updating an access-history map (281) which represents history information on an access relationship among the applications when a request is made to start up the application or to establish cooperation among the applications; and an unauthorized-cooperation-of-applications control unit (220) for (i) determining whether or not an unauthorized cooperation, which is directed at sensitive information kept secret, is established among the applications with reference to information obtained from the access-history map (281) and an application authorizing list (271), and (ii) controlling execution of the application using an application execution control technique in the case where a result of the determination shows that the unauthorized cooperation is established.

Citations

14 Claims

1. An information processing apparatus, comprising:
- a network control unit configured to establish a connection to an external communications network;
  
  an installation control unit configured to install a first application;
  
  a process control unit configured to start up the first application and establish cooperation among a plurality of applications, the plurality of applications including the first application;
  
  an access-history map updating unit configured to update an access-history map which represents history information on an access relationship among the plurality of applications when a request is made to start up the first application or to establish cooperation among the plurality of applications, so that the updated access-history map is a map when the requested startup is executed or when the requested cooperation is established; and
  
  an unauthorized-cooperation-of-applications control unit configured to (i) determine whether or not an unauthorized cooperation, which is directed at sensitive information kept secret, is established among the plurality of applications with reference to information obtained from the access-history map and an application authorizing list which includes access authority information of the first application, and (ii) control execution of the first application using an application execution control technique for the unauthorized cooperation, which is directed at the sensitive information, found among the plurality of applications in the case where a result of the determination shows that the unauthorized cooperation is established.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The information processing apparatus according to claim 1,wherein said unauthorized-cooperation-of-applications control unit is configured to determine whether or not the unauthorized cooperation is established, based on information obtained from the application authorizing list including access authority information representing an access right to personal information or confidential information.
  - 3. The information processing apparatus according to claim 2,wherein said unauthorized-cooperation-of-applications control unit is configured to determine whether or not the unauthorized cooperation is established, based on information obtained from the application authorizing list further including access authority information representing an access right to the external communications network.
  - 4. The information processing apparatus according to claim 1,wherein said unauthorized-cooperation-of-applications control unit is configured to (i) determine whether or not the unauthorized cooperation, which causes a leakage of the sensitive information via the external communications network, is established among the applications, and (ii) control execution of the applications based on control-of-application-execution setting information showing an application execution control technique which prevents the unauthorized-cooperation in the case where a result of the determination shows that the unauthorized cooperation is established.
  - 5. The information processing apparatus according to claim 4,wherein in the case where the determination result shows that the unauthorized cooperation is established, said unauthorized-cooperation-of-applications control unit is configured to avoid the requested starting up of the first application, using the application execution control technique shown in the control-of-application-execution setting information, based on the control-of-application-execution setting information showing an application execution control technique which avoids starting up the first application.
  - 6. The information processing apparatus according to claim 4,wherein in the case where the determination result shows that the unauthorized cooperation is established, said unauthorized-cooperation-of-applications control unit is configured to terminate the connection to the external communications network, using the application execution control technique shown in the control-of-application-execution setting information, based on the control-of-application-execution setting information showing an application execution control technique which terminates the connection to the external communications network.
  - 7. The information processing apparatus according to claim 4,wherein in the case where the determination result shows that the unauthorized cooperation is established, said unauthorized-cooperation-of-applications control unit is configured to close an executing application included in the plurality of applications, using the application execution control technique shown in the control-of-application-execution setting information, until the determination shows that the unauthorized cooperation is not established, based on the control-of-application-execution setting information showing an application execution control technique which closes the executing application until the unauthorized cooperation is not established.
  - 8. The information processing apparatus according to claim 4,wherein in the case where the determination result shows that the unauthorized cooperation is established, said unauthorized-cooperation-of-applications control unit is configured to uninstall the first application, using the application execution control technique shown in the control-of-application-execution setting information, based on the control-of-application-execution setting information showing an application execution control technique which uninstalls the first application.
  - 9. The information processing apparatus according to claim 1,wherein in the case where the determination result shows that the unauthorized cooperation is established, said unauthorized-cooperation-of-applications control unit is configured to notify a user of information showing a potential risk of the unauthorized cooperation.
  - 10. The information processing apparatus according to claim 1,wherein with further reference to the updated access-history map and the application authorizing list, said access-history map updating unit is configured to update an application-unauthorized-cooperation pattern showing an execution status of applications causing a potential risk of the unauthorized cooperation, andwith reference to the updated application-unauthorized-cooperation pattern, said unauthorized-cooperation-of-applications control unit is configured to determine whether or not the unauthorized cooperation is established among the applications causing the potential risk of the unauthorized cooperation.
  - 11. The information processing apparatus according to claim 1, further comprising:
    - a sensitive information holding unit configured to hold the sensitive information;
      
      an access-history map holding unit configured to hold the access-history map;
      
      an application authorizing list holding unit configured to hold the application authorizing list; and
      
      an application execution control setting information holding unit configured to hold application execution control setting information showing the technique of controlling execution of the plurality of applications for the unauthorized cooperation directed at the personal information among the plurality of applications,wherein said access-history map updating unit is configured to update the access-history map held in said access-history map holding unit, andsaid unauthorized-cooperation-of-applications control unit is configured to (i) determine, with reference to information obtained from the updated access-history map and the application authorizing list held in said application authorizing list holding unit, whether or not an unauthorized cooperation, which is directed at the sensitive information held in said sensitive information holding unit, is established among the plurality of applications and, and (ii) control execution of the plurality of applications, using an application execution control technique shown by the application execution control setting information held in said application execution control setting information holding unit, in the case where a result of the determination shows that the unauthorized cooperation is established.

12. A method for preventing unauthorized cooperation of a plurality of applications, said method comprising:
- installing a first application;
  
  starting up the plurality of applications and establishing cooperation among the plurality of applications, the plurality of applications including the first application;
  
  updating an access-history map which represents history information on an access relationship among the plurality of applications when a request is made to start up the first application or to establish cooperation among the plurality of applications, so that the updated access-history map is a map when the requested startup is executed or when the requested cooperation is established;
  
  determining whether or not an unauthorized cooperation, which is directed at sensitive information kept secret, is established among the plurality of applications with reference to information obtained from the access-history map and an application authorizing list which includes access authority information of the first application; and
  
  controlling execution of the first application using an application execution control technique for the unauthorized cooperation, which is directed at the sensitive information, found among the plurality of applications in the case where a result of the determination shows that the unauthorized cooperation is established.

13. A non-transitory computer-readable recording medium having stored thereon a program for causing a computer to execute a method for preventing unauthorized cooperation of a plurality of applications, the method comprising:
- installing a first application;
  
  starting up the plurality of applications and establishing cooperation among the plurality of applications, the plurality of applications including the first application;
  
  updating an access-history map which represents history information on an access relationship among the plurality of applications when a request is made to start up the first application or to establish cooperation among the plurality of applications, so that the updated access-history map is a map when the requested startup is executed or when the requested cooperation is established;
  
  determining whether or not an unauthorized cooperation, which is directed at sensitive information kept secret, is established among the plurality of applications with reference to information obtained from the access-history map and an application authorizing list which includes access authority information of the first application; and
  
  controlling execution of the first application using an application execution control technique for the unauthorized cooperation, which is directed at the sensitive information, found among the plurality of applications in the case where a result of the determination shows that the unauthorized cooperation is established.

14. An integrated circuit, comprising:
- a network control unit configured to establish a connection to an external communications network;
  
  an installation control unit configured to install a first application;
  
  a process control unit configured to start up the first application and establish cooperation among a plurality of applications, the plurality of applications including the first application;
  
  an access-history map updating unit configured to update an access-history map which represents history information on an access relationship among the plurality of applications when a request is made to start up the first application or to establish cooperation among the plurality of applications, so that the updated access-history map is a map when the requested startup is executed or when the requested cooperation is established; and
  
  an unauthorized-cooperation-of-applications control unit configured to (i) determine whether or not an unauthorized cooperation, which is directed at sensitive information kept secret, is established among the plurality of applications with reference to information obtained from the access-history map and an application authorizing list which includes access authority information of the first application, and (ii) control execution of the first application using an application execution control technique for the unauthorized cooperation, which is directed at the sensitive information, found among the plurality of applications in the case where a result of the determination shows that the unauthorized cooperation is established.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Original Assignee
Panasonic Corporation (Panasonic Holdings Corporation)
Inventors
Haga, Tomoyuki, Matsushima, Hideki, Maeda, Manabu
Primary Examiner(s)
Zee, Edward

Application Number

US13/511,803
Publication Number

US 20120291138A1
Time in Patent Office

757 Days
Field of Search

726/22, 726/26, 726/27, 726/29, 726/30, 713/189, 713/193
US Class Current

726/22
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/54   by adding security routines...

G06F 21/554   involving event detection a...

G06F 2221/2101   Auditing as a secondary aspect

Information processing apparatus and method for preventing unauthorized cooperation of applications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Information processing apparatus and method for preventing unauthorized cooperation of applications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links