Apparatus and method for securing mobile terminal

US 8,626,125 B2
Filed: 01/16/2012
Issued: 01/07/2014
Est. Priority Date: 08/24/2011
Status: Active Grant

First Claim

Patent Images

1. A mobile terminal, comprising:

an application part to receive information related to an application and to receive reference information used for determining whether to block an unauthorized command, the application being an authorized application or an unauthorized application;

a determining unit to receive a request to execute a command issued by the application and to determine, using the set reference information, whether the command or the application is authorized to access a system resource of the mobile terminal;

a blocking unit to block an execution of the command in response to a determination that the execution of the command is unauthorized or issued by the unauthorized application; and

a service unit to execute the command in response to a determination that the execution command is authorized and issued by the authorized application.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile terminal and a method for securing information are provided. The mobile terminal includes an application part to receive information related to an application; a determining unit to receive a command issued by the application and to determine whether the command or the application is authorized to access a system resource of the mobile terminal; and a blocking unit to block an execution of the command in response to a determination that the execution of the command is unauthorized or issued by the unauthorized application. The method includes receiving information related to an application; receiving a request for executing a command issued by the application; determining whether the requested command or the application is authorized to access a system resource of a mobile terminal; and blocking execution of the command in response to a determination that the execution of the command is unauthorized or issued by an unauthorized application.

34 Citations

View as Search Results

22 Claims

1. A mobile terminal, comprising:
- an application part to receive information related to an application and to receive reference information used for determining whether to block an unauthorized command, the application being an authorized application or an unauthorized application;
  
  a determining unit to receive a request to execute a command issued by the application and to determine, using the set reference information, whether the command or the application is authorized to access a system resource of the mobile terminal;
  
  a blocking unit to block an execution of the command in response to a determination that the execution of the command is unauthorized or issued by the unauthorized application; and
  
  a service unit to execute the command in response to a determination that the execution command is authorized and issued by the authorized application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The mobile terminal of claim 1, wherein the request to execute a command comprises an execution command and a request to access an Application Platform Interface (API) or data storage.
  - 3. The mobile terminal of claim 1, wherein the system resource of the mobile terminal comprises an Application Platform Interface (API) or data storage.
  - 4. The mobile terminal of claim 1, wherein the determining unit extracts the command and a packet name of the application from the request, and compares the extracted values to a reference value stored in an execution command management table.
  - 5. The mobile terminal of claim 1, further comprising a determination information storage unit to store reference information related to the application.
  - 6. The mobile terminal of claim 5, wherein the determining unit extracts information from the request and determines whether the extracted information corresponds to the reference information.
  - 7. The mobile terminal of claim 6, wherein the extracted information from the request comprises at least one of information related to the mobile terminal, a key value, a parameter value, and a parameter name.
  - 8. The mobile terminal of claim 1, wherein the determining unit determines that the requested command or the application is authorized if the requested command is an internal command.
  - 9. The mobile terminal of claim 1, wherein the determining unit determines that the application is authorized if the application, in response to being called, is executed to be displayed on a foreground of a display screen.
  - 10. The mobile terminal of claim 1, wherein the determining unit determines that the requested command is an unauthorized command, if a difference between a key input time transmitting the request and a time of execution of the command exceeds a reference threshold value.
  - 11. The mobile terminal of claim 1, wherein the determining unit determines whether the application is unauthorized based on blocking management information.
  - 12. The mobile terminal of claim 1, wherein the blocking unit reports information related to the unauthorized application, comprising:
    - a name of the application, an access time, an access command, and information related to an attempted access.

13. A method for securing information in a mobile terminal, comprising:
- receiving information related to an application;
  
  receiving reference information for determining whether to block an unauthorized command;
  
  receiving a request for executing a command issued by the application;
  
  determining, using the reference information, whether the requested command or the application is authorized to access a system resource of a mobile terminal;
  
  blocking execution of the command in response to a determination that the execution of the command is unauthorized or issued by an unauthorized application; and
  
  executing the command in response to a determination that the execution of the command is authorized or issued by an authorized application.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
- - 14. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - extracting a command and information related to the application from the request; and
      
      comparing the extracted command and information to a stored reference value for determining whether the requested command or the application is authorized.
  - 15. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - extracting additional information related to the request; and
      
      comparing the extracted additional information to an acquired reference value for determining whether the requested command or the application is authorized.
  - 16. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - determining whether the command is an internal command; and
      
      blocking the execution of the command in response to the command being determined not to be an internal command, wherein the internal command is issued from an internal source of the mobile terminal.
  - 17. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - determining the command or the application, when executed, is to be displayed on a foreground of a display screen of the mobile terminal; and
      
      blocking the execution of the command or the application if the command is determined not to be displayed on the foreground of the display screen of the mobile terminal.
  - 18. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - calculating a delay between a time of input detection and a time that the command is executed;
      
      comparing the delay with a reference threshold value; and
      
      determining that the command or the application is unauthorized in response to the delay exceeding the reference threshold value.
  - 19. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - detecting blocking management service information; and
      
      determining whether a service corresponding to the request is authorized based on the blocking management service information.
  - 20. The method of claim 13, wherein determining whether the requested command or the application is authorized is based on a security level of the application.
  - 21. The method of claim 13, wherein determining whether the requested command or the application is authorized further comprises:
    - setting format information for blocking notification;
      
      determining whether an access request from the application is to be blocked; and
      
      blocking the application according to format information in response to the determination that the access request from the application is to be blocked.

22. A method for securing information in a mobile terminal, comprising:
- storing a reference value corresponding to a command and a list of authorized applications;
  
  receiving reference information for determining whether to block an unauthorized command;
  
  receiving a request for executing a command issued by an application;
  
  extracting the command and information related to the application from the request;
  
  comparing the extracted command and information to a stored reference value for determining whether the requested command or the application is authorized;
  
  blocking the execution of the command in response to a determination that the execution of the command or the application is unauthorized; and
  
  executing the command in response to a determination that the execution command and the application are authorized,wherein the determination of whether the requested command and the application are authorized is made using the reference information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pantech Corporation (Ideahub, Inc.)
Original Assignee
Pantech Corporation (Ideahub, Inc.)
Inventors
LEE, Joon-Seub, Kim, Jin-Young, JEONG, Min-Che
Primary Examiner(s)
Nguyen, David Q

Application Number

US13/351,119
Publication Number

US 20130052992A1
Time in Patent Office

722 Days
Field of Search

455410-411, 455/432.2, 726/1, 726/17, 726/25, 726/22, 717/126
US Class Current

455/411
CPC Class Codes

G06F 21/45   Structures or tools for the...

G06F 21/52   during program execution, e...

G06F 21/554   involving event detection a...

Apparatus and method for securing mobile terminal

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

34 Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatus and method for securing mobile terminal

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

34 Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links