System and method for loading application classes

US 8,677,506 B2
Filed: 12/03/2009
Issued: 03/18/2014
Est. Priority Date: 12/03/2009
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

determining, at a processing device, a class invoked by an application at run time;

decoding, at the processing device, a security permission encoded as a security token in the application; and

retrieving, from at least one depository, a class variant from a plurality of class variants associated with the class based at least in part on the security permission;

wherein each of the plurality of class variants is configured to define a corresponding functionality of the application; and

wherein the security token is generated upon installation of the application.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an application, variants of a class may be generated and associated with different security permissions for the application. When a class is to be loaded, a determination is made as to the application'"'"'s security permissions, e.g. by decoding a security token. The class is then retrieved from a repository that stores class variants matching the required security level. The retrieved class variant, which may have a full or a reduced functionality as appropriate for the security permission may then by loaded.

36 Citations

View as Search Results

29 Claims

1. A method, comprising:
- determining, at a processing device, a class invoked by an application at run time;
  
  decoding, at the processing device, a security permission encoded as a security token in the application; and
  
  retrieving, from at least one depository, a class variant from a plurality of class variants associated with the class based at least in part on the security permission;
  
  wherein each of the plurality of class variants is configured to define a corresponding functionality of the application; and
  
  wherein the security token is generated upon installation of the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, further comprising associating each of the plurality of class variants with a corresponding security permission.
  - 3. The method according to claim 2, further comprising storing each of the plurality of class variants in separate repositories.
  - 4. The method according to claim 2, wherein each of the plurality of class variants comprises a same namespace.
  - 5. The method according to claim 2, wherein each of the plurality of class variants comprises a same application programming interface.
  - 6. The method according to claim 2,wherein a first class variant provides a first functionality;
    - andwherein a second class variant provides a reduced functionality in comparison to the first class variant.
  - 7. The method according to claim 2, further comprising associating each of the corresponding security permissions with a class variant repository.
  - 8. The method according to claim 7, wherein the plurality of class variants for the class are stored in a repository with a plurality of class variants for at least another class having equivalent security permissions.

9. An apparatus, comprising:
- a memory device; and
  
  a processing device operatively coupled to the memory device comprising;
  
  a request handler; and
  
  at least one class loader;
  
  wherein the request handler is configured to;
  
  process a request for a class invoked by an application at run time; and
  
  decode a security permission encoded as a security token in the application;
  
  wherein the at least one class loader is configured to retrieve a class variant from a plurality of class variants associated with the class based at least in part on to the security permission;
  
  wherein each of the plurality of class variants corresponds to a particular functionality of the application; and
  
  wherein the security token is generated upon installation of the application.
- View Dependent Claims (10, 11)
- - 10. The apparatus according to claim 9,wherein a first class variant provides a first functionality;
    - andwherein a second class variant provides a reduced functionality in comparison to the first class variant.
  - 11. The apparatus according to claim 10,wherein the first class variant is associated with a first security permission;
    - andwherein the second class variant is associated with a second security permission.

12. A computer-readable storage device including computer-executable instructions stored thereon that, when executed by a processing device, configure the processing device to perform operations comprising:
- decoding a security permission encoded as a security token in an application;
  
  determining a class invoked by the application at run time;
  
  selecting a class repository associated with the class; and
  
  loading a variant from a plurality of variants corresponding to the class from the class repository based at least in part on the security permission;
  
  wherein the security token is generated upon installation of the application.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The computer-readable storage device of claim 12, wherein the processing device is configured to perform operations further comprising associating each of the plurality of variants with a corresponding security permission level.
  - 14. The computer-readable storage device of claim 13, wherein the processing device is configured to perform operations further comprising:
    - storing each of the plurality of variants in distinct repositories.
  - 15. The computer-readable storage device of claim 14, wherein the processing device is configured to perform operations further comprising:
    - associating each of the corresponding security permissions levels to a distinct repository.
  - 16. The computer-readable storage device of claim 13, wherein each of the plurality of variants comprises a common namespace.
  - 17. The computer-readable storage device of claim 13, wherein each of the plurality of variants comprises a common application programming interface.
  - 18. The computer-readable storage device of claim 13, wherein the plurality of variants for the class are stored in a repository with a plurality of class variants for at least another class having equivalent security permission levels.
  - 19. The computer-readable storage device of claim 12,wherein a first class variant provides a first functionality;
    - andwherein a second class variant provides a reduced functionality in comparison to the first class variant.

20. A device, comprising:
- a memory device configured to store instructions; and
  
  a processing device configured to execute the instructions stored in the memory device to;
  
  determine a class invoked by an application at run time;
  
  decode a security level encoded as a security token in the application upon installation of the application;
  
  select a class repository associated with the security level; and
  
  load a class variant from a plurality of class variants corresponding to the class from the class repository.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The device of claim 20, wherein the processing device is configured to execute the instructions further to:
    - associate each of the plurality of class variants with a corresponding security permission level.
  - 22. The device of claim 21, wherein the processing device is configured to execute the instructions further to:
    - store each of the plurality of class variants in distinct repositories.
  - 23. The device of claim 21, wherein the processing device is configured to execute the instructions further to:
    - associate corresponding security levels to distinct repositories.
  - 24. The device of claim 21, wherein each of the plurality of class variants comprises a common namespace.
  - 25. The device of claim 21, wherein each of the plurality of class variants comprises a common application programming interface.
  - 26. The device of claim 21, wherein the processing device is configured to execute the instructions further to:
    - store the plurality of class variants for the class in a repository with a plurality of class variants for at least another class having equivalent security permission levels.
  - 27. The device of claim 20,wherein a first class variant provides a first functionality;
    - andwherein a second class variant provides a reduced functionality in comparison to the first class variant.

28. A method, comprising:
- decoding, at a processing device, a security permission encoded as a security token in an application;
  
  identifying, at the processing device, a requirement for a class in the application at run time;
  
  in response to the class not having been previously loaded, loading, at the processing device, a class variant corresponding to the requirement based at least in part on the security permission;
  
  creating, at the processing device, an instance of the class variant; and
  
  performing, at the processing device, an invocation of the instance of the class variant;
  
  wherein the security token is generated upon installation of the application.

29. A method, comprising:
- determining, at a processing device, a class invoked by an application at run time;
  
  decoding, at the processing device, a security permission encoded as a security token in the application;
  
  retrieving, from at least one depository, a class variant from a plurality of class variants associated with the class based at least in part on the security permission;
  
  associating each of the plurality of class variants with a corresponding security permission; and
  
  associating each of the corresponding security permissions with a class variant repository;
  
  wherein each of the plurality of class variants is configured to define a corresponding functionality of the application;
  
  wherein the plurality of class variants for the class are stored in a repository with a plurality of class variants for at least another class having equivalent security permissions; and
  
  wherein the security token is generated upon installation of the application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
OL Security LLC (Intellectual Ventures LLC)
Original Assignee
Osocad Remote LLC (Intellectual Ventures LLC)
Inventors
Wheeler, Thomas
Primary Examiner(s)
McNally, Michael S

Application Number

US12/629,934
Publication Number

US 20110138460A1
Time in Patent Office

1,566 Days
Field of Search

726/27
US Class Current

726/27
CPC Class Codes

G06F 21/121   Restricting unauthorised ex...

G06F 21/51   at application loading time...

G06F 21/53   by executing in a restricte...

G06F 21/54   by adding security routines...

G06F 2221/2141   Access rights, e.g. capabil...

G06F 2221/2149   Restricted operating enviro...

H04L 63/105   Multiple levels of security

System and method for loading application classes

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for loading application classes

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links