System and method for application program operation on a wireless device
First Claim
Patent Images
1. A method for providing security features for a mobile device, wherein the method comprises:
- providing a security management module with one or more security features;
providing a connect module for updating the one or more security features;
interfacing the connect module and the security management module with an operating system of the mobile device, by integrating application programming interfaces of the connect module with host environment application programming interfaces and providing security services to the mobile device via the application programming interfaces of the connect module to augment the behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system;
providing access information to the security management module, the access information comprising information specifying whether applications on the mobile device can access a sensitive function of one of the host application programming interfaces; and
when a given application being executed on the mobile device makes a function call to an application program interface that provides access to a sensitive function, allowing execution of the function call to the sensitive function when the access information indicates that function calls to the sensitive function by the given application are allowed, and otherwise not allowing execution of the function call to the sensitive function.
5 Assignments
0 Petitions
Accused Products
Abstract
Embodiments described herein address mobile devices with non-secure operating systems that do not provide a sufficient security framework. More particularly, the embodiments described herein provide a set of applications to the device for providing security features to the non-secure operating system.
-
Citations
22 Claims
-
1. A method for providing security features for a mobile device, wherein the method comprises:
-
providing a security management module with one or more security features; providing a connect module for updating the one or more security features; interfacing the connect module and the security management module with an operating system of the mobile device, by integrating application programming interfaces of the connect module with host environment application programming interfaces and providing security services to the mobile device via the application programming interfaces of the connect module to augment the behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system; providing access information to the security management module, the access information comprising information specifying whether applications on the mobile device can access a sensitive function of one of the host application programming interfaces; and when a given application being executed on the mobile device makes a function call to an application program interface that provides access to a sensitive function, allowing execution of the function call to the sensitive function when the access information indicates that function calls to the sensitive function by the given application are allowed, and otherwise not allowing execution of the function call to the sensitive function. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A method for providing security features for a mobile device, wherein the method comprises:
-
providing a security management module with one or more security features; providing a connect module for updating the one or more security features; interfacing the connect module and the security management module with an operating system of the mobile device, by integrating application programming interfaces of the connect module with host environment application programming interfaces and providing security services to the mobile device via the application programming interfaces of the connect module to augment the behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system; providing execution information to the security management module, the execution information comprising information on whether an application on the mobile device is allowed to be executed by the operating system; and when a given application is to be executed on the mobile device, allowing execution of the given application when the execution information indicates that the given application is an allowable application, and otherwise not allowing execution of the given application. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A mobile device comprising:
-
a main processor that controls operations of the mobile device; a communication subsystem connected to the main processor, wherein the communication subsystem is configured to send and receive data; and a set of applications for providing security features for an operating system of the mobile device, the set of applications implementing; a security management module for providing security features to the operating system of the mobile device; a connect module for updating the security features provided by the security management module; and an integration module for interfacing the connect module and the security management module with the operating system, wherein the integration module integrates application programming interfaces of the connect module with host environment application programming interfaces and provides security services to the mobile device via the application programming interfaces of the connect module to augment behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system; wherein the mobile device further comprises access information, the access information comprising information specifying whether applications on the mobile device can access a sensitive function of one of the host environment application programming interfaces; and wherein the security management module is arranged to allow execution of a function call to a sensitive function when a given application being executed on the mobile device makes a function call to the at least one application program interface that provides access to the sensitive function when the access information indicates that function calls to the sensitive function by the given application are allowed, and otherwise not to allow execution of the function call to the sensitive function. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A mobile device comprising:
-
a main processor that controls operations of the mobile device; a communication subsystem connected to the main processor, wherein the communication subsystem is configured to send and receive data; and a set of applications for providing security features for an operating system of the mobile device, the set of applications implementing; a security management module for providing security features to the operating system of the mobile device; a connect module for updating the security features provided by the security management module; and an integration module for interfacing the connect module and the security management module with the operating system, wherein the integration module integrates application programming interfaces of the connect module with host environment application programming interfaces and provides security services to the mobile device via the application programming interfaces of the connect module to augment behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system; wherein the mobile device further comprises execution information, the execution information comprises information on whether an application on the mobile device is allowed to be executed by the operating system; and wherein the security management module is arranged to allow execution of a given application when a given application is to be executed on the mobile device when the execution information indicates that the given application is an allowable application, and otherwise the security management module is arranged not to allow execution of the given application. - View Dependent Claims (17, 18, 19, 20)
-
-
21. A non-transitory computer-readable medium comprising instructions, which when executed by a processor of a mobile device, configures the processor to perform a method for providing security features for the mobile device, wherein the method comprises:
-
providing a security management module with one or more security features; providing a connect module for updating the one or more security features; interfacing the connect module and the security management module with an operating system of the mobile device, by integrating application programming interfaces of the connect module with host environment application programming interfaces and providing security services to the mobile device via the application programming interfaces of the connect module to augment the behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system; providing access information to the security management module, the access information comprising information specifying whether applications on the mobile device can access a sensitive function of one of the host application programming interfaces; and when a given application being executed on the mobile device makes a function call to an application program interface that provides access to a sensitive function, allowing execution of the function call to the sensitive function when the access information indicates that function calls to the sensitive function by the given application are allowed, and otherwise not allowing execution of the function call to the sensitive function.
-
-
22. A non-transitory computer-readable medium comprising instructions, which when executed by a processor of a mobile device, configures the processor to perform a method for providing security features for the mobile device, wherein the method comprises:
-
providing a security management module with one or more security features; providing a connect module for updating the one or more security features; interfacing the connect module and the security management module with an operating system of the mobile device, by integrating application programming interfaces of the connect module with host environment application programming interfaces and providing security services to the mobile device via the application programming interfaces of the connect module to augment the behavior of the host environment application programming interfaces and the mobile device in order to affect the security capabilities of the operating system; providing execution information to the security management module, the execution information comprising information on whether an application on the mobile device is allowed to be executed by the operating system; and when a given application is to be executed on the mobile device, allowing execution of the given application when the execution information indicates that the given application is an allowable application, and otherwise not allowing execution of the given application.
-
Specification