Digital rights management for applications
First Claim
1. A method of managing access to an application, the method comprising:
- by a security module implemented in a computing system comprising one or more processors, the security module being an embedded component of an application;
identifying an attempt to execute the application by a user;
in response to identifying the attempt to execute the application, processing a security token associated with the application to confirm whether execution of the application is authorized;
determining whether an unauthorized modification has been made to the application by at least comparing a value in the security token with a value derived from the application, wherein the value derived from the application is calculated based at least in part on performing a mathematical operation with respect to the application, said performing the mathematical operation comprising;
performing the mathematical operation based on at least an executable portion of the application if the application exceeds a predetermined size; and
performing the mathematical operation based on at least the executable portion of the application and a data portion of the application if the application is less than the predetermined size; and
modifying execution of the application in response to determining that either the execution of the application is not authorized or that an unauthorized modification has been made to the application.
1 Assignment
0 Petitions
Accused Products
Abstract
This disclosure describes systems and associated processes that provide digital rights management for applications. In some embodiments, these system and processes couple DRM protection with individual applications, rather than with a centralized service. For instance, these systems and processes can be implemented in the context of an application store or distribution service that distributes applications for purchase or for free to user devices. Developers can submit applications to the application distribution service for distribution to end users. In response to receiving an application from a developer, the application distribution service can modify the application to include DRM features. The application distribution service can accomplish this modification without input from or the knowledge of the developer. The DRM features included in the modified application can prevent or otherwise reduce copying or modifying of the application.
82 Citations
20 Claims
-
1. A method of managing access to an application, the method comprising:
by a security module implemented in a computing system comprising one or more processors, the security module being an embedded component of an application; identifying an attempt to execute the application by a user; in response to identifying the attempt to execute the application, processing a security token associated with the application to confirm whether execution of the application is authorized; determining whether an unauthorized modification has been made to the application by at least comparing a value in the security token with a value derived from the application, wherein the value derived from the application is calculated based at least in part on performing a mathematical operation with respect to the application, said performing the mathematical operation comprising; performing the mathematical operation based on at least an executable portion of the application if the application exceeds a predetermined size; and performing the mathematical operation based on at least the executable portion of the application and a data portion of the application if the application is less than the predetermined size; and modifying execution of the application in response to determining that either the execution of the application is not authorized or that an unauthorized modification has been made to the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. Non-transitory physical computer storage having stored thereon a security module embedded in an application, the security module comprising computer-executable instructions configured to cause a computer system to at least:
-
identify an attempt to access a feature of the application; in response to identifying the attempt to access the feature of the application, analyze a security token associated with the application to confirm whether execution of the application is limited in scope; alter execution of the application in response to determining that the execution of the application is limited in scope; and determine whether an unauthorized modification has been made to the application by at least performing a mathematical operation on the application, wherein performing the mathematical operation comprises; computing the mathematical operation on at least an executable portion of the application in response to determining that the application exceeds a predetermined size; and computing the mathematical operation on at least the executable portion of the application and a data portion of the application in response to determining that the application is less than the predetermined size. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A system for managing access to an application, the system comprising:
a computer system comprising physical computer hardware configured to; detect an attempt to execute the application; in response to detecting the attempt to execute the application, confirm whether execution of the application is authorized based on a security token associated with the application; determine whether an unauthorized modification has been made to the application by at least comparing a value in the security token with a value derived from the application, wherein the value derived from the application is calculated based at least in part on performing a mathematical operation with respect to the application, said performing the mathematical operation comprising; performing the mathematical operation based on at least an executable portion of the application if the application exceeds a predetermined size; and performing the mathematical operation based on at least the executable portion of the application and a data portion of the application if the application is less than the predetermined size; and modify execution of the application in response to determining that either the execution of the application is not authorized or that an unauthorized modification has been made to the application. - View Dependent Claims (18, 19, 20)
Specification