Method and system for application-based policy monitoring and enforcement on a mobile device
First Claim
Patent Images
1. A method comprising:
- detecting, during execution of a software application by a mobile device on which an operating system is running, as a result of a non-operating system software routine comprising redirecting code interfacing with the software application after a user-initiated launch of the software application and prior to the execution of the software application, the software application initiating a system call to the operating system, the redirecting code enabling the detecting of the initiating of the system call by replacing an address associated with the system call with an address of intercepting code; and
prior to execution of the system call by the operating system;
determining, by executing the intercepting code to pass an argument of the system call to application monitoring code, whether the software application is attempting to perform a potentially unauthorized activity; and
determining, by executing the application monitoring code to evaluate the argument of the system call, whether to execute the system call in response to determining whether the software application is attempting to perform a potentially unauthorized activity.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.
63 Citations
31 Claims
-
1. A method comprising:
-
detecting, during execution of a software application by a mobile device on which an operating system is running, as a result of a non-operating system software routine comprising redirecting code interfacing with the software application after a user-initiated launch of the software application and prior to the execution of the software application, the software application initiating a system call to the operating system, the redirecting code enabling the detecting of the initiating of the system call by replacing an address associated with the system call with an address of intercepting code; and prior to execution of the system call by the operating system; determining, by executing the intercepting code to pass an argument of the system call to application monitoring code, whether the software application is attempting to perform a potentially unauthorized activity; and determining, by executing the application monitoring code to evaluate the argument of the system call, whether to execute the system call in response to determining whether the software application is attempting to perform a potentially unauthorized activity. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An electronic device comprising:
-
at least one processor, at least one memory device coupled to the at least one processor, the at least one memory device having stored therein a plurality of instructions that when executed by the at least one processor, cause the at least one processor to; process a first application package comprising a software application executable by a second electronic device to obtain at least one compiled component of the software application; associate at least one security and/or privacy monitoring routine with the at least one compiled component of the software application without modifying or replacing the at least one compiled component of the software application, the at least one security and/or privacy monitoring routine comprising redirecting code configured to interface with the software application after a user-initiated launch of the software application and prior to the execution of the software application, the software application initiating a system call to the operating system during execution of the software application, the redirecting code enabling the detecting of the initiating of the system call by replacing an address associated with the system call with an address of intercepting code, the intercepting code configured to pass an argument of the system call to policy enforcing code, the policy enforcing code configured to, during execution of the software application by the second electronic device, determine whether the software application is attempting to perform a potentially unauthorized activity; and create a second application package comprising the software application and the at least one security and/or privacy monitoring routine, the second application package adapted for installation by the second electronic device. - View Dependent Claims (18)
-
-
19. At least one non-transitory computer accessible medium comprising a plurality of instructions that in response to being executed, result in a mobile computing device:
-
in response to a request to download an application package comprising at least one executable software application to the mobile computing device; initiating the creation of a new application package comprising the at least one executable software application and at least one security and/or privacy monitoring routine without modifying or replacing any of the executable components of the executable software application, the at least one security and/or privacy monitoring routine comprising redirecting code configured to interface with the software application after a user-initiated launch of the software application and prior to the execution of the software application, the software application initiating a system call to the operating system during execution of the software application, the redirecting code enabling the detecting of the initiating of the system call by replacing an address associated with the system call with an address of intercepting code, the intercepting code configured to pass an argument of the system call to policy enforcing code, the policy enforcing code configured to, during execution of the software application, determine whether the software application is attempting to perform a potentially unauthorized activity. - View Dependent Claims (20, 21)
-
-
22. A method for at least temporarily preventing an executable software application from executing a potentially unauthorized activity on a mobile computing device, the method comprising, at the mobile computing device:
-
receiving input from a user of the mobile computing device, the input relating to at least one security, privacy, and/or performance monitoring policy associated with the executable software application; configuring computer code to monitor execution of the executable software application based on the policy, the computer code comprising redirecting code configured to interface with the software application after a user-initiated launch of the software application and prior to the execution of the software application, the software application initiating a system call to the operating system during execution of the software application, the redirecting code enabling the detecting of the initiating of the system call by replacing an address associated with the system call with an address of intercepting code, the intercepting code configured to pass an argument of the system call to policy enforcing code, the policy enforcing code configured to, during execution of the software application, determine whether the software application is attempting to perform a potentially unauthorized activity; and repackaging the executable software application with the computer code, without modifying or replacing any of the executable components of the executable software application, so that the computer code is executed in response to execution of the executable software application by the mobile computing device. - View Dependent Claims (23, 24, 25, 26)
-
-
27. A computing device comprising:
-
at least one processor, and at least one memory device coupled to the at least one processor, the at least one memory device having stored therein a plurality of processor-executable instructions configured to; receive a request to download an executable software application to a mobile computing device; and in response to the request and prior to executing the executable software application at the mobile computing device; without modifying or replacing any of the executable components of the executable software application, repackage the executable software application with computer code configured to monitor at least one of security, privacy, and performance of the executable software application, so that the computer code is executable in response to execution of the executable software application at the mobile computing device, wherein the computer code comprises redirecting code configured to interface with the software application after a user-initiated launch of the software application and prior to the execution of the software application, the software application initiating a system call to the operating system during execution of the software application, the redirecting code enabling the detecting of the initiating of the system call by replacing an address associated with the system call with an address of intercepting code, the intercepting code configured to pass an argument of the system call to policy enforcing code, the policy enforcing code configured to, during execution of the software application, determine whether the software application is attempting to perform a potentially unauthorized activity. - View Dependent Claims (28, 29, 30, 31)
-
Specification