Method and system for application-based policy monitoring and enforcement on a mobile device
First Claim
Patent Images
1. A method comprising:
- with at least one computing device;
selecting a self-contained application package for security and/or privacy repackaging, the application package comprising an executable software application, the selecting in response to a user selecting a user interface element representative of the application package;
processing the selected application package to obtain a plurality of executable components of the software application;
creating, without modifying or replacing any of the executable components of the software application, a self-contained repackaged application package, the repackaged application package comprising the executable components of the software application, non-operating system redirecting code, and intercepting code;
storing the self-contained repackaged application package on the computing device;
activating the repackaged application package in response to the user selecting a user interface element representative of the repackaged application package;
in response to activating the repackaged application package and prior to executing the software application, executing the redirecting code to (i) store an address associated with an operating system interface object callable by the software application during execution of the software application and (ii) replace the address associated with the operating system interface object with an address of the intercepting code; and
during execution of the software application, in response to a system call by the software application to the operating system interface object, executing the intercepting code to (i) process an argument of the system call for use by application monitoring code, (ii) pass the processed argument to the application monitoring code, and (iii) with the application monitoring code, determine whether the software application is attempting to use the system call to perform a potentially unauthorized activity based on a security and/or privacy policy.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for application-based monitoring and enforcement of security, privacy, performance and/or other policies on a mobile device includes incorporating monitoring and policy enforcement code into a previously un-monitored software application package that is installable on a mobile device, and executing the monitoring and policy enforcement code during normal use of the software application by a user of the mobile device.
84 Citations
20 Claims
-
1. A method comprising:
-
with at least one computing device; selecting a self-contained application package for security and/or privacy repackaging, the application package comprising an executable software application, the selecting in response to a user selecting a user interface element representative of the application package; processing the selected application package to obtain a plurality of executable components of the software application; creating, without modifying or replacing any of the executable components of the software application, a self-contained repackaged application package, the repackaged application package comprising the executable components of the software application, non-operating system redirecting code, and intercepting code; storing the self-contained repackaged application package on the computing device; activating the repackaged application package in response to the user selecting a user interface element representative of the repackaged application package; in response to activating the repackaged application package and prior to executing the software application, executing the redirecting code to (i) store an address associated with an operating system interface object callable by the software application during execution of the software application and (ii) replace the address associated with the operating system interface object with an address of the intercepting code; and during execution of the software application, in response to a system call by the software application to the operating system interface object, executing the intercepting code to (i) process an argument of the system call for use by application monitoring code, (ii) pass the processed argument to the application monitoring code, and (iii) with the application monitoring code, determine whether the software application is attempting to use the system call to perform a potentially unauthorized activity based on a security and/or privacy policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
-
with at least one computing device; processing an original application package, the original application package comprising a software application executable by a mobile device to obtain a plurality of executable components of the software application; with an application repackager, associating redirecting code with at least one of the executable components of the software application without modifying or replacing any of the executable components of the software application, the redirecting code configured to; after the software application is launched by a user and prior to execution of the software application, change a dynamic link to an external function that is called by the software application during execution of the software application to point to a memory location of application monitoring code, and during execution of the software application follow the changed dynamic link to evaluate a call to the external function using the application monitoring code; creating a new self-contained executable software application package comprising the components of the software application, the redirecting code, and the application monitoring code, wherein the new self-contained executable software application package is configured to be executed on the mobile device in response to a user activation of a user interface element representative of the new self-contained executable software application package; and defining a runtime priority of the components of the software application and the redirecting code to execute the redirecting code after the user activation of the user interface element and prior to the execution of the software application. - View Dependent Claims (16)
-
-
17. A method comprising, with at least one computing device:
-
selecting a self-contained application package for security and/or privacy repackaging, the application package comprising an executable software application, the selecting in response to a user selecting a user interface element representative of the application package; creating, without modifying or replacing any executable components of the software application, a self-contained repackaged application package, the repackaged application package comprising the executable components of the software application, non-operating system redirecting code, and intercepting code; activating the repackaged application package in response to a user selecting a user interface element representative of the repackaged application package; in response to activating the repackaged application package and prior to executing the software application, executing the redirecting code to replace an address associated with an operating system interface object callable by the software application during execution of the software application with an address of the intercepting code; and during execution of the software application, in response to a system call by the software application to the operating system interface object, executing the intercepting code to pass an argument of the system call to application monitoring code, and, with the application monitoring code, determine whether the software application is attempting to use the system call to perform a potentially unauthorized activity based on a security and/or privacy policy. - View Dependent Claims (18, 19, 20)
-
Specification