System and method for preventing malware on a mobile communication device
First Claim
1. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions which, when executed by a processor, cause the processor to perform the steps of a method for assessing a data object present on a mobile communication device, the assessment provided by a server computer, the method comprising:
- before receiving data identifying at least a portion of the data object present on the mobile communication device at the server computer, determining if previously stored definition information stored in a local store at the mobile communication device corresponds to the data identifying at least a portion of the data object present on the mobile communication device, the local store storing a corresponding assessment for the previously stored definition information; and
,if the previously stored definition information in the local store at the mobile communication device does not correspond to the data identifying at least a portion of the data object present on the mobile communication device, then at the server computer, receiving data identifying at least a portion of the data object present on the mobile communication device;
at the server, determining if previously stored definition information for a data object corresponds to the received data, the definition information stored in a data store accessible by the server, the data store storing a corresponding assessment for the definition information;
if the previously stored definition information corresponds to the received data from the mobile communication device, then at the server, providing the assessment of the data object present on the mobile communication device corresponding to the previously stored definition information.
3 Assignments
0 Petitions
Accused Products
Abstract
A server receives from a mobile communication device information about a data object (e.g., application) on the device when the device cannot assess the data object. The server uses the information along with other information stored at the server to assess the data object. Based on the assessment, the device may be permitted to access the data object or the device may not be permitted to access the data object. The other information stored at the server can include data objects known to be bad, data objects known to be good, or both.
-
Citations
53 Claims
-
1. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions which, when executed by a processor, cause the processor to perform the steps of a method for assessing a data object present on a mobile communication device, the assessment provided by a server computer, the method comprising:
-
before receiving data identifying at least a portion of the data object present on the mobile communication device at the server computer, determining if previously stored definition information stored in a local store at the mobile communication device corresponds to the data identifying at least a portion of the data object present on the mobile communication device, the local store storing a corresponding assessment for the previously stored definition information; and
,if the previously stored definition information in the local store at the mobile communication device does not correspond to the data identifying at least a portion of the data object present on the mobile communication device, then at the server computer, receiving data identifying at least a portion of the data object present on the mobile communication device; at the server, determining if previously stored definition information for a data object corresponds to the received data, the definition information stored in a data store accessible by the server, the data store storing a corresponding assessment for the definition information; if the previously stored definition information corresponds to the received data from the mobile communication device, then at the server, providing the assessment of the data object present on the mobile communication device corresponding to the previously stored definition information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions which, when executed by a processor, cause the processor to perform the steps of a method for assessing a data object present on a mobile communication device by a server computer comprising:
-
receiving data from the mobile communication device by the server computer, the received data identifying the data object present on the mobile communication device; at the server computer, analyzing the received data by a known good component resident on the server computer to provide an assessment of the data object present on the mobile communication device; if the analysis of the received data by the known good component on the server computer results in an assessment that the data object is allowed, then at the server computer, transmitting instructions to the mobile communication device allowing the mobile communication device to access the assessed data object present on the mobile communication device; if, at the server computer, the analysis of the received data by the known good component on the server computer does not result in an assessment that the data object is allowed, then, at the server computer, analyzing the received data by a known bad component resident on the server computer to provide an assessment of the data object present on the mobile communication device; and if, at the server computer, the analysis of the received data by the known bad component on the server computer results in an assessment that the data object is undesirable, then, at the server computer, transmitting instructions to the mobile communication device preventing the mobile communication device from accessing the data object present on the mobile communication device. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A non-transitory computer-readable storage medium having stored thereon a plurality of instructions which, when executed by a processor, cause the processor to perform the steps of a method for assessing a data object present on a mobile communication device, the assessment provided by a server computer, the method comprising:
-
at the mobile communication device, determining, by the mobile communication device, if previously stored definition information in a local store corresponds to the data object present on the mobile communication device; if the determination at the mobile communication device shows that the previously stored definition information in the local store does not correspond to the data object present on the mobile communication device, then, at a server computer, receiving data identifying at least a portion of the data object present on the mobile communication device; determining, by the server computer, if previously stored definition information for a data object corresponds to the received data, the definition information stored in a data store accessible to the server, the data store storing a corresponding assessment for the definition information; if the previously stored definition information corresponds to the received data, then, at the server, providing the assessment corresponding to the previously stored definition information; and
,if the previously stored definition information in the data store accessible to the server does not correspond to the received data, then analyzing, by the server, at least a portion of the received data identifying at least a portion of the data object present on the mobile communication device to determine an assessment corresponding to the data object present on the mobile communication device. - View Dependent Claims (28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method comprising:
-
storing at a server definition information for a data object; storing at the server a corresponding assessment for the definition information; receiving at the server data identifying at least a portion of a data object on a mobile communication device, wherein the data identifying the at least a portion of the data object on the mobile communication device is received at the server when previously stored definition information in a local store at the mobile communication device does not correspond to the data identifying the at least a portion of the data object on the mobile communication device; determining if the definition information that is stored at the server corresponds to the received data; and if the definition information that is stored at the server corresponds to the received data, providing the corresponding assessment.
-
-
40. A method comprising:
-
storing at a server definition information for a data object; storing at the server a corresponding assessment for the definition information; receiving at the server data identifying at least a portion of a data object on a mobile communication device, wherein the data identifying the at least a portion of the data object on the mobile communication device is received at the server after the mobile communication device determines that previously stored definition information at the mobile communication device does not correspond to the data identifying the at least a portion of the data object on the mobile communication device; if the definition information stored at the server corresponds to the received data, providing the corresponding assessment; if the definition information stored at the server does not correspond to the received data, at the server, analyzing at least a portion of the received data identifying at least a portion of the data object on the mobile communication device to determine an assessment corresponding to the data object on the mobile communication device; and at the server, providing the corresponding assessment resulting from the analyzing step if it is performed.
-
-
41. A method comprising:
-
receiving at a server data identifying a data object on a mobile communication device; analyzing the received data by a known good component on the server to provide an assessment of the data object; if the analysis of the received data by the known good component on the server results in an assessment that the data object is allowed, transmitting instructions to the mobile communication device to permit access to the data object; if the analysis of the received data by the known good component does not result in an assessment that the data object is allowed, analyzing the received data by a known bad component on the server to provide an assessment of the data object; and if the analysis of the received data by the known bad component results in an assessment that the data object is undesirable, transmitting instructions to the mobile communication device to deny access to the data object. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50)
-
-
51. A method comprising:
-
receiving at a server data identifying a data object on a mobile communication device; analyzing the received data using a known bad component stored on the server to provide an assessment of the data object; if the analysis of the received data using the known bad component results in an assessment that the data object is undesirable, at the server, transmitting instructions to the mobile communication device to deny access to the data object; if the analysis of the received data using the known bad component does not result in the assessment that the data object is undesirable, analyzing the received data using a known good component on the server to provide an assessment of the data object; and if the analysis of the received data by the known good component results in an assessment that the data object is allowed, transmitting instructions to the mobile communication device to permit access to the data object. - View Dependent Claims (52, 53)
-
Specification