Methods and devices for controlling access to a computing resource by applications executable on a computing device

US 9,053,337 B2
Filed: 06/07/2011
Issued: 06/09/2015
Est. Priority Date: 06/07/2011
Status: Active Grant

First Claim

Patent Images

1. A method of controlling access to a computing resource by applications executable on a computing device, the method comprising:

identifying an application category, wherein the application category is used as a basis for organizing applications available in an application distribution platform;

generating a security policy containing one or more rules that specify whether one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device;

transmitting the security policy to the computing device;

wherein when an application of the one or more applications is added to the computing device, the added application is automatically assigned to the application category as categorized in the application distribution platform; and

wherein when the security policy is enforced at the computing device, access to the computing resource by the added application is controlled by the one or more rules,receiving, from each of a plurality of computing devices, data indicating that an identified application of the one or more applications has been associated with a user-assigned application category on the computing device; and

changing an assignment of the identified application to the user-assigned application category, if data indicating that the identified application of the one or more applications has been associated with the user-assigned application category is received from at least a threshold plurality of computing devices.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and devices for controlling access to a computing resource by applications executable on a computing device are described herein. In one example embodiment, method comprises: identifying an application category with which one or more applications executable on the computing device is associated; providing one or more rules that specify whether the one or more applications associated with the application category are permitted to access the computing resource on the computing device; and transmitting the security policy to the computing device; wherein when the security policy is enforced at the computing device, access to the computing resource by the one or more applications executable on the computing device that are associated with the application category is controlled by the one or more rules.

58 Citations

View as Search Results

19 Claims

1. A method of controlling access to a computing resource by applications executable on a computing device, the method comprising:
- identifying an application category, wherein the application category is used as a basis for organizing applications available in an application distribution platform;
  
  generating a security policy containing one or more rules that specify whether one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device;
  
  transmitting the security policy to the computing device;
  
  wherein when an application of the one or more applications is added to the computing device, the added application is automatically assigned to the application category as categorized in the application distribution platform; and
  
  wherein when the security policy is enforced at the computing device, access to the computing resource by the added application is controlled by the one or more rules,receiving, from each of a plurality of computing devices, data indicating that an identified application of the one or more applications has been associated with a user-assigned application category on the computing device; and
  
  changing an assignment of the identified application to the user-assigned application category, if data indicating that the identified application of the one or more applications has been associated with the user-assigned application category is received from at least a threshold plurality of computing devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein access to the computing resource by the added application is allowed or denied, as provided by the one or more rules.
  - 3. The method of claim 1, wherein the generating is performed at an administrator device.
  - 4. The method of claim 1, wherein the identifying, generating, and transmitting are performed by a server device communicatively coupled to the computing device.
  - 5. The method of claim 1, wherein the computing device comprises a mobile device.
  - 6. The method of claim 1, further comprising providing, in the security policy, one or more additional rules that specify permissions to access the computing resource on the computing device on a per-application basis.
  - 7. The method of claim 6, wherein the one or more additional rules that specify permissions to access the computing resource on the computing device on the per-application basis take precedence over the one or more rules that specify whether the one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device.

8. A server device configured to control access to a computing resource by applications executable on a computing device coupled to the server device, wherein the server device comprises a processor configured to:
- identify an application category, wherein the application category is used as a basis for organizing applications available in an application distribution platform;
  
  generate a security policy containing one or more rules that specify whether one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device;
  
  transmit the security policy to the computing device;
  
  wherein when an application of the one or more applications is added to the computing device, the added application is automatically assigned to the application category as categorized in the application distribution platform; and
  
  wherein when the security policy is enforced at the computing device, access to the computing resource by the added application is controlled by the one or more rules,receive, from each of a plurality of computing devices, data indicating that an identified application of the one or more applications has been associated with a user-assigned application category on the computing device; and
  
  change an assignment of the identified application to the user-assigned application category, if data indicating that the identified application of the one or more applications has been associated with the user-assigned application category is received from at least a threshold plurality of computing devices.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The server device of claim 8, wherein access to the computing resource by the added application is allowed or denied, as provided by the one or more rules.
  - 10. The server device of claim 8, wherein the server device comprises an administrator device.
  - 11. The server device of claim 8, wherein the computing device comprises a mobile device.
  - 12. The server device of claim 8, wherein the processor is further configured to provide, in the security policy, one or more additional rules that specify permissions to access the computing resource on the computing device on a per-application basis.
  - 13. The server device of claim 12, wherein the one or more additional rules that specify permissions to access the computing resource on the computing device on the per-application basis take precedence over the one or more rules that specify whether the one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device.

14. A non-transitory computer-readable medium comprising instructions which, when executed by a processor of a server device, cause the processor to perform a method of controlling access to a computing resource by applications executable on a computing device, the method comprising:
- identifying an application category, wherein the application category is used as a basis for organizing applications available in an application distribution platform;
  
  generating a security policy containing one or more rules that specify whether one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device;
  
  transmitting the security policy to the computing device;
  
  wherein when an application of the one or more applications is added to the computing device, the added application is automatically assigned to the application category as categorized in the application distribution platform; and
  
  wherein when the security policy is enforced at the computing device, access to the computing resource by the added application is controlled by the one or more rules,receiving, from each of a plurality of computing devices, data indicating that an identified application of the one or more applications has been associated with a user-assigned application category on the computing device; and
  
  changing an assignment of the identified application to the user-assigned application category, if data indicating that the identified application of the one or more applications has been associated with the user-assigned application category is received from at least a threshold plurality of computing devices.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The computer-readable medium of claim 14, wherein access to the computing resource by the added application is allowed or denied, as provided by the one or more rules.
  - 16. The computer-readable medium of claim 14, wherein the server device comprises an administrator device.
  - 17. The computer-readable medium of claim 14, wherein the computing device comprises a mobile device.
  - 18. The computer-readable medium of claim 14, wherein the instructions further cause the processor to provide, in the security policy, one or more additional rules that specify permissions to access the computing resource on the computing device on a per-application basis.
  - 19. The computer-readable medium of claim 14, wherein the one or more additional rules that specify permissions to access the computing resource on the computing device on the per-application basis take precedence over the one or more rules that specify whether the one or more applications, that have been categorized in the application distribution platform as belonging to the application category, are permitted to access the computing resource on the computing device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Carrara, Michael Anthony, Davis, Dinah Lea Marie, Adams, Neil Patrick
Primary Examiner(s)
TRAN, ELLEN C

Application Number

US13/155,181
Publication Number

US 20120317609A1
Time in Patent Office

1,463 Days
Field of Search

726/1, 726/2, 726/4
US Class Current

1/1
CPC Class Codes

G06F 21/121   Restricting unauthorised ex...

G06F 21/6218   to a system of files or obj...

G06F 2221/2141   Access rights, e.g. capabil...

Methods and devices for controlling access to a computing resource by applications executable on a computing device

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Methods and devices for controlling access to a computing resource by applications executable on a computing device

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links