Remotely defining security data for authorization of local application activity

US 9,148,700 B2
Filed: 09/14/2012
Issued: 09/29/2015
Est. Priority Date: 11/26/2007
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

associating at least one permission indicator with a particular sequence of instructions, a first of the at least one permission indicators indicative of whether a protected activity is allowed to be performed by a sequence of instructions, the particular sequence of instructions including an instruction, which when executed causes the protected activity to be performed;

preparing a feed containing the at least one permission indicator and the particular sequence of instructions;

determining whether a remote device is accepting feed permissions via feeds, the feed permissions being specified for the respective feeds via which the feed permissions are communicated; and

responsive to a determination that the remote device is accepting the feed permissions via the feeds, communicating the at least one permission indicator and the particular sequence of instructions in the prepared feed to the remote device, which enables the remote device to;

determine whether execution of the instruction is permitted based, at least in part, on the first permission indicator; and

perform the protected activity if execution of the instruction is permitted.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods, including computer software adapted to perform certain operations, can be implemented for remotely defining security data for authorizing access to data on a client device. Permission indicators are associated with a sequence of instructions, and a protected activity is associated with one or more of the permission indicators and with an instruction within the sequence of instructions. The one or more permission indicators and the sequence of instructions are provided to a remote device. The remote device determines whether execution of the instruction is permitted based, at least in part, on the one or more permission indicators, and the remote device performs the protected activity if execution of the instruction is permitted.

Citations

20 Claims

1. A method comprising:
- associating at least one permission indicator with a particular sequence of instructions, a first of the at least one permission indicators indicative of whether a protected activity is allowed to be performed by a sequence of instructions, the particular sequence of instructions including an instruction, which when executed causes the protected activity to be performed;
  
  preparing a feed containing the at least one permission indicator and the particular sequence of instructions;
  
  determining whether a remote device is accepting feed permissions via feeds, the feed permissions being specified for the respective feeds via which the feed permissions are communicated; and
  
  responsive to a determination that the remote device is accepting the feed permissions via the feeds, communicating the at least one permission indicator and the particular sequence of instructions in the prepared feed to the remote device, which enables the remote device to;
  
  determine whether execution of the instruction is permitted based, at least in part, on the first permission indicator; and
  
  perform the protected activity if execution of the instruction is permitted.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the sequence of instructions and the at least one permission indicator are communicated in a single transmission over a communications network.
  - 3. The method of claim 1, further comprising:
    - setting the value of the first permission indicator prior to communicating the at least one permission indicator to the remote device; and
      
      storing the first permission indicator in a persistent storage device.
  - 4. The method of claim 3, further comprising:
    - updating the first permission indicator; and
      
      replacing, in the persistent storage device, the first permission indicator with the updated first permission indicator.
  - 5. The method of claim 1, further comprising:
    - receiving, prior to associating the at least one permission indicator with the particular sequence of instructions, the particular sequence of instructions; and
      
      retrieving, prior to associating the at least one permission indicator with the particular sequence of instructions, the first permission indicator from a persistent storage device.
  - 6. The method of claim 1, wherein the at least one permission indicator comprises a plurality of permission bits, and the first permission indicator corresponds to a first of the plurality of permission bits.
  - 7. The method of claim 6, wherein a second of the at least one permission indicators is associated with a different protected activity, and the second permission indicator corresponds to a second of the plurality of permission bits.
  - 8. The method of claim 1, wherein a SWF file comprises the sequence of instructions.

9. Computer-readable media storing program instructions that are executable by a computing device to perform operations comprising:
- retrieving a permission indicator from a persistent storage device, the permission indicator indicative of whether a protected activity is allowed to be performed by a sequence of instructions;
  
  associating the permission indicator with an instruction, which when executed causes the protected activity to be performed;
  
  preparing a feed containing the permission indicator;
  
  determining whether a remote device is accepting feed permissions via feeds, the feed permissions being specified for the respective feeds via which the feed permissions are communicated; and
  
  responsive to a determination that the remote device is accepting the feed permissions via the feeds, communicating the permission indicator in the prepared feed to the remote device, which enables the remote device to;
  
  determine that the protected activity is permitted based, at least in part, on the permission indicator; and
  
  execute the instruction to perform the protected activity.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17)
- - 10. The computer-readable media of claim 9, wherein the operations further comprise communicating the instruction to the remote device.
  - 11. The computer-readable media of claim 10, wherein the operations further comprise receiving the instruction from a content provider.
  - 12. The computer-readable media of claim 10, wherein the operations further comprise:
    - receiving information from a content provider; and
      
      assembling a sequence of instructions based, at least in part, on the received information, wherein the sequence of instructions includes the instruction, and communicating the instruction to the remote device comprises part of communicating the sequence of instructions to the remote device.
  - 13. The computer-readable media of claim 9, wherein the instruction is executable on the remote device in response to a stimulus from a user of the remote device.
  - 14. The computer-readable media of claim 9, wherein a SWF file comprises the instruction.
  - 15. The computer-readable media of claim 9, wherein the operations further comprise setting the value of the permission indicator.
  - 16. The computer-readable media of claim 9, wherein the permission indicator occupies one of a plurality of permission indicator positions within a permissions data structure, and the operations further comprise:
    - assigning the permission indicator to the one permission indicator position.
  - 17. The computer-readable media of claim 16, wherein communicating the permission indicator to the remote device comprises communicating the permissions data structure to the remote device.

18. A system comprising:
- a persistent storage device; and
  
  program instructions that are executable by one or more processors to perform operations comprising;
  
  retrieving a permissions data structure for a channel of content from the persistent storage device, the permissions data structure comprising at least one permission indicator that is indicative of whether at least one protected activity is allowed to be performed by a sequence of instructions that correspond to the channel;
  
  associating the permissions data structure with a particular sequence of instructions that include an instruction, which when executed causes the at least one protected activity to be performed;
  
  assembling a channel feed to deliver the sequence of instructions and the permissions data structure in association with the channel;
  
  determining whether a remote device is accepting channel updates that include permissions via channel feeds, the permissions specified for the respective channel feeds via which the permissions are communicated to the remote device;
  
  responsive to a determination that the remote device is accepting the channel updates via the channel feeds, communicating the sequence of instructions and the permissions data structure in the assembled channel feed to the remote device, which enables the remote device to;
  
  determine that a first protected activity is prohibited for the channel based, at least in part, on the at least one permission indicator; and
  
  block the first protected activity from being performed for the channel when the sequence of instructions is executed.
- View Dependent Claims (19, 20)
- - 19. The system of claim 18, wherein the operations further comprise interacting with the remote device through a data communication network, and wherein interactions with the remote device involve interacting with the remote device as a client.
  - 20. The system of claim 18, wherein the operations further comprise setting the value of the at least one permission indicator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
Shah, Rishit, Zheng, Jian, Kesti-Helia, Anssi, Chanda, Rupen
Primary Examiner(s)
MOORTHY, ARAVIND K

Application Number

US13/616,796
Publication Number

US 20140007256A1
Time in Patent Office

1,110 Days
Field of Search

726/27, 726/21, 726/22, 713/165, 713/168, 713/187, 713/189, 380/201, 380/203, 380/211, 380/242, 725/1, 725/9, 725/25, 725/56, 725/62, 725/86, 725/104
US Class Current

1/1
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 63/101   Access control lists [ACL]

H04N 21/2541   Rights Management protectin...

H04N 21/4437   Implementing a Virtual Mach...

H04N 21/4627   Rights management associate...

H04N 21/8193   dedicated tools, e.g. video...

H04W 12/08   Access security

H04W 4/60   Subscription-based services...

Remotely defining security data for authorization of local application activity

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Remotely defining security data for authorization of local application activity

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links