System and method for privilege management and revocation

US 9,282,099 B2
Filed: 08/06/2013
Issued: 03/08/2016
Est. Priority Date: 06/29/2005
Status: Active Grant

- Alert
- Pin

First Claim

Patent Images

1. A computer-implemented method for managing privileges associated with applications, the method comprising:

monitoring a plurality of electronic devices within a system;

detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein one or more privileges that are to be revoked are identified; and

in response to a detection of the change in privileges, revoking the one or more privileges, such that each of the one or more applications resident on the plurality of electronic devices no longer has access to the one or more privileges,wherein the one or more privileges comprises enabling the injection of browser filters.

View all claims

2 Assignments

Timeline View

Assignment View

Litigations

1 Petition

Accused Products

Abstract

The present disclosure relates generally to the management of privileges associated with certain applications that are accessible by users of electronic equipment, such as, for example, networked computers, mobile wireless communications devices, and the like. In a broad aspect, a method for managing privileges associated with applications comprises: monitoring a plurality of electronic devices within a system; detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein one or more privileges that are to be revoked are identified; and in response to a detection of the change in privileges, revoking the one or more privileges, such that each of the one or more applications resident on the plurality of electronic devices no longer has access to the one or more privileges.

234 Citations

20 Claims

1. A computer-implemented method for managing privileges associated with applications, the method comprising:
- monitoring a plurality of electronic devices within a system;
  
  detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein one or more privileges that are to be revoked are identified; and
  
  in response to a detection of the change in privileges, revoking the one or more privileges, such that each of the one or more applications resident on the plurality of electronic devices no longer has access to the one or more privileges,wherein the one or more privileges comprises enabling the injection of browser filters.
- View Dependent Claims (3, 4, 5, 6, 7, 8)
- - 3. The computer-implemented method as recited in claim 1, further comprising restarting each of the one or more applications.
  - 4. The computer-implemented method as recited in claim 1, further comprising resetting the plurality of electronic devices.
  - 5. The computer-implemented method as recited in claim 4, wherein resetting the plurality of electronic devices brings the system to a known state.
  - 6. The computer-implemented method as recited in claim 4, further comprising restarting the one or more applications resident on the plurality of electronic devices after the plurality of electronic devices has been reset.
  - 7. The computer-implemented method as recited in claim 1, wherein the change in privileges is responsive to a change in system information technology (IT) policy.
  - 8. The computer-implemented method as recited in claim 1, the method further comprising:
    - maintaining, at each of the plurality of electronic devices, a log of privileges accessed by applications resident on that electronic device; and
      
      in response to receiving a new set of privileges at that electronic device, comparing the log of privileges with the new set of privileges to identify the one or more privileges that are to be revoked.

2. A system for managing privileges associated with applications, the system comprising at least one processor configured to:
- monitor a plurality of electronic devices within a system;
  
  detect a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein one or more privileges that are to be revoked are identified; and
  
  in response to a detection of the change in privileges, revoke the one or more privileges, such that each of the one or more applications resident on the plurality of electronic devices no longer has access to the one or more privileges,wherein the one or more privileges comprises enabling the injection of browser filters.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system as recited in claim 2, wherein the at least one processor is configured to restart each of the one or more applications.
  - 10. The system as recited in claim 2, wherein the at least one processor is configured to reset the plurality of electronic devices.
  - 11. The system as recited in claim 10, wherein the at least one processor is configured to bring each of the plurality of electronic devices to a known state.
  - 12. The system as recited in claim 10, wherein the at least one processor is configured to restart the one or more applications resident on the plurality of electronic devices after the plurality of electronic devices has been reset.
  - 13. The system as recited in claim 2, wherein the change in privileges is responsive to a change in system information technology (IT) policy.
  - 14. The system as recited in claim 2, wherein the at least one processor is configured to:
    - maintain, at each of the plurality of electronic devices, a log of privileges accessed by applications resident on that electronic device; and
      
      in response to receiving a new set of privileges at that electronic device, compare the log of privileges with the new set of privileges to identify the one or more privileges that are to be revoked.

15. A non-transitory computer-readable medium storing instructions which, when executed by a processor of a computer system, result in:
- monitoring a plurality of electronic devices within a system;
  
  detecting a change in privileges associated with one or more applications resident on the plurality of electronic devices, wherein one or more privileges that are to be revoked are identified; and
  
  in response to a detection of the change in privileges, revoking the one or more privileges, such that each of the one or more applications resident on the plurality of electronic devices no longer has access to the one or more privileges,wherein the one or more privileges comprises enabling the injection of browser filters.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable medium as recited in claim 15, wherein the instructions, when executed by the processor, further result in restarting each of the one or more applications.
  - 17. The non-transitory computer-readable medium as recited in claim 15, wherein the instructions, when executed by the processor, further result in resetting the plurality of electronic devices.
  - 18. The non-transitory computer-readable medium as recited in claim 17, wherein resetting the plurality of electronic devices brings the system to a known state.
  - 19. The non-transitory computer-readable medium as recited in claim 17, wherein the instructions, when executed by the processor, further result in restarting the one or more applications resident on the plurality of electronic devices after the plurality of electronic devices has been reset.
  - 20. The non-transitory computer-readable medium as recited in claim 15, wherein the instructions, when executed by the processor, further result in:
    - maintaining, at each of the plurality of electronic devices, a log of privileges accessed by applications resident on that electronic device; and
      
      in response to receiving a new set of privileges at that electronic device, comparing the log of privileges with the new set of privileges to identify the one or more privileges that are to be revoked.

Specification

Resources

Litigation Campaign Assessment

Litigation Data

Current Assignee
Blackberry Limited
Original Assignee
Blackberry Limited
Inventors
Adams, Neil Patrick, Little, Herbert Anthony
Primary Examiner(s)
Perungavoor, Venkat

Application Number

US13/960,214
Publication Number

US 20130340049A1
Time in Patent Office

945 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/121   Restricting unauthorised ex...

G06F 21/6218   to a system of files or obj...

H04L 63/10   for controlling access to d...

H04L 63/105   Multiple levels of security

H04L 63/1408   by monitoring network traff...

H04L 63/20   for managing network securi...

System and method for privilege management and revocation

First Claim

2 Assignments

Litigations

1 Petition

Accused Products

Abstract

234 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for privilege management and revocation

First Claim

2 Assignments

Subscription Required

Subscription Required

Litigations

1 Petition

Subscription Required

Accused Products

Subscription Required

Abstract

234 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links