System and method for controlling access to data using API for users with disabilities

US 9,536,101 B1
Filed: 03/07/2016
Issued: 01/03/2017
Est. Priority Date: 12/18/2015
Status: Active Grant

First Claim

Patent Images

1. A method for controlling data access using accessibility API, the method comprising:

registering by a processor of a user device a security application as an accessibility service, wherein the security application comprises a library of accessibility application programming interface (API) functions, an interception module, a categorization module and an access control module;

executing by the processor the security application and one or more user applications;

intercepting, by the interception module of the security application using the accessibility API functions, data accessed by a user application being executed on the user device;

determining, by the categorization module of the security application, a category of intercepted data;

intercepting, by the interception module using the accessibility API functions, one or more events of user'"'"'s interaction with a user interface of the user application on the user device;

determining, by the access control module of the security application, an access control policy that specifies whether to allow or prohibit user'"'"'s access to the intercepted data based on the category of intercepted data and types of intercepted events; and

controlling, by the access control module using the accessibility API functions, access of the user application to the intercepted data based on the determined access control policy.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are systems and methods for controlling access to data on mobile devices using an accessibility API for users with disabilities. An exemplary method comprises: registering on a mobile device a security application as a service for users with disabilities, wherein the security application provides an accessibility API for the users with disabilities that comprises a plurality of accessibility API functions; intercepting, using the accessibility API, data accessed by a user application being executed on the user device; determining, by the security application, a category of intercepted data; intercepting, using the accessibility API, events of execution of the user application on the user device; determining, by the security application, an access control policy for accessing the intercepted data based on the category of intercepted data and intercepted events; and controlling, using the accessibility API, access of the user application to the intercepted data based on the determined access control policy.

33 Citations

View as Search Results

21 Claims

1. A method for controlling data access using accessibility API, the method comprising:
- registering by a processor of a user device a security application as an accessibility service, wherein the security application comprises a library of accessibility application programming interface (API) functions, an interception module, a categorization module and an access control module;
  
  executing by the processor the security application and one or more user applications;
  
  intercepting, by the interception module of the security application using the accessibility API functions, data accessed by a user application being executed on the user device;
  
  determining, by the categorization module of the security application, a category of intercepted data;
  
  intercepting, by the interception module using the accessibility API functions, one or more events of user'"'"'s interaction with a user interface of the user application on the user device;
  
  determining, by the access control module of the security application, an access control policy that specifies whether to allow or prohibit user'"'"'s access to the intercepted data based on the category of intercepted data and types of intercepted events; and
  
  controlling, by the access control module using the accessibility API functions, access of the user application to the intercepted data based on the determined access control policy.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the user application being executed in an isolated environment on the user device.
  - 3. The method of claim 1, further comprising, determining from the one or more intercepted events of the user application at least one of:
    - a type of the intercepted event;
      
      a graphical user interface (GUI) element of the user application in which an intercepted event occurred; and
      
      a window of the user application in which an intercepted event occurred.
  - 4. The method of claim 1, wherein determining, by a categorization module of the security application, a category of intercepted data includes:
    - performing one of an antivirus and anti-phishing analysis of the data.
  - 5. The method of claim 1, wherein categories of intercepted data includes one or more of safe data, unsafe data and undesirable data.
  - 6. The method of claim 1, wherein controlling, by the access control module using the accessibility API functions, access of the user application to the intercepted data includes at least one of:
    - clearing a selection of a text fragment in an element of the GUI of the user application;
      
      pressing an element of the GUI of the user application;
      
      closing the dialog window of the user application;
      
      changing the text in an element of the GUI of the user application; and
      
      pressing a device button.
  - 7. The method of claim 1, wherein determining, by the categorization module of the security application, a category of intercepted data includes:
    - performing one of an antivirus and anti-phishing analysis of the data.
  - 8. The method of claim 1, wherein the accessibility API functions include at least one of a voice narration function, a screen magnifier function and a Braille display function.

9. A system for controlling data access using accessibility API, the system comprising:
- a hardware processor of a user device configured to;
  
  register on the user device a security application as an accessibility service, wherein the security application comprises a library of accessibility application programming interface (API) functions, an interception module, a categorization module and an access control module;
  
  execute on the user device the security application and one or more user applications;
  
  intercept, by the interception module of the security application using the accessibility API functions, data accessed by a user application being executed on the user device;
  
  determine, by the categorization module of the security application, a category of intercepted data;
  
  intercept, by the interception module using the accessibility API functions, one or more events of user'"'"'s interaction with a user interface of the user application on the user device;
  
  determine, by the access control module of the security application, an access control policy that specifies whether to allow or prohibit user'"'"'s access to the intercepted data based on the category of intercepted data and types of intercepted events; and
  
  control, by the access control module using the accessibility API functions, access of the user application to the intercepted data based on the determined access control policy.
- View Dependent Claims (10, 11, 12, 13, 14, 15)
- - 10. The system of claim 9, wherein the user application being executed in an isolated environment on the user device.
  - 11. The system of claim 9, wherein the processor further configured to, determine from the one or more intercepted events of the user application at least one of:
    - a type of the intercepted event;
      
      a graphical user interface element (GUI) of the user application in which an intercepted event occurred; and
      
      a window of the user application in which an intercepted event occurred.
  - 12. The system of claim 9, wherein determining, by the categorization module of the security application, a category of intercepted data includes:
    - performing one of an antivirus and anti-phishing analysis of the data.
  - 13. The system of claim 9, wherein categories of intercepted data includes one or more of safe data, unsafe data and undesirable data.
  - 14. The system of claim 9, wherein controlling, using by the access control module the accessibility API functions, access of the user application to the intercepted data includes at least one of:
    - clearing a selection of a text fragment in an element of the GUI of the user application;
      
      pressing an element of the GUI of the user application;
      
      closing the dialog window of the user application;
      
      changing the text in an element of the GUI of the user application; and
      
      pressing a device button.
  - 15. The system of claim 9, wherein the accessibility API functions include at least one of a voice narration function, a screen magnifier function and a Braille display function.

16. A non-transitory computer readable medium storing computer executable instructions for controlling data access using accessibility API, including instructions for:
- registering on a user device a security application as an accessibility service, wherein the security application comprises a library of accessibility application programming interface (API) functions, an interception module, a categorization module and an access control module;
  
  intercepting, by the interception module of the security application using the accessibility API functions, data accessed by a user application being executed on the user device;
  
  determining, by the categorization module of the security application, a category of intercepted data;
  
  intercepting, by the interception module using the accessibility API functions, one or more events of user'"'"'s interaction with a user interface of the user application on the user device;
  
  determining, by the access control module of the security application, an access control policy that specifies whether to allow or prohibit user'"'"'s access to the intercepted data based on the category of intercepted data and types of intercepted events; and
  
  controlling, by the access control module using the accessibility API functions, access of the user application to the intercepted data based on the determined access control policy.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The non-transitory computer readable medium of claim 16, wherein the user application being executed in an isolated environment on the user device.
  - 18. The non-transitory computer readable medium of claim 16, further comprising instructions for determining from the one or more intercepted events of the user application at least one of:
    - a type of the intercepted event;
      
      a graphical user interface (GUI) element of the user application in which an intercepted event occurred; and
      
      a window of the user application in which an intercepted event occurred.
  - 19. The non-transitory computer readable medium of claim 16, wherein categories of intercepted data includes one or more of safe data, unsafe data and undesirable data.
  - 20. The non-transitory computer readable medium of claim 16, wherein controlling, the access control module using the accessibility API functions access of the user application to the intercepted data includes at least one of:
    - clearing a selection of a text fragment in an element of the GUI of the user application;
      
      pressing an element of the GUI of the user application;
      
      closing the dialog window of the user application;
      
      changing the text in an element of the GUI of the user application; and
      
      pressing a device button.
  - 21. The non-transitory computer readable medium of claim 16, wherein the accessibility API functions include at least one of a voice narration function, a screen magnifier function and a Braille display function.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Lab A.O. Kaspersky
Original Assignee
Lab A.O. Kaspersky
Inventors
Demov, Alexey A., Filatov, Konstantin M., Yablokov, Victor V.
Primary Examiner(s)
Schwartz, Darren B

Application Number

US15/062,960
Time in Patent Office

302 Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/561   Virus type analysis

G06F 21/62   Protecting access to data v...

G06F 21/6281   at program execution time, ...

G06F 21/629   to features or functions of...

G06F 9/451   Execution arrangements for ...

H04L 63/0245   Filtering by information in...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/1483   service impersonation, e.g....

H04W 12/08   Access security

System and method for controlling access to data using API for users with disabilities

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for controlling access to data using API for users with disabilities

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links