Securing and managing apps on a device using policy gates

US 9,672,353 B2
Filed: 04/28/2015
Issued: 06/06/2017
Est. Priority Date: 04/28/2014
Status: Active Grant

First Claim

Patent Images

1. A method of securing an app for execution on a device using an app security program, the method comprising:

generating Java class files for the app security program, said generating dictated by a plurality of app security policies separate from the app security program and located in a plurality of policy gates, each policy gate including at least one app security policy, the plurality of policy gates managed by a policy gate manager, wherein said policy gate manager informs each policy gate of each checkpoint that occurs during an execution lifecycle of the security-wrapped app and wherein each policy gate calls a function in response to the checkpoint;

replacing Java class files for the app with the Java class files for the app security program, wherein the Java class files for the app that are being replaced function as a proxy between the app and a device operating system;

creating a security-wrapped app upon completion of said replacing of Java class files for the app;

preparing the security-wrapped app for execution on the device; and

re-signing the security-wrapped app with a new key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of securing an app for execution on a device using an app security program with policy gates is described. First, Java class files are generated for the app security program, where the generating is dictated by a plurality of app security policies located in a plurality of policy gates. The plurality of policy gates are managed by a policy gate manager. Next, Java class files are replaced for the app with the Java class files for the app security program. Third, a security-wrapped app is created upon completion of replacing the Java class files for the app. Further, the security-wrapped app is prepared for execution on the device. Last, the security-wrapped app is re-signed with a new key.

12 Citations

15 Claims

1. A method of securing an app for execution on a device using an app security program, the method comprising:
- generating Java class files for the app security program, said generating dictated by a plurality of app security policies separate from the app security program and located in a plurality of policy gates, each policy gate including at least one app security policy, the plurality of policy gates managed by a policy gate manager, wherein said policy gate manager informs each policy gate of each checkpoint that occurs during an execution lifecycle of the security-wrapped app and wherein each policy gate calls a function in response to the checkpoint;
  
  replacing Java class files for the app with the Java class files for the app security program, wherein the Java class files for the app that are being replaced function as a proxy between the app and a device operating system;
  
  creating a security-wrapped app upon completion of said replacing of Java class files for the app;
  
  preparing the security-wrapped app for execution on the device; and
  
  re-signing the security-wrapped app with a new key.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein a new app security policy is added to an existing policy gate in the plurality of policy gates.
  - 3. The method of claim 1, wherein a new policy gate is added to the plurality of policy gates in order to store a new app security policy.
  - 4. The method of claim 1, wherein the app security policies are not hard-coded in the app security program such that the app security program does not include details and specifics regarding any app security policy.
  - 5. The method of claim 1, wherein each app security policy in a policy gate includes an underlying commonality with all other app security policies in the same policy gate.

6. A system for securing an app for execution on a device using an app security program, the system comprising:
- memory storing the app security program; and
  
  a processor configured to;
  
  generate Java class files for the app security program, said generating dictated by a plurality of app security policies separate from the app security program and located in a plurality of policy gates, each policy gate including at least one app security policy, the plurality of policy gates managed by a policy gate manager, wherein said policy gate manager informs each policy gate of each checkpoint that occurs during an execution lifecycle of the security-wrapped app and wherein each policy gate calls a function in response to the checkpoint;
  
  replace Java class files for the app with the Java class files for the app security program, wherein the Java class files for the app that are being replaced function as a proxy between the app and a device operating system;
  
  create a security-wrapped app upon completion of said replacing of Java class files for the app;
  
  prepare the security-wrapped app for execution on the device; and
  
  re-sign the security-wrapped app with a new key.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The system of claim 6, wherein a new app security policy is added to an existing policy gate in the plurality of policy gates.
  - 8. The system of claim 6, wherein a new policy gate is added to the plurality of policy gates in order to store a new app security policy.
  - 9. The system of claim 6, wherein the app security policies are not hard-coded in the app security program such that the app security program does not include details and specifics regarding any app security policy.
  - 10. The system of claim 6, wherein each app security policy in a policy gate includes an underlying commonality with all other app security policies in the same policy gate.

11. A non-transitory computer readable medium including instructions for:
- generating Java class files for the app security program, said generating dictated by a plurality of app security policies separate from the app security program and located in a plurality of policy gates, each policy gate including at least one app security policy, the plurality of policy gates managed by a policy gate manager, wherein said policy gate manager informs each policy gate of each checkpoint that occurs during an execution lifecycle of the security-wrapped app and wherein each policy gate calls a function in response to the checkpoint;
  
  replacing Java class files for the app with the Java class files for the app security program, wherein the Java class files for the app that are being replaced function as a proxy between the app and a device operating system;
  
  creating a security-wrapped app upon completion of said replacing of Java class files for the app;
  
  preparing the security-wrapped app for execution on the device; and
  
  re-signing the security-wrapped app with a new key.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The non-transitory computer readable medium of claim 11, wherein a new app security policy is added to an existing policy gate in the plurality of policy gates.
  - 13. The non-transitory computer readable medium of claim 11, wherein a new policy gate is added to the plurality of policy gates in order to store a new app security policy.
  - 14. The non-transitory computer readable medium of claim 11, wherein the app security policies are not hard-coded in the app security program such that the app security program does not include details and specifics regarding any app security policy.
  - 15. The non-transitory computer readable medium of claim 11, wherein each app security policy in a policy gate includes an underlying commonality with all other app security policies in the same policy gate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Blue Cedar Networks, Inc.
Original Assignee
Blue Cedar Networks, Inc.
Inventors
Sia, Barry Earl Angeles, Peterson, Erik L.
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
KAPLAN, BENJAMIN A

Application Number

US14/697,873
Publication Number

US 20150310210A1
Time in Patent Office

770 Days
Field of Search

726 1
US Class Current
CPC Class Codes

G06F 21/54   by adding security routines...

G06F 2221/033   Test or assess software

H04L 63/126   the source of the received ...

H04W 12/08   Access security

H04W 12/12   Detection or prevention of ...

H04W 12/128   Anti-malware arrangements, ...

H04W 12/37   Managing security policies ...

H04W 4/021   Services related to particu...

H04W 4/60   Subscription-based services...

Securing and managing apps on a device using policy gates

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

12 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Securing and managing apps on a device using policy gates

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

12 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links