Remotely defining security data for authorization of local application activity
First Claim
1. A mobile device comprising:
- one or more processors; and
a memory having stored thereon computer readable instructions that are executable by the one or more processors to implement a client component and a runtime component, wherein;
the client component is integral with one or more applications of the mobile device and configured to facilitate display and management of content for an application into which the client component is integrated, including;
managing content that is associated with permissions specified to indicate whether protected activities are allowed to be performed in conjunction with rendering the content, andobtaining the content from storage to provide to the runtime component for rendering;
the runtime component is integral with the one or more applications to render the content for an application into which the runtime component is integrated, the rendering including passing to the client component attempts made by the content to perform the protected activities, the attempts being passed to the client component without the runtime component processing the specified permissions, wherein the client component enforces the specified permissions relative to each of the attempts by;
retrieving the specified permissions from the storage,allowing the runtime component to perform one or more of the protected activities if permitted by the specified permissions, andrestricting the runtime component from performing said one or more of the protected activities if said one or more of the protected activities are not permitted by the specified permissions.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods, including computer software adapted to perform certain operations, can be implemented for remotely defining security data for authorizing access to data on a client device. Permission indicators are associated with a sequence of instructions, and a protected activity is associated with one or more of the permission indicators and with an instruction within the sequence of instructions. The one or more permission indicators and the sequence of instructions are provided to a remote device. The remote device determines whether execution of the instruction is permitted based, at least in part, on the one or more permission indicators, and the remote device performs the protected activity if execution of the instruction is permitted.
-
Citations
20 Claims
-
1. A mobile device comprising:
-
one or more processors; and a memory having stored thereon computer readable instructions that are executable by the one or more processors to implement a client component and a runtime component, wherein; the client component is integral with one or more applications of the mobile device and configured to facilitate display and management of content for an application into which the client component is integrated, including; managing content that is associated with permissions specified to indicate whether protected activities are allowed to be performed in conjunction with rendering the content, and obtaining the content from storage to provide to the runtime component for rendering; the runtime component is integral with the one or more applications to render the content for an application into which the runtime component is integrated, the rendering including passing to the client component attempts made by the content to perform the protected activities, the attempts being passed to the client component without the runtime component processing the specified permissions, wherein the client component enforces the specified permissions relative to each of the attempts by; retrieving the specified permissions from the storage, allowing the runtime component to perform one or more of the protected activities if permitted by the specified permissions, and restricting the runtime component from performing said one or more of the protected activities if said one or more of the protected activities are not permitted by the specified permissions. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method implemented by a computing device to control performance of protected activities in conjunction with rendering content, the method comprising:
-
responsive to a request by a user to access content, employing a client component of the computing device to retrieve the requested content and permissions specified for the requested content to indicate whether protected activities are allowed to be performed in conjunction with rendering the requested content; employing the client component to provide the requested content to a runtime component of the computing device that renders content; employing the runtime component to render the requested content; responsive to attempts made by the requested content to perform the protected activities in conjunction with being rendered, employing the runtime component to pass the attempts to the client component without processing the specified permissions, wherein the client component enforces the specified permissions relative to each of the attempts by; allowing the runtime component to perform one or more of the protected activities if permitted by the specified permissions, and restricting the runtime component from performing said one or more of the protected activities if said one or more of the protected activities are not permitted by the specified permissions. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A method implemented by a computing device to control performance of protected activities at a remote device in conjunction with rendering content, the method comprising:
-
retrieving a permissions data structure for a channel of content, the permissions data structure comprising at least one permission indicator that is indicative of whether at least one protected activity is allowed to be performed by a sequence of instructions that correspond to the channel; associating the permissions data structure with a particular sequence of instructions that include an instruction, which when executed causes the at least one protected activity to be performed; communicating the sequence of instructions and the permissions data structure to the remote device, which enables the remote device to; employ a runtime component to execute the sequence of instructions in association with rendering the content of the channel, and employ a client component to enforce permissions indicated by the at least one permission indicator responsive to an attempt made to perform the at least one protected activity in conjunction with execution of the sequence of instructions, the attempt made having been passed to the client component by the runtime component to enforce the indicated permissions without the runtime component having processed the indicated permissions relative to the attempt. - View Dependent Claims (19, 20)
-
Specification