Systems and methods for enforcing access control policies on privileged accesses for mobile devices
First Claim
Patent Images
1. A method of enforcing access control policies on privileged access of a mobile device, the method comprising:
- taking a request made to service executing in user space of a computer processor by at least one application executing on the computer processor for permission to execute privileged code;
directing the request to a system service that governs access control for execution of the privileged code via an inter-process communications controller;
determining by the system service whether the application is permitted to execute the privileged code based upon one or more of an identity of the application, an identity of a user of the mobile device, a time of day, a location of the mobile device, or a configuration of the mobile device; and
permitting execution of the privileged code upon determining that the application is permitted to execute the privileged code.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems described herein relate to enhancing security on a device by enforcing security and access control policies on privileged code execution.
-
Citations
13 Claims
-
1. A method of enforcing access control policies on privileged access of a mobile device, the method comprising:
-
taking a request made to service executing in user space of a computer processor by at least one application executing on the computer processor for permission to execute privileged code; directing the request to a system service that governs access control for execution of the privileged code via an inter-process communications controller; determining by the system service whether the application is permitted to execute the privileged code based upon one or more of an identity of the application, an identity of a user of the mobile device, a time of day, a location of the mobile device, or a configuration of the mobile device; and permitting execution of the privileged code upon determining that the application is permitted to execute the privileged code. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for enforcing access control policies on privileged access of a mobile device, comprising:
-
an inter-process communication bus; at least one inter-process communication controller to control execution of privileged code by an application, the inter-process communication controller in communication with the inter-process communication bus and the application, wherein the application is adapted to request permission, from the inter-process communication controller, to execute privileged code; and at least one hardware processor adapted to provide a system service, wherein the system service is enabled to determine whether the privileged code may be executed based at least in part on one or more of an identity of the application, an identity of a user of the mobile device, a time of day, a location of the mobile device, or a configuration of the mobile device; and a second inter-process communication controller enabled to communicate with an inter-process communication bus and the system service. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeOptio Labs
-
Original AssigneeOptio Labs, Inc.
-
InventorsClancy, III, Thomas Charles, White, Christopher Jules
-
Primary Examiner(s)Smithers, Matthew
-
Application NumberUS13/909,366Publication NumberTime in Patent Office1,589 DaysField of Search726 26US Class CurrentCPC Class CodesG06F 21/53 by executing in a restricte...G06F 21/577 Assessing vulnerabilities a...G06F 21/606 by securing the transmissio...G06F 21/6218 to a system of files or obj...G06F 21/74 operating in dual or compar...G06F 2221/2111 Location-sensitive, e.g. ge...G06F 2221/2137 Time limited access, e.g. t...G06F 2221/2141 Access rights, e.g. capabil...H04L 63/0227 Filtering policies mail mes...H04L 63/10 for controlling access to d...H04L 63/102 Entity profilesH04W 12/08 Access securityH04W 12/30 Security of mobile devices;...H04W 12/63 Location-dependent; Proximi...
