Systems and methods for enforcing access control policies on privileged accesses for mobile devices
First Claim
Patent Images
1. A method of enforcing access control policies on privileged access of a mobile device, the method comprising:
- taking a request made to service executing in user space of a computer processor by at least one application executing on the computer processor for permission to execute privileged code;
directing the request to a system service that governs access control for execution of the privileged code via an inter-process communications controller;
determining by the system service whether the application is permitted to execute the privileged code based upon one or more of an identity of the application, an identity of a user of the mobile device, a time of day, a location of the mobile device, or a configuration of the mobile device; and
permitting execution of the privileged code upon determining that the application is permitted to execute the privileged code.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems described herein relate to enhancing security on a device by enforcing security and access control policies on privileged code execution.
-
Citations
13 Claims
-
1. A method of enforcing access control policies on privileged access of a mobile device, the method comprising:
-
taking a request made to service executing in user space of a computer processor by at least one application executing on the computer processor for permission to execute privileged code; directing the request to a system service that governs access control for execution of the privileged code via an inter-process communications controller; determining by the system service whether the application is permitted to execute the privileged code based upon one or more of an identity of the application, an identity of a user of the mobile device, a time of day, a location of the mobile device, or a configuration of the mobile device; and permitting execution of the privileged code upon determining that the application is permitted to execute the privileged code. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for enforcing access control policies on privileged access of a mobile device, comprising:
-
an inter-process communication bus; at least one inter-process communication controller to control execution of privileged code by an application, the inter-process communication controller in communication with the inter-process communication bus and the application, wherein the application is adapted to request permission, from the inter-process communication controller, to execute privileged code; and at least one hardware processor adapted to provide a system service, wherein the system service is enabled to determine whether the privileged code may be executed based at least in part on one or more of an identity of the application, an identity of a user of the mobile device, a time of day, a location of the mobile device, or a configuration of the mobile device; and a second inter-process communication controller enabled to communicate with an inter-process communication bus and the system service. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
Specification