Monitoring installed applications on user devices
First Claim
1. A method, comprising:
- receiving a first signing identifier from a first computing device of a known source, wherein the first computing device is configured to send the first signing identifier to a third computing device;
accessing known component data stored in a data repository, the known component data comprising data regarding known characteristics for components of one or more prior applications installed on at least one user device, wherein the prior applications have been installed on the at least one user device by downloading from the third computing device;
after receiving the first signing identifier, evaluating, by a second computing device, authenticity of a first application comprising a plurality of components packaged within the first application, the evaluating including identifying at least one of the prior applications that is similar to the first application, and the similarity based on comparing a respective characteristic for each one or more of the plurality of components to the known component data;
causing, by the second computing device, an identification of the plurality of components in a user interface of at least one user device, wherein the user interface is configured to receive selection of a behavior based on the identification of the components;
identifying, based on the evaluating, at least one second application having a second signing identifier that is different from the first signing identifier, wherein the at least one second application is available for installation on at least one user device by downloading;
in response to identifying that the at least one second application is similar to the first application, sending a communication as a challenge to the first computing device to authenticate the known source as a signer for the at least one second application, wherein the challenge comprises sending data to the first computing device to be signed with a private key, receiving the signed data from the first computing device, and confirming the signed data corresponds to the first signing identifier;
sending, over a network, at least one communication to the first computing device that identifies the at least one second application, wherein the at least one communication includes the selected behavior; and
updating, based on an instruction from the first computing device, a policy to control behavior on at least one user device of the at least one second application, wherein the updated policy includes the selected behavior.
8 Assignments
0 Petitions
Accused Products
Abstract
Software applications previously or currently being installed on a plurality of user devices are monitored. In one embodiment, a first set of the installed applications that is signed with a signing identifier of a developer are identified. A report is then sent to the developer that includes an identification of the first set. In another embodiment, the authenticity of a first application is evaluated including determining, based on a respective signing identifier for each of a plurality of applications, that the applications are similar to the first application. A notification is sent to the developer that identifies applications having a signing identifier that is different from the signing identifier of the developer.
-
Citations
17 Claims
-
1. A method, comprising:
-
receiving a first signing identifier from a first computing device of a known source, wherein the first computing device is configured to send the first signing identifier to a third computing device; accessing known component data stored in a data repository, the known component data comprising data regarding known characteristics for components of one or more prior applications installed on at least one user device, wherein the prior applications have been installed on the at least one user device by downloading from the third computing device; after receiving the first signing identifier, evaluating, by a second computing device, authenticity of a first application comprising a plurality of components packaged within the first application, the evaluating including identifying at least one of the prior applications that is similar to the first application, and the similarity based on comparing a respective characteristic for each one or more of the plurality of components to the known component data; causing, by the second computing device, an identification of the plurality of components in a user interface of at least one user device, wherein the user interface is configured to receive selection of a behavior based on the identification of the components; identifying, based on the evaluating, at least one second application having a second signing identifier that is different from the first signing identifier, wherein the at least one second application is available for installation on at least one user device by downloading; in response to identifying that the at least one second application is similar to the first application, sending a communication as a challenge to the first computing device to authenticate the known source as a signer for the at least one second application, wherein the challenge comprises sending data to the first computing device to be signed with a private key, receiving the signed data from the first computing device, and confirming the signed data corresponds to the first signing identifier; sending, over a network, at least one communication to the first computing device that identifies the at least one second application, wherein the at least one communication includes the selected behavior; and updating, based on an instruction from the first computing device, a policy to control behavior on at least one user device of the at least one second application, wherein the updated policy includes the selected behavior. - View Dependent Claims (2, 3, 4, 5, 16, 17)
-
-
6. A method, comprising:
-
receiving, over a network, from a first computing device of a known source, a signing identifier and an identification of a first application, wherein the first computing device is configured to send the signing identifier to a third computing device; monitoring, by a second computing device, installed applications on at least one user device, wherein the installed applications have been installed on the at least one user device by downloading from the third computing device; identifying, by the second computing device, a second application of the installed applications that is signed with the signing identifier and is similar to the first application, the similarity based on comparing a characteristic for at least one component of the second application to component data associated with the first application, and the identifying comprising accessing a data repository storing the component data; in response to identifying that the second application is similar to the first application, sending a communication as a challenge to the first computing device to authenticate the known source as a signer for the second application, wherein the challenge comprises sending data to the first computing device to be signed with a private key, receiving the signed data from the first computing device, and confirming the signed data corresponds to the signing identifier; causing, by the second computing device, an identification of the at least one component of the second application in a user interface of at least one user device, wherein the user interface is configured to receive selection of a behavior based on the identification of the at least one component; sending, over the network to the first computing device, at least one communication including the selected behavior and an identification of the second application; and updating, based on the identifying the second application, a policy to control behavior of at least one of the first application or the second application on at least one computing device, wherein the updated policy includes the selected behavior. - View Dependent Claims (7, 8, 9, 10, 11)
-
-
12. A system, comprising:
-
at least one processor; and memory storing instructions configured to instruct the at least one processor to; receive a signing identifier and an identification of a first application from a first computing device; receive, over a network, data regarding applications installed on user devices, wherein the installed applications have been installed on the user devices by downloading from a third computing device; determine components associated with the applications installed on the user devices, wherein a source of at least one of the components is indicated by a component identity; access component data stored in a data repository, the component data comprising data regarding a respective characteristic for each of the components; identify a first set of the applications installed on the user devices that are similar to the first application, the similarity based on comparing at least one component packaged within the first application to the component data, and the identifying further including comparing the component identity with an identification of the source; causing, in a user interface of at least one user device, an identification of the at least one component packaged within the first application, wherein the user interface is configured to receive selection of a behavior based on the identification of the at least one component; in response to identifying that the first set of installed applications are similar to the first application, send a communication as a challenge to the first computing device to authenticate the source as a signer for the first application, wherein the challenge comprises sending data to the first computing device to be signed with a private key, receiving the signed data from the first computing device, and confirming the signed data corresponds to the signing identifier; send, over the network, at least one communication to the first computing device that includes the selected behavior and identifies the first set of installed applications; receive permissions from the first computing device; and in response to identifying that the first set of installed applications are similar to the first application, update a policy for the first set based on the permissions, wherein the updated policy includes the selected behavior. - View Dependent Claims (13, 14, 15)
-
Specification