PRIVATELY PERFORMING APPLICATION SECURITY ANALYSIS
First Claim
1. A method, comprising:
- generating a cryptographic representation of application information for an application residing on a mobile device;
transmitting the cryptographic representation to an application risk control system; and
receiving a message from the application risk control system indicating whether the application is permitted or not permitted.
4 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for analyzing applications on a mobile device for risk so as to maintain the privacy of the application user are provided. In the example method, the process receives a request from a mobile device. The request includes a cryptographic representation of application information for an application residing on a mobile device. The method includes comparing the cryptographic representation to an application information database that includes cryptographic representations of applications. The method also includes automatically remediating, e.g., quarantining and retiring, the application if the application matches an application that is a known risk in the database. Exemplary embodiments provide companies with controls to prevent specific applications—which have specific behaviors and are present on mobile devices being used by employees—from being used by employees, without the company having any visibility into what particular applications are being used by the employees on the mobile device.
-
Citations
20 Claims
-
1. A method, comprising:
-
generating a cryptographic representation of application information for an application residing on a mobile device; transmitting the cryptographic representation to an application risk control system; and receiving a message from the application risk control system indicating whether the application is permitted or not permitted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system, comprising:
-
a processor; and a memory for storing executable instructions, the instructions being executed by the processor to perform a method, the method comprising; generating a cryptographic representation of application information for an application residing on a mobile device; transmitting the cryptographic representation to an application risk control system; and receiving a message from the application risk control system indicating whether the application is permitted or not permitted. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method, comprising:
-
generating a cryptographic representation of application information for an application residing on a mobile device; transmitting the cryptographic representation to an application risk control system; and receiving a message from the application risk control system indicating whether the application is permitted or not permitted to access an enterprise network with enterprise services, the indication based on a risk score calculated for the application.
-
Specification