System and method for managing application program access to a protected resource residing on a mobile device
Abstract
A computer-implemented method for managing application program access to a protected resource residing on a mobile device is provided. The method includes receiving from an application program a request for a permission to access the protected resource, and receiving from a source external to the mobile device an authentication of the application program. An authorization to provide the permission to access the protected resource is received and permission to access the protected resource is provided to the application program in response to receiving the authorization. Data produced by the protected resource is cryptographically signed, and a notification is generated in response to at least one of the application program requesting the permission to access the protected resource and the application program accessing the protected resource. A system for managing application program access to a protected resource residing on a mobile device is further provided.
Claims
exact text as granted — not AI-modified1 . A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method comprising:
receiving from an application program a request for a permission to access the protected resource; receiving from a source external to the mobile device an authentication of the application program; receiving an authorization to provide the permission to access the protected resource; and providing the permission to access the protected resource to the application program in response to receiving the authorization.
2 . The method of claim 1 , wherein receiving the authorization comprises receiving a cryptographically secure access token via an API.
3 . The method of claim 1 , wherein receiving the authorization comprises receiving a password and receiving a cryptographically secure access token via an API after receiving the password.
4 . The method of claim 1 , wherein receiving the request for the permission to access the protected resource comprises receiving a request for a permission to access a resource for producing location data.
5 . The method of claim 1 , wherein receiving the request for the permission to access the protected resource comprises receiving a request for a permission to access at least one of a dedicated GPS location determining chipset and a multi-function chipset enabled for GPS location determination.
6 . The method of claim 1 , wherein receiving the request for the permission to access the protected resource comprises receiving a request for a permission to access at least one of contents of an address book of the mobile device, contents of a contact list of the mobile device, and contents of an SMS inbox of the mobile device.
7 . The method of claim 1 , wherein receiving the authentication from the source external to the mobile device comprises receiving a cryptographically secure request token via an API.
8 . The method of claim 1 , further comprising:
cryptographically signing data produced by the protected resource; and generating a notification in response to at least one of the application program requesting the permission to access the protected resource and the application program accessing the protected resource.
9 . The method of claim 8 , further comprising transmitting the notification in the form of at least one of an SMS, an MMS, and an electronic mail.
10 . The method of claim 8 , further comprising transmitting the notification in the form of an addition to a cryptographically secure log file stored on the mobile device.
11 . The method of claim 8 , further comprising providing the device with a cryptographically secure key store, wherein cryptographically signing data produced by the protected resource comprises accessing the cryptographically secure key store.
12 . The method of claim 8 , further comprising providing the device with a device-unique cryptographically secure key store, wherein cryptographically signing data produced by the protected resource comprises accessing the device-unique cryptographically secure key store.
13 . The method of claim 1 , wherein receiving the authorization comprises receiving a password.
14 . The method of claim 1 , wherein receiving the authorization comprises receiving a cryptographically secure digitally signed request, and wherein the method further comprises verifying the cryptographically secure digitally signed request.
15 . A computer-implemented method for managing application program access to a protected resource residing on a mobile device, the method comprising:
providing the mobile device with a module separating an application program interface (API) layer for enabling an application program from a protected resource layer, comprising the protected resource, on the mobile device; providing a remote server remote to the mobile device configured for connection to the mobile device via a network; receiving with the secure resource module from the application program via the API layer a request for a permission to access the protected resource; transmitting an authentication with the remote server to the mobile device; receiving from the remote server with the module the authentication of the application program; receiving from at least one of the remote server and a user with the module an authorization to provide the permission for the application program to access the protected resource; and providing with the module to the application program the permission to access the protected resource in response to receiving the authorization.
16 . The method of claim 15 , further comprising:
cryptographically signing with the module data produced by the protected resource; and generating with the module a notification in response to at least one of the application program requesting the permission to access the protected resource and the application program accessing the protected resource.
17 . A system for managing application program access to a protected resource residing on a mobile device comprising at least one computing device including at least one memory comprising instructions operable to enable the computing device to perform a procedure comprising:
receiving from an application program a request for a permission to access the protected resource; receiving from a source external to the mobile device an authentication of the application program; receiving an authorization to provide the permission to access the protected resource; and providing the permission to access the protected resource in response to receiving the authorization.
18 . The system of claim 17 , wherein the at least one memory further comprises instructions operable to enable the computing device to perform a procedure comprising:
cryptographically signing data produced by the protected resource; and generating a notification in response to the application program accessing the protected resource.
19 . Computer-readable media tangibly embodying a program of instructions executable by a computing device to implement a method, the computing device being capable of interfacing with a communications network, the method comprising:
receiving from an application program a request for a permission to access the protected resource; receiving from a source external to the mobile device an authentication of the application program; receiving an authorization to provide the permission to access the protected resource; and providing the permission to access the protected resource in response to receiving the authorization.
20 . The computer-readable media of claim 19 , embodying the program of instructions executable by a computing device to implement the method further comprising:
cryptographically signing data produced by the protected resource; and generating a notification in response to the application program accessing the protected resource.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.