Mobile code security architecture in an application service provider environment
US7096491B2 · kind B2 · utility
Assignee
Inventor
Key dates
| Filing date | Jul 20, 2001 |
| Grant date | Aug 22, 2006 |
| Priority date | — |
| Expiry date | Oct 7, 2023 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/102
- WIPO fieldIT methods for management
- WIPO sectorElectrical engineering
Abstract
A method is disclosed for providing mobile code software applications to users via an application service provider (ASP). The ASP receives a mobile code application, such as a Java application, from a provider, along with a security specification. The security specification defines access privileges requested to execute the application, including privileges to execute functions performed by the application and privileges to access local resources of the ASP. The ASP receives a subscription to the application from a user. The subscription includes subscription information granting or denying privileges, and specifying parameters for the privileges, requested in the security specification. The ASP executes the application at runtime by determining for each executable function whether the user has authorized the requested privilege. Those functions authorized by the user are executed in one embodiment. During runtime the ASP limits the application's access to local resources based on the privileges granted by the user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.