Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

System, Method and Apparatus for Enforcement of Flow Permissions

IP.com Disclosure Number: IPCOM000240263D
Publication Date: 2015-Jan-19
Document File: 2 page(s) / 46K

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a flow permission system that specifies how the information received from a critical capability of the device may flow to another critical capability. In particular, the idea is to introduce an advanced form of permissions, combining various types of base permissions.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 52% of the total text.

Page 01 of 2

System, ,

Method and Apparatus for Enforcement of Flow Permissions

Method and Apparatus for Enforcement of Flow Permissions

When installing a mobile application (app), the user can decide to (i) grant the permissions the app requires, or (ii) not to install the app. Existing systems ask the permission to use a critical component (e.g., local storage). In general, the application may receive or send some data to these critical components . However, existing permission systems do not restrict how the program may manipulate this data (e.g., sending the content of the local storage to Internet ). The application is required to explicitly ask the permission to use single critical components of the device , but the user has no control over how the information from different components may flow from one component to another.

The novel contribution is a flow permission system that specifies how the information received from a critical capability of the device may flow to another critical capability .

For instance, a user is downloading an application from a non-reliable source, and this application requires access to the Internet and to the user's contact list . In the existing permission systems, once these two permissions are granted, the application can send the information about all of the user's contacts to any Internet address . This is undesirable.

Instead, with flow permissions, the application may require:


• Distinct access to the Internet and the contact list (and in this case it will not be allowed to send information coming from the contact list to Internet ); or


• A flow of information from the contact list to the Internet (and in this case, the user may...