Telecommunications – Radiotelephone system – Security or fraud prevention
Reexamination Certificate
2000-11-03
2004-08-10
Gelin, Jean (Department: 2681)
Telecommunications
Radiotelephone system
Security or fraud prevention
C713S175000, C455S410000
Reexamination Certificate
active
06775536
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to a method and system for reducing time and power requirements for executing computer-readable instruction, such as an application, in an execution environment having run-time security constraints. More particularly, the invention pertains to a method of re-certifying an application so that the security level can be dictated by the operator of a domain in which the target device operates.
BACKGROUND OF THE INVENTION
The Java™ programming and execution environment, created by Sun Microsystems, provides a popular way to write, distribute, and execute programs for many platforms. One of the attractive features in the Java™ execution environment is the built-in security system that enforces a set of security constraints on every program executed while in the execution environment. Through this mechanism, an execution environment can safely execute Java™ programs from unknown origins without risk of the program having adverse affects on the execution environment.
The enforcement of these security constraints places an added burden on the execution environment to execute the built-in security system because the set of security constraints is performed every time a class file is loaded into the execution environment, thus increasing time and power requirements. It is important to note that platforms with limited computing resources are especially sensitive to this added burden. For example, these security constraints are particularly troublesome in environments, such as web browsers, where computer-readable instruction streams are downloaded to the execution environment, but not permanently stored in the execution environment. Since the computer-readable instruction streams are not permanently stored in the execution environment, they have to be downloaded each time they are accessed, which adds the requirement for the verification process to be performed each time the computer-readable instruction streams are downloaded in the execution environment.
Furthermore, in the present art when a client device downloads an application or code segment, the application or code segment is authenticated only by the client device. Thus, the developer of the code dictates the security level of the application, which resources it can access, and so on. This is undesirable in some situation such as where a private fleet of mobile communication devices contain proprietary information, and the operator of the domain in which the mobile communication devices operate may which to restrain the security setting to prevent access to certain sensitive data objects normally existing on the mobile communication devices.
Thus, there exists a need for a method and apparatus that reduces the time and power requirements for executing computer-readable instruction streams in the execution environment having run-time security constraints while maintaining the safety of the execution environment executing computer-readable instruction streams from unknown origins without risk of the computer-readable instruction streams having adverse affects on the execution environment. Furthermore there exists a need to allow the operator of a domain in which the target devices operate to control the security settings of all applications entering that domain.
REFERENCES:
patent: 6092194 (2000-07-01), Touboul
patent: 6253326 (2001-06-01), Lincke et al.
patent: 6334056 (2001-12-01), Holmes et al.
patent: 6421781 (2002-07-01), Fox et al.
patent: 6477565 (2002-11-01), Daswani et al.
patent: 6480962 (2002-11-01), Touboul
patent: 6493870 (2002-12-01), Madany et al.
patent: 6609199 (2003-08-01), DeTreville
patent: 6714778 (2004-03-01), Nykanen et al.
patent: 2002/0087655 (2002-07-01), Bridgman et al.
Battenhouse Anna
Geiger Robert L.
Lin Jyh-Han
Palaniswamy Avinash C.
Subramanian Ambiga
Garrett Scott M.
Gelin Jean
Motorola Inc
LandOfFree
Method for validating an application for use in a mobile... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for validating an application for use in a mobile..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for validating an application for use in a mobile... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3285087