EP1817889A1 - Software application access management in mobile communication devices - Google Patents

Software application access management in mobile communication devices

Info

Publication number
EP1817889A1
EP1817889A1 EP05802303A EP05802303A EP1817889A1 EP 1817889 A1 EP1817889 A1 EP 1817889A1 EP 05802303 A EP05802303 A EP 05802303A EP 05802303 A EP05802303 A EP 05802303A EP 1817889 A1 EP1817889 A1 EP 1817889A1
Authority
EP
European Patent Office
Prior art keywords
software
security
access
signature
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP05802303A
Other languages
German (de)
French (fr)
Inventor
Robin Jewsbury
Richard Hyndman
David Mannl
Anthony Alexander
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deutsche Telekom AG
Original Assignee
T Mobile International AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by T Mobile International AG filed Critical T Mobile International AG
Publication of EP1817889A1 publication Critical patent/EP1817889A1/en
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic

Definitions

  • the present invention generally relates to improvements in user interfaces Ul for software application in mobile communication devices, and, more particularly, to a method and system for software application security access management in mobile communication devices.
  • 3G third generation
  • 3G systems will combine high-speed Internet access with traditional voice communication, and will provide a user with access to Internet browsing, streaming audio/video, positioning, video conferencing and many other capabilities in addition to voice communication.
  • the drastically increased functionality that is being included in cellular telecommunications systems via the 3GPP standardization has placed substantial demands on the developers of mobile communication devices to be used in the systems.
  • a mobile communication device assembly has been developed that includes a plurality of functionally complementary units of software and hardware that can be marketed as a unit to a plurality of users. Each user can then install, load, and run his own application software into the assembly to provide a tailored system for a mobile communication device that meets the user's own particular needs.
  • Of-the-shelf scripting software e.g. Flash
  • the present invention provides a method and system for software application security access management in mobile communication devices having a software services component and an interface component, the interface component having at least one interface for providing access to the software services component for enabling application software to be installed, loaded, and run on the mobile communication device, the method comprising: receiving in a security access manager a request from a requesting application software to access the software services component; determining in a security module if the request should be granted by verifying the authenticity of the software application by means of a signature, and if the request is granted, granting access to the requested software services component via the at least one interface.
  • the invention is based on a system for making the applications secure without having to change the off-the-shelf scripting User Interface software package.
  • a security module acts as the security manager.
  • the security module manages / checks the security of the software application and informs the local web server which acts as a security broker to allow access to the phone and/or network APIs which need to be protected.
  • Figure 1 is a block diagram that schematically illustrates a system with three layers for a mobile communication device for a cellular telecommunications system.
  • Figure 2 is a further breakdown of the three layers according to Fig. 1 with specific examples of applications and APIs at each level.
  • Figure 3 is a block diagram that shows the process on a simple example.
  • the invention is based on a development environment tool that allows rapid development of mobile applications without knowledge of coding the complicated coding techniques current used in mobile phones.
  • the present example has been developed around the use of Macromedia® Flash®, but the concepts used are applicable to any rapid development environment tool such as a scripting language for a mobile phone.
  • a flash application is a web application that uses Flash® to collect user information, send that information to a server to process, and display the results.
  • a typical flash procedure and information flow is as follows: Flash® receives user input through a custom Flash® user interface. ActionScript® formats the user input into data. The formatted data is sent to a (local) web server.
  • the (local) web server receives the data and passes it to an application server (for example, JSP, Perl, ColdFusion, ASP, PHP).
  • the application server splits up and processes the data.
  • the application server submits its results to the (local) web server.
  • the (local) web server sends its results to the Flash® application in the browser. Flash receives the formatted data.
  • ActionScript® reads the data and changes the application based on the results.
  • FIG. 1 is a block diagram that schematically illustrates a system for a mobile communication device for a wireless telecommunications system to assist in explaining principles of the present invention.
  • the system generally consists of three layers.
  • the first layer 10 comprises a scripted / graphic user interface environment (top layer).
  • the top layer is shown as Flash®. Flash® tools allow rapid development of user interfaces in connection with a scripting language called ActionScript®.
  • Content providers external to the telecommunications network operators / providers or mobile phones manufacturers can generate such applications. Once a application is developed the network operator / provider would sign them which would permit them to use the network and phone application programming interfaces (APIs).
  • the APIs gain access to functional software units of the mobile phone for providing services that are offered to users via the user interface component.
  • There are hardware components (not shown) including a set of hardware units that are associated with and controlled by their respective functional software.
  • the second (middle) layer 11 is the Ul middle layer or common interface to Phone OS/Network layer.
  • the middle layer 11 allows the applications developed in the top layer to access phone functions and network functions.
  • the middle layer 11 controls access to at least one phone API 12 for network API 13 for installing, loading, and running one or more applications in the mobile communication device assembly, isolates the mobile communication device assembly from the applications, and provides various other services for the applications.
  • the third (bottom) layer consists of the APIs 12, 13 to the Network and Phone.
  • Figure 2 shows a further breakdown of the three layers with specific examples of applications and APIs at each level.
  • applications in the top layer like messaging presence location, music manager, etc.
  • These applications would use the phones APIs, e.g. Speech recognizer, event responder, Content Manager, etc., and/or network APIs.
  • speech recognizer e.g. Speech recognizer
  • event responder e.g., event responder
  • Content Manager e.g.
  • network APIs e.g. Speech recognizer, event responder, Content Manager, etc.
  • network APIs e.g. Speech recognizer, event responder, Content Manager, etc.
  • network APIs e.g. Speech recognizer, event responder, Content Manager, etc.
  • network APIs e.g. Speech
  • the present invention enables the network operator / provider to control the access to the phone operating system and the network APIs. For this reason the system will implement a security signing system which is described below.
  • the complication of implementing this security system is that since the content viewer (in this case Flash.dll) is an off-the-shelf component which has no security system implemented, the components implemented by the network operator / provider have to implement the security.
  • SSF file 20 The SSF file 20 is a Secure Signed Flash file. This is original content (SWF) with a signature 21 (encrypted checksum). A recogniser in the phone associates the mime type of this file with the phone's security module.
  • Security Module 22 The security module 22 is the parent of the off-the-shelf product whose content is made secure (in this case "Flash.dll")
  • Flash DLL 23 The Flash DLL 23 is the off-the-shelf component user interface 23 who functionality cannot be directly changed and which is made secure.
  • Local web-server 24 The local web server 24 provides the interface to the Middleware software - it can be talked to via http connections.
  • Content Cache 25 The content cache 25 consists of the files which have been processed by the security module and have passed the signature check. The cache contains two kind files for every SSF file. The two kinds of files are: name. swf 26: This file includes the original content which the viewer (flash.dll) can read. name.txt 27: This file is a name/value pair file which contained the signature which is read by the scripting language in the viewer.
  • Step 1 The security module 22 loads a special file which tells it all SSF files 20 which need to be cached for this application and the first SWF file to run.
  • the security module 22 either creates the cached copies or checks that the copies have previously been cached correctly. This checking may include some tamper proof checks on the cache directory 25. On faster phones, pre-caching may not be necessary and the transfer to the cache for loading into the flash player may be done file by file on the fly.
  • Step 2 In order to create a cached file the security module 22 takes off the signature 21 from the SSF file 20 and checks that it corresponds correctly to the original content SWF file 26 stored in the content cache 25.
  • Step 3 The security module 22 loads the cached file 26 and make the loaded data available to the user interface 23, e.g. Flash.dll. It again may perform tamper checks on the cache directory 25 if it is not creating the cache on the fly.
  • the security module 22 loads the cached file 26 and make the loaded data available to the user interface 23, e.g. Flash.dll. It again may perform tamper checks on the cache directory 25 if it is not creating the cache on the fly.
  • Step 4 The security module 22 sends the signature for this file 26 plus the random number generated above to the local web server 24 by opening a socket to it.
  • Step 5 Within the file name.swf 26 is a script which reads the associated signature out of name.txt file 27 and the random number stored in it.
  • Step 6 When the script wants to call Middleware APIs it uses a local host URL to connect to the local web server 24.
  • the URL contains a string representing the object to be instantiated in the middleware plus parameters for that object plus the signature and random and name of the file.
  • the local web server 24 checks that the signature has already been received from the security module (in Step 4) in order to authenticate this scripts use.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention relates to method and system for software application security access management in mobile communication devices having a software services component and an interface component, the interface component having at least one interface for providing access to the software services component for enabling application software to be installed, loaded, and run on the mobile communication device, the method comprising: receiving in a security access manager a request from a requesting application software to access the software services component; determining in a security module if the request should be granted by verifying the authencity of the software application by means of a signature; and if the request is granted, granting access to the requested software services component via the at least one interface.

Description

Software Application Security Access Management in Mobile
Communication Devices
The present invention generally relates to improvements in user interfaces Ul for software application in mobile communication devices, and, more particularly, to a method and system for software application security access management in mobile communication devices.
Modern cellular telecommunication devices have a high degree of complexity. Currently, so-called "third generation" (3G) systems are being developed for future mobile telecommunications systems. 3G systems will combine high-speed Internet access with traditional voice communication, and will provide a user with access to Internet browsing, streaming audio/video, positioning, video conferencing and many other capabilities in addition to voice communication. The drastically increased functionality that is being included in cellular telecommunications systems via the 3GPP standardization has placed substantial demands on the developers of mobile communication devices to be used in the systems. Traditionally, manufacturers of mobile communication devices have designed, fabricated and marketed substantially complete mobile communication devices that include all the hardware and software needed for basic operation of the mobile communication device as well as the hardware and software needed to provide the features and capabilities desired by the manufacturer or a particular user based on their perception of market needs. Such an approach does not provide the flexibility to quickly adapt to rapid changes in market demands or to satisfy the diverse requirements of multiple users. Recognizing the inadequacies of traditional procedures for designing and fabricating mobile communication devices, a mobile communication device assembly has been developed that includes a plurality of functionally complementary units of software and hardware that can be marketed as a unit to a plurality of users. Each user can then install, load, and run his own application software into the assembly to provide a tailored system for a mobile communication device that meets the user's own particular needs.
It is the object of the present invention to enable users of Of-the-shelf scripting software (e.g. Flash) to be used to create applications which securely access cellular phone APIs and mobile network APIs.
This object is achieved by providing a method and system as claimed in the independent claims.
Preferred embodiments and advantageous features of the invention are disclosed in the dependent claims.
Generally the present invention provides a method and system for software application security access management in mobile communication devices having a software services component and an interface component, the interface component having at least one interface for providing access to the software services component for enabling application software to be installed, loaded, and run on the mobile communication device, the method comprising: receiving in a security access manager a request from a requesting application software to access the software services component; determining in a security module if the request should be granted by verifying the authenticity of the software application by means of a signature, and if the request is granted, granting access to the requested software services component via the at least one interface.
More particularly, the invention is based on a system for making the applications secure without having to change the off-the-shelf scripting User Interface software package. In this way one can take any off-the-shelf scripting package and give it access to powerful phone and network APIs in a secure manner. To achieve this a security module is provided which acts as the security manager. The security module manages / checks the security of the software application and informs the local web server which acts as a security broker to allow access to the phone and/or network APIs which need to be protected.
The system and method of operation of the invention, together with additional objects and advantages thereof, will be best understood from the following description of a specific embodiment when read in connection with the accompanying drawings.
Figure 1 is a block diagram that schematically illustrates a system with three layers for a mobile communication device for a cellular telecommunications system.
Figure 2 is a further breakdown of the three layers according to Fig. 1 with specific examples of applications and APIs at each level.
Figure 3 is a block diagram that shows the process on a simple example.
The invention is based on a development environment tool that allows rapid development of mobile applications without knowledge of coding the complicated coding techniques current used in mobile phones. The present example has been developed around the use of Macromedia® Flash®, but the concepts used are applicable to any rapid development environment tool such as a scripting language for a mobile phone. A flash application is a web application that uses Flash® to collect user information, send that information to a server to process, and display the results. A typical flash procedure and information flow is as follows: Flash® receives user input through a custom Flash® user interface. ActionScript® formats the user input into data. The formatted data is sent to a (local) web server. The (local) web server receives the data and passes it to an application server (for example, JSP, Perl, ColdFusion, ASP, PHP). The application server splits up and processes the data. The application server submits its results to the (local) web server. The (local) web server sends its results to the Flash® application in the browser. Flash receives the formatted data. ActionScript® reads the data and changes the application based on the results.
FIG. 1 is a block diagram that schematically illustrates a system for a mobile communication device for a wireless telecommunications system to assist in explaining principles of the present invention. The system generally consists of three layers. The first layer 10 comprises a scripted / graphic user interface environment (top layer). By way of example the top layer is shown as Flash®. Flash® tools allow rapid development of user interfaces in connection with a scripting language called ActionScript®. Content providers external to the telecommunications network operators / providers or mobile phones manufacturers can generate such applications. Once a application is developed the network operator / provider would sign them which would permit them to use the network and phone application programming interfaces (APIs). The APIs gain access to functional software units of the mobile phone for providing services that are offered to users via the user interface component. There are hardware components (not shown) including a set of hardware units that are associated with and controlled by their respective functional software.
The second (middle) layer 11 is the Ul middle layer or common interface to Phone OS/Network layer. The middle layer 11 allows the applications developed in the top layer to access phone functions and network functions. The middle layer 11 controls access to at least one phone API 12 for network API 13 for installing, loading, and running one or more applications in the mobile communication device assembly, isolates the mobile communication device assembly from the applications, and provides various other services for the applications. >
The third (bottom) layer consists of the APIs 12, 13 to the Network and Phone.
Figure 2 shows a further breakdown of the three layers with specific examples of applications and APIs at each level. There are applications in the top layer, like messaging presence location, music manager, etc. These applications would use the phones APIs, e.g. Speech recognizer, event responder, Content Manager, etc., and/or network APIs. Like network event, voice call, SMS alerter, etc. The flash Ul Security Manager allows the applications to access the phone functions and network functions in a secure manner. These are just examples. The concept according to the present invention is completely extensible and can be transferred to any development environment.
In other words, the present invention enables the network operator / provider to control the access to the phone operating system and the network APIs. For this reason the system will implement a security signing system which is described below. The complication of implementing this security system is that since the content viewer (in this case Flash.dll) is an off-the-shelf component which has no security system implemented, the components implemented by the network operator / provider have to implement the security.
The diagram of Figure 3 shows how the system according to the present invention works:
The components used in the system are as follows:
SSF file 20: The SSF file 20 is a Secure Signed Flash file. This is original content (SWF) with a signature 21 (encrypted checksum). A recogniser in the phone associates the mime type of this file with the phone's security module. Security Module 22: The security module 22 is the parent of the off-the-shelf product whose content is made secure (in this case "Flash.dll")
Flash DLL 23: The Flash DLL 23 is the off-the-shelf component user interface 23 who functionality cannot be directly changed and which is made secure. Local web-server 24: The local web server 24 provides the interface to the Middleware software - it can be talked to via http connections. Content Cache 25: The content cache 25 consists of the files which have been processed by the security module and have passed the signature check. The cache contains two kind files for every SSF file. The two kinds of files are: name. swf 26: This file includes the original content which the viewer (flash.dll) can read. name.txt 27: This file is a name/value pair file which contained the signature which is read by the scripting language in the viewer.
With reference to Figure 3 the sequence of events numbered in the diagram are described:
Step 1 : The security module 22 loads a special file which tells it all SSF files 20 which need to be cached for this application and the first SWF file to run. The security module 22 either creates the cached copies or checks that the copies have previously been cached correctly. This checking may include some tamper proof checks on the cache directory 25. On faster phones, pre-caching may not be necessary and the transfer to the cache for loading into the flash player may be done file by file on the fly.
Step 2: In order to create a cached file the security module 22 takes off the signature 21 from the SSF file 20 and checks that it corresponds correctly to the original content SWF file 26 stored in the content cache 25. The signature 21 is preferably stored at the beginning of the file 20. Then the security module 22 creates a txt file 27 which contains a name value pair signature=sig-value where the sig-value is the signature plus a random number.
Step 3: The security module 22 loads the cached file 26 and make the loaded data available to the user interface 23, e.g. Flash.dll. It again may perform tamper checks on the cache directory 25 if it is not creating the cache on the fly.
Step 4: The security module 22 sends the signature for this file 26 plus the random number generated above to the local web server 24 by opening a socket to it. Step 5: Within the file name.swf 26 is a script which reads the associated signature out of name.txt file 27 and the random number stored in it.
Step 6: When the script wants to call Middleware APIs it uses a local host URL to connect to the local web server 24. The URL contains a string representing the object to be instantiated in the middleware plus parameters for that object plus the signature and random and name of the file. The local web server 24 checks that the signature has already been received from the security module (in Step 4) in order to authenticate this scripts use.

Claims

Claims
1. A software application security access management method for controlling access to a mobile communication device having a software services component and an interface component, the interface component having at least one interface (12, 13) for providing access to the software services component for enabling application software to be installed, loaded, and run on the mobile communication device, the method comprising: receiving in a security access manager a request from a requesting application software to access the software services component; determining in a security module (22) if the request should be granted by verifying the authenticity of the software application by means of a signature (21); and if the request is granted, granting access to the requested software services component via the at least one interface.
2. Method according to claim 1 , wherein the security module (22) loads a operating file which provides it with a list of secure signed files (20) which need to be cached for this application and the first secure signed file to run.
3. Method according to any preceding method claim, wherein the security module (22) either creates cached copies of the secure signed files (20) or checks that the copies have previously been cached correctly.
4. Method according to any preceding method claim, wherein the security module (22) creates a cached original content file (26) by removing a signature (21 ) from the secure signed file (20) and checks that it corresponds correctly to the original content file.
5. Method according to any preceding method claim, wherein the signature (21 ) is preferably stored at the beginning of the secure signed file (20).
6. Method according to any preceding method claim, wherein the security module (22) creates a name/value pair file (27) which contains a name value pair signature=sig-value where the sig-value is the signature plus a random number.
7. Method according to any preceding method claim, wherein the security module (22) loads the cached original content file (26) and make the loaded data available to the user interface (12, 13).
8. Method according to any preceding method claim, wherein the security module (22) sends the signature (21 ) for the original content file and the random number to a local web server (24).
9. Method according to any preceding method claim, wherein within the original content file (26) is a script which reads the associated signature (21) out of original content file and the random number stored in it.
10. Method according to any preceding method claim, wherein the script uses a local host URL to connect to the local web server (24) for calling middleware APIs, the URL contains a string representing the object to be instantiated in the middleware, parameters for that object, the signature, the random number and name of the file.
11. Method according to any preceding method claim, wherein the local web server (24) checks that the signature (21 ) has already been received from the security module (22), and authenticates the use of the script file.
12. A system for software application security access management in mobile communication devices, comprising a software services component and an interface component, the interface component having at least one application programming interface (12, 13) for providing access to the software services component for enabling application software to be installed, loaded, and run in the mobile communication device; and an security access manager for controlling access to the software services component by a requesting application software via the at least one interface (12, 13), the security access manager comprising a security module (22) for receiving a request from the requesting application software to access the software services component and for verifying security of the requesting application software; and wherein the requesting application software is granted access to the software services component via the at least one interface (12, 13) if its security and authenticity is approved.
13. System according to claim 12, wherein the request includes an identification of the requesting application software (20) by means of a signature (21 ).
14. System according to any preceding apparatus claim, wherein the security access manager comprises a content cache (25) for maintaining a record of files (26, 27) which have passed the security verification.
15. System according to any preceding apparatus claim, wherein the interface component is comprised in a middleware user interface services layer (11 ).
EP05802303A 2004-11-02 2005-10-25 Software application access management in mobile communication devices Ceased EP1817889A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB0424263A GB2422919B (en) 2004-11-02 2004-11-02 Software application security access management in mobile communication devices
PCT/EP2005/011424 WO2006048149A1 (en) 2004-11-02 2005-10-25 Software application security access management in mobile communication devices

Publications (1)

Publication Number Publication Date
EP1817889A1 true EP1817889A1 (en) 2007-08-15

Family

ID=33515935

Family Applications (1)

Application Number Title Priority Date Filing Date
EP05802303A Ceased EP1817889A1 (en) 2004-11-02 2005-10-25 Software application access management in mobile communication devices

Country Status (3)

Country Link
EP (1) EP1817889A1 (en)
GB (1) GB2422919B (en)
WO (1) WO2006048149A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8844056B2 (en) 2009-01-30 2014-09-23 British Telecommunications Public Limited Company Service provision
US9215548B2 (en) 2010-09-22 2015-12-15 Ncc Group Security Services, Inc. Methods and systems for rating privacy risk of applications for smart phones and other mobile platforms
US8990942B2 (en) 2013-02-18 2015-03-24 Wipro Limited Methods and systems for API-level intrusion detection
CN107508823B (en) * 2017-09-08 2020-02-11 新浪网技术(中国)有限公司 Method and system for realizing source return authentication
CN109150878A (en) * 2018-08-21 2019-01-04 郑州云海信息技术有限公司 A kind of method and device of the access limitation of cloud platform

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6188995B1 (en) * 1997-07-28 2001-02-13 Apple Computer, Inc. Method and apparatus for enforcing software licenses
EP2306260B1 (en) * 2000-09-21 2014-02-26 BlackBerry Limited Software code signing system and method
EP1367843A1 (en) * 2002-05-30 2003-12-03 SCHLUMBERGER Systèmes Secure interaction between downloaded application code and a smart card in a mobile communication apparatus
EP1361527A1 (en) * 2002-05-07 2003-11-12 Sony Ericsson Mobile Communications AB Method for loading an application in a device, device and smart card therefor
US7793355B2 (en) * 2002-12-12 2010-09-07 Reasearch In Motion Limited System and method of owner control of electronic devices
US20040193917A1 (en) * 2003-03-26 2004-09-30 Drews Paul C Application programming interface to securely manage different execution environments
EP1564957B1 (en) * 2004-02-11 2007-08-22 Sony Ericsson Mobile Communications AB Method and apparatus for providing dynamic security management

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO2006048149A1 *

Also Published As

Publication number Publication date
GB2422919A (en) 2006-08-09
GB0424263D0 (en) 2004-12-01
GB2422919B (en) 2009-05-27
WO2006048149A1 (en) 2006-05-11

Similar Documents

Publication Publication Date Title
US9124578B2 (en) Service opening method and system, and service opening server
US6859879B2 (en) Method and system for secure pervasive access
US7630706B2 (en) Dynamically distributed, portal-based application services network topology for cellular systems
US20100048170A1 (en) Software application security access management in mobile communication devices
US7184534B2 (en) Using a telephony application server for call control with a voice server
US20070011322A1 (en) Method and system for providing access to web services
US20070157310A1 (en) Security ensuring by program analysis on information device and transmission path
US20050261909A1 (en) Method and server for providing a multi-modal dialog
CN1993921A (en) Enhanced security using service provider authentication
US20060259947A1 (en) Method for enforcing a Java security policy in a multi virtual machine system
JP2002525689A (en) Method and system for configuring a speech recognition system
WO2006048149A1 (en) Software application security access management in mobile communication devices
US7933563B2 (en) Communication system, communication terminal, server, communication method to be used therein and program therefor
US7660863B2 (en) Confidence communication method between two units
US20050114437A1 (en) Providing web services from a service environment with a gateway
WO2012019653A1 (en) Web-telco convergence comprising downloading script commands to user terminals
GB2353918A (en) Access rights in a mobile communications system
CA2498317C (en) Method and system for automatically configuring access control
US20090012888A1 (en) Text-to-speech streaming via a network
WO2012106968A1 (en) Method and device for locally transmitting information by java application
CN112636981B (en) Block chain host, and proxy method, device and storage medium thereof
Wich et al. An extensible client platform for eID, signatures and more
KR20080078705A (en) Low complexity, multi-purpose communications device and information client
EP1533975B1 (en) Method and System for communication between a multi-modal device and a Web Application
KR100834569B1 (en) Open service verification apparatus and method

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20070530

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

DAX Request for extension of the european patent (deleted)
RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: T-MOBILE INTERNATIONAL AG & CO. KG

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: T-MOBILE INTERNATIONAL AG

17Q First examination report despatched

Effective date: 20130729

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20180625