WO2006055544A2 - Methods and apparatus for enforcing application level restrictions on local and remote content - Google Patents

Methods and apparatus for enforcing application level restrictions on local and remote content Download PDF

Info

Publication number
WO2006055544A2
WO2006055544A2 PCT/US2005/041327 US2005041327W WO2006055544A2 WO 2006055544 A2 WO2006055544 A2 WO 2006055544A2 US 2005041327 W US2005041327 W US 2005041327W WO 2006055544 A2 WO2006055544 A2 WO 2006055544A2
Authority
WO
WIPO (PCT)
Prior art keywords
content
permissions list
receiving
descriptor
instructions
Prior art date
Application number
PCT/US2005/041327
Other languages
French (fr)
Other versions
WO2006055544A3 (en
Inventor
Stephen A. Sprigg
Laurence Lundblade
Original Assignee
Qualcomm Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Incorporated filed Critical Qualcomm Incorporated
Priority to EP05851662A priority Critical patent/EP1813108A4/en
Priority to KR1020077013650A priority patent/KR100875798B1/en
Priority to BRPI0518017-1A priority patent/BRPI0518017A/en
Priority to CN2005800464772A priority patent/CN101099385B/en
Priority to JP2007543171A priority patent/JP2008521134A/en
Publication of WO2006055544A2 publication Critical patent/WO2006055544A2/en
Publication of WO2006055544A3 publication Critical patent/WO2006055544A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26603Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for automatically generating descriptors from content, e.g. when it is not made available by its provider, using content analysis techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/23418Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving operations for analysing video streams, e.g. detecting features or characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/43Processing of content or additional data, e.g. demultiplexing additional data from a digital video stream; Elementary client operations, e.g. monitoring of home network or synchronising decoder's clock; Client middleware
    • H04N21/44Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs
    • H04N21/44008Processing of video elementary streams, e.g. splicing a video clip retrieved from local storage with an incoming video stream or rendering scenes according to encoded video stream scene graphs involving operations for analysing video streams, e.g. detecting features or characteristics in the video stream
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/4508Management of client data or end-user data
    • H04N21/4532Management of client data or end-user data involving end-user characteristics, e.g. viewer profile, preferences
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/60Network structure or processes for video distribution between server and client or between remote clients; Control signalling between clients, server and network components; Transmission of management data between server and client, e.g. sending from server to client commands for recording incoming content stream; Communication details between server and client 
    • H04N21/63Control signaling related to video distribution between client, server and network components; Network processes for video distribution between server and clients or between remote clients, e.g. transmitting basic layer and enhancement layers over different transmission paths, setting up a peer-to-peer communication via Internet between remote STB's; Communication protocols; Addressing
    • H04N21/633Control signals issued by server directed to the network components or client
    • H04N21/6332Control signals issued by server directed to the network components or client directed to client
    • H04N21/6334Control signals issued by server directed to the network components or client directed to client for authorisation, e.g. by transmitting a key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/80Generation or processing of content or additional data by content creator independently of the distribution process; Content per se
    • H04N21/83Generation or processing of protective or descriptive data associated with content; Content structuring
    • H04N21/84Generation or processing of descriptive data, e.g. content descriptors
    • H04N21/8405Generation or processing of descriptive data, e.g. content descriptors represented by keywords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/16Analogue secrecy systems; Analogue subscription systems
    • H04N7/162Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing
    • H04N7/163Authorising the user terminal, e.g. by paying; Registering the use of a subscription channel, e.g. billing by receiver means only

Definitions

  • the present invention relates generally to the operation of data networks, and more particularly, to methods and apparatus for enforcing application level restrictions on local and remote content rendered on a device.
  • wireless network environments a variety of wireless devices, such as wireless telephones, personal digital assistants (PDAs), and paging devices, communicate over a wireless network.
  • the wireless network may also include network servers that operate to provide various network resources to the wireless devices.
  • the wireless networks may also be coupled to a public network, such as the Internet, so that resources on the public network can be made available to the wireless devices on the wireless network.
  • a wireless device may download and store an application program or multimedia content using the wireless network.
  • the application or content may be downloaded for free or purchased by the user of the wireless device, who effectively obtains the rights to use the application or content for an unlimited, fixed, or usage count based expiration period.
  • downloaded content has the potential to damage or delete information, or otherwise compromise the device that it is running on.
  • the content may include scripting, animations, or other commands that may delete files, generate pop- ups, create loud sounds or display inappropriate content.
  • device users cannot fully trust that downloaded applications or content will not access files or other personal information on their devices, or perform other undesirable functions.
  • One technique that has been used to restrict downloaded content is to allow the device user to set general controls regarding device operation. For example, device users can block all scripting from functioning on the device. Unfortunately, this technique forces the device user to make decisions about how and when to use these types of controls. In most cases, device users are not well informed or do not have enough knowledge to make these decisions.
  • setting general device controls may result in device users being unable to access content they would like to receive or unable to obtain certain application functionality without exposing the device to potential compromise.
  • the system should allow the device user to access a wide range of network resources without having to worry about downloading unrestricted content that may compromise the device or corrupt valuable device information.
  • the system should also operate without requiring the device user to make decisions about the types of restrictions that are required, or having to know which content requires specific restrictions. As a result, device users can be confident that the content they download will not damage or corrupt their devices or personal information stored on their devices.
  • a restriction system is provided to enforce application level restrictions on local and remote content rendered on a device.
  • the restriction system comprises a content descriptor, a permissions list and a modification detection indicator, (i.e., a digital signature) that binds the content descriptor and the permissions list.
  • the content descriptor comprises actual content data to be rendered on the device, and in another embodiment, the content descriptor identifies the location of an application or multimedia content that is to be downloaded and rendered on the device.
  • the permissions list is used by the restriction system to restrict the rendering, display and execution of the downloaded application or content.
  • the permissions list is used to control the access rights and privileges of the application or content so that systems, features, settings, and information on the wireless device are protected against unauthorized access by the application or content.
  • An authority such as a device service provider or other entity, approves the permissions list and generates the modification detection indicator that binds the permissions list and the content descriptor.
  • a method for use in a device to enforce restrictions on content render on the device.
  • the method comprises receiving a permissions list associated with the content, receiving a content descriptor that identifies the content, and receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor.
  • the method further comprises retrieving the content identified by the content descriptor, and rendering the content on the device, wherein the content is restricted based on the permissions list.
  • a device for rendering content comprises receiving logic that operates to obtain a permissions list, content descriptor, and a modification detection indicator that was created by an authority.
  • the device also comprises rendering logic that operates to verify the modification detection indicator, obtain content identified by the content descriptor, and render the content on the device, wherein the content is restricted based on the permissions list.
  • a device that operates to enforce restrictions on rendered content.
  • the device comprises means for receiving a permissions list associated with the content, means for receiving a content descriptor that identifies the content, and means receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor.
  • the device also comprises means for retrieving the content identified by the content descriptor, and means for rendering the content on the device, wherein the content is restricted based on the permissions list.
  • a computer-readable media comprises instructions, which when executed by a processor in a wireless device, enforce restrictions on content rendered by the device.
  • the computer readable media comprises instructions for receiving a permissions list associated with the content, instructions for receiving a content descriptor that identifies the content, and instructions receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor.
  • the computer-readable media also comprises instructions for retrieving the content identified by the content descriptor, and instructions for rendering the content on the device, wherein the content is restricted based on the permissions list.
  • a method is provided for generating a content package that is used to enforce restrictions on content rendered on a device. The method comprises receiving a permissions list associated with the content, receiving a content descriptor that describes the content, and generating a modification detection indicator that binds the permissions list and the content descriptor.
  • apparatus for generating a content package that is used to enforce restrictions on content rendered on a device.
  • the apparatus comprises receiving logic that operates to receive a permissions list associated with the content, and a content descriptor that describes the content.
  • the apparatus also comprises generating logic that operates to generate a modification detection indicator that binds the permissions list and the content descriptor.
  • apparatus for generating a content package that is used to enforce restrictions on content rendered on a device.
  • the apparatus comprising means for receiving a permissions list associated with the content, means for receiving a content descriptor that describes the content, and means for generating a modification detection indicator that binds the permissions list and the content descriptor.
  • a computer-readable media comprises instructions, which when executed by a processor, generate a content package that is used to enforce restrictions on content rendered on a device.
  • the computer readable media comprises instructions for receiving a permissions list associated with the content, instructions for receiving a content descriptor that identifies the content, and instructions generating a modification detection indicator that binds the permissions list and the content descriptor.
  • FIG. 1 shows a data network that comprises one embodiment of a restriction system to enforce application level restrictions on local and remote content rendered on a wireless device;
  • FIG. 2 shows a functional diagram of one embodiment of a restriction system for use in an authority that operates to generate a content package that is downloaded to a device;
  • FIG. 3 shows one embodiment of a content package for use with one or more embodiments of a restriction system
  • FIG. 4 shows a functional diagram of one embodiment of a restriction system for use in a device that operates to provide application level restrictions to applications and content rendered on the device;
  • FIG. 5 shows a data network that comprises one embodiment of a restriction system for use with a wireless device
  • FIG. 6 shows one embodiment of a method for enforcing application level restrictions on applications and content rendered on a wireless device
  • FIG. 7 shows one embodiment of an authority suitable for implementing one or more embodiments of a restriction system
  • FIG. 8 shows one embodiment of device suitable for implementing one or more embodiments of a restriction system.
  • the restriction system comprises a content viewer on the device to allow the device to access various network resources in an efficient and cost effective manner.
  • the content viewer also enforces restrictions on downloaded content to prevent unauthorized operation of device systems or access to specific device information.
  • the device may be any type of wired or wireless device, including but not limited to, a computer, a wireless telephone, a pager, a PDA, an email device, a tablet computer, or other type of wired or wireless device.
  • the content viewer interacts with a runtime environment executing on the device that is used to simplify operation of the device, such as by providing generalized calls for device specific resources.
  • a runtime environment executing on the device that is used to simplify operation of the device, such as by providing generalized calls for device specific resources.
  • One such runtime environment is the Binary Runtime Environment for WirelessTM (BREWTM) software platform developed by QUALCOMM, Inc., of San Diego, California.
  • BREWTM Binary Runtime Environment for WirelessTM
  • BREW software platform BREW software platform.
  • one or more embodiments of the restriction system are suitable for use with other types of content viewers and/or runtime environments to enforce application level restrictions on local and remote content rendered on wired and wireless devices.
  • content is use herein to describe any type of application, multimedia content, image file, executable, web page, script, document, presentation, message, or any other type of information that may be rendered on a device.
  • the restriction system operates to enforce application level restrictions on content rendered on a wireless device by performing one or more of the following steps.
  • a wireless device downloads a content package associated with content to be viewed on the device.
  • the content package includes a permissions list that describes the associated rights, restrictions, and privileges to be applied to the content.
  • the content package also includes a content descriptor, which identifies the content, and a modification detection indicator (i.e., a digital signature) that binds the permissions list and the content descriptor.
  • a content viewer application When the user attempts to view the content, a content viewer application is activated.
  • the content viewer application uses the digital signature to verify the authenticity of the permissions list and the content descriptor.
  • the content viewer application retrieves the content using the content descriptor and renders the content on the wireless device.
  • the rendered content is governed by the rules enforced on the content viewer application that were provided in the permissions list.
  • the content descriptor contains the actual content data.
  • the content descriptor may be a document, image file, web page, or any other type of viewable content.
  • the content descriptor is a content locator.
  • the content viewer operates as a network browser and the content descriptor is a content locator, such as a universal resource locator (URL).
  • the content viewer navigates to the network address provided by the content descriptor and displays content pages retrieved from that location.
  • the content viewer operates to restrict the operation of the retrieved content pages according to the restrictions in the permissions list.
  • the restriction system comprises a permissions list.
  • the permissions list is a list of access rights, privileges, restrictions, or limitations that are applied to an application or content that is executed or rendered on a device. For example, when content and an associated permission list are installed on a device, the restriction system operates to allow the rendered content to access only the resources granted in the permission list.
  • the developer of the application or content may create or provide input to creating the permissions list for the content.
  • a system administrator, or other authority such as a carrier or device manufacturer
  • a device server may be used to create the permissions list based on the input from authorities, entities, or parties involved with creating the application or content.
  • a content developer submits the content to an authority.
  • the authority reviews or evaluates the content and determines what privileges to assign to the content. The privileges then become part of the permissions list. Thus, the authority operates to approve the content and authorizes the associated rights provided in the permissions list.
  • a device may further limit or grant access to device resources beyond the scope of the permissions list. For example, a user may not have rights to a resource on the device to which the application has been granted permission by the permissions list. Thus, the device may provide additional rights or limitations and may therefore grant or refuse to grant access to resources even if permission has been granted in the permissions list.
  • the restriction system comprises a modification detection indicator that is used to provide a binding between a permissions list and a content descriptor.
  • any technique may be used to generate the modification detection indicator that binds the permissions list and the content descriptor.
  • the modification detection indicator is a digital signature that is generated using the permissions list and the content descriptor.
  • any type of signature, encoding, or other modification detection technique may be used to provide a binding between a permissions list and its associated content descriptor.
  • FIG. 1 shows a data network 100 that comprises one embodiment of a restriction system to enforce application level restrictions on local and remote content rendered on a wireless device.
  • the network 100 comprises a wireless device 102 that communicates with a data network 104 via a wireless communication channel 106.
  • the data network 104 subsumes a wired and wireless data network that is private, public or both.
  • the network 100 also comprises an authority 108 that operates to provide services to the wireless device 102.
  • the wireless device 102 may be a wireless telephone, and the authority 108 may be part of a nationwide telecommunications network that provides telecommunication services to the device 102.
  • a content server 110 Also in communication with the network 104 is a content server 110.
  • the content server 110 operates to provide content, such as multimedia content, to devices that are in communication with the network 104.
  • the authority 108 comprises logic to generate a content package 120 that comprises a permissions list, a content descriptor and a digital signature.
  • the permissions list describes rendering and resource access restrictions that are applied to applications or content identified by the content descriptor.
  • the content descriptor may comprise actual content data, such as an image file or document.
  • the content descriptor may also comprise a content locator that identifies the location of the content. For example, the content descriptor may identify an application or multimedia content located at the content server 110.
  • the content package 120 is downloaded from the authority 108 to the device 102.
  • the device 102 launches a content viewer 116 that operates to retrieve the content identified by the content descriptor and renders the content on the device 102 while applying the restrictions provided in the permissions list.
  • the content descriptor may be the actual content, which is rendered on the device by the content viewer 116.
  • the content descriptor is a content locator, which is used by the content viewer 116 to obtain the content for rendering on the device 102.
  • the restriction system operates to protect the resources on the wireless device 102 from unauthorized access by the downloaded content, and thereby removes this burden from the device user. This allows the device user to download applications and content for use on the wireless device 102 without having to worry that the downloaded application or content may compromise the operation of the device or corrupt important information stored on the device.
  • the permissions list and content descriptor may be created by the authority 108 and bound together using the digital signature.
  • the authority 108 may incorporate various security techniques, such as encoding, encryption, credentials, authentication signatures, or other modification detection/authentication techniques to transmit the content package 120 to the device 102.
  • the device can be sure it is receiving the content package 120 from a trusted source.
  • the authority 108, and the server 110 are distinct network servers located at different physical locations.
  • the servers 108, 110 are located at the same physical location, and in still another embodiment, the servers 108 and 110 are the same server.
  • the restriction system may be implemented using virtually any network configuration having a variety of servers that operate to provide the functions of the restriction system described herein.
  • ElG. 2 shows a functional diagram of one embodiment of a restriction system for use in the authority 108 that operates to generate a content package that is downloaded to a device.
  • the authority 108 operates to approve a permissions list and generate the content package for download to a wireless device, for example, the device 102.
  • the authority comprises a content receiver 202 that receives content 212 from the content server 110.
  • the authority also comprises a permission list receiver 204 that receives a proposed permission list 214 from the content server 110.
  • the approval/creation logic 206 takes the content 212 and the received permission list 214, evaluates the permissions list, and either approves or disapproves it.
  • the logic 206 operates to generate one based on the content itself and other parameters. For example, based on the type of content or the source of the content, the logic 206 generates an associated permissions list. Once an approved permissions list is obtained, the permission list and content go to the modification detection generator 208. The generator 208 generates a modification detection indicator that binds the permissions list to the content. For example, the modification detection indicator may be a digital signature. Finally, a package generator 210 generates a content package 216 that incorporates the content 214, the permission list 212, and modification detection indicator.
  • the content 214 is a content descriptor that identifies the content and its location. In another embodiment, the content 214 contains the actual application or content data. Once the content package is generated it is made available to the wireless device 102 which downloads it and renders it.
  • FIG. 3 shows one embodiment of a content package 300 for use with one or more embodiments of a restriction system.
  • the content package 300 shown in FIG. 3 may be the content package 120 shown in FIG. 1.
  • the content package comprises a permissions list 302, actual content or a content descriptor 306, a modification detection indicator 308, and additional information 310.
  • the permissions list 302 comprises authorization settings 304 that indicate what restrictions, authorizations, or privileges are granted to the described application or content.
  • the authorization settings 304 comprises a series of bits that when set to a value of "1" grant a particular authorization to the content based on the position of the bit.
  • the first bit position may grant or deny access to selected device files
  • the second bit may grant or deny access to device hardware, such as a modem
  • the third bit may grant or deny access to particular device settings, and so on.
  • the content section 306 comprises a content descriptor that describes the application or content.
  • the content descriptor may comprise the actual application or content data downloaded to the device.
  • the content descriptor may include multimedia content, such as a MPEG or MIDI file, or may include an application, such as a gaming program.
  • the content descriptor may comprise a content locator (i.e., a URL) that identifies an application or content and/or its location on a data network that the device has access to.
  • the content descriptor may comprise the link (http://www.foo.com/videos/movie.mpg) that when accessed by the device, will cause "movie.mpg" to be downloaded to the device.
  • the content descriptor describes a set of content pages or addresses, a domain name, or any other type of information set.
  • the content descriptor may be the actual application or content data, or a content locator that identifies the location of an application or content, or a content group that can be accessed and downloaded by the device.
  • the modification detection indicator 308 comprises a digital signature and/or other security information that binds the permissions list with the content descriptor so that it is possible to verify their authenticity. Virtually any type of modification detection technique may be used to produce the modification detection indicator 308.
  • the additional information section 310 comprises additional information about the application or content that is associated with the content package.
  • the information section 310 may include file size, version, or other information relative to the content package 120 or the associated application or content.
  • the additional information section 310 may also include license information associated with the application or content.
  • the license information may include the type of license granted, the date granted, the duration of the license, the cost of the license, or other license information.
  • the content package is generated by the package generation logic 212 at the authority 108.
  • application or content developers may generate a permissions list for their application or content.
  • the permissions list may be transmitted to the wireless device in several ways.
  • the application or content developer may transmit the permissions list to the authority 108 where it is evaluated, authorized and stored until the wireless device requests to download the associated content.
  • a permissions list authorized by an authority is stored with the application or content at their respective servers. When the wireless device attempts to download the application or content, the associated permissions list is also downloaded to the wireless device.
  • the modification detection indicator 308 generated by the authority is used to bind them and to allow the device to authenticate them as unmodified originals. Furthermore, the authority operates to create, evaluate, and/or authorize the permissions list so that regardless of where it is stored, the permissions list only grants authorized permissions to the associated application or content.
  • FIG. 4 shows a functional diagram of one embodiment of a restriction system for use in the device 102 that operates to provide application level restrictions to applications and content rendered on the device.
  • the content viewer 116 receives the content package 120 via a content receiver 402.
  • the content package 120 is transferred to the content viewer 116, which takes the package apart and verifies the digital signature. If the content is not in the package, then the content viewer 116 fetches the content using content request logic 404.
  • the content descriptor may be an address where the content is stored.
  • the content request logic 404 operates to transmit a request 408 to retrieve the content 410 from this address.
  • the content viewer 116 operates to render the content on the device and restrict the rendering operation based on the permission list 402 in the content package 120.
  • the runtime/OS 406 is not directly involved and only supports the content viewer 116.
  • the content package is received by the receiver 402 and is handed off to the runtime/OS 406.
  • the runtime/OS takes apart the package 120 and verifies the digital signature 408 in it. It also extracts the permission list 402. It then invokes the content viewer 116 handing it the content descriptor 406. It also restricts the operation of the content viewer 116 based on the permission list 402.
  • the restrictions in the permission list are partly imposed by the content viewer 116 and partly by the runtime/OS 406.
  • FIG. 5 shows a data network 500 that comprises one embodiment of a restriction system for use with a wireless device.
  • the network 500 comprises a general purpose data network 502 that includes connections to an authority 504 and a content server 506.
  • the data network 502 may be private or public or both and may be wired or wireless or both.
  • the authority 504 may be a carrier server, device server, or other authority.
  • the network 502 also communicates with a wireless device 508 via a wireless communication channel 510.
  • wireless device 508 includes a runtime environment, such as that provided by the BREW software platform.
  • ElG. 6 shows one embodiment of a method 600 for enforcing application level restrictions on applications and content rendered on a wireless device.
  • the method 600 is suitable for use with the network 500 shown in FlG. 5. Therefore, for added clarity, the following detailed description of the method 600 includes additional references to the network 500.
  • the method 600 begins at block 602, when a content server submits a request to the restriction system to authorize content so that a wireless device may render it without concern.
  • the content server 506 submits a request, as shown at path 5a, to register content with the authority 504.
  • the request may include a content descriptor that comprises the actual content data, or a content locator, and may also include a permissions list for the content. In one embodiment, if the permissions list is not provided, the authority 504 generates the permissions list for the content.
  • the authority operates to create/evaluate an authorized permissions list. For example, in one embodiment, the authority 504 evaluates the content and/or other information related to the content and generates an authorized permissions list that is associated with the content. In another embodiment, the content provider 506 provides a permissions list and the authority operates to evaluate the provided permissions list and determine whether the permissions list should be authorized. Thus, any privileges granted to the content via the permissions list are first authorized by the authority 504.
  • the authority generates a modification detection indicator that binds the content descriptor and the permissions list.
  • the authority 504 generates a digital signature using the content descriptor and the permissions list.
  • any other modification detection technique could be used.
  • the content descriptor, permissions list and the digital signature form a content package that may be transmitted to a wireless device or any other entities on the network 502.
  • the content descriptor may be the actual content or a content locator.
  • an indication is provided to the wireless device that the content is available for download. For example, the device 508 may browse a catalog of available content provided by the authority 504.
  • the authority 504 transmits an icon, as shown at path 5b, for display on the wireless device 508 that the user may select to access the content, hi one embodiment, the runtime environment executing on the device 508 receives and displays the icon to the device user.
  • the wireless device user submits a request to the authority to download an application or multimedia content. For example, the device user selects the icon displayed on the device 508 and the runtime environment executing on the device 508 transmits a request, as shown at path 5c, to the authority 504 using the network 502 to download the application or multimedia content associated with the displayed icon.
  • a content package is transmitted to the device.
  • the authority 504 responds to the device's 508 request by transmitting to the device 508 (as shown at path 5d) a content package that includes the content descriptor, the permissions list and the digital signature.
  • the content package may also include additional information about the content or additional security information used, such as a key or credential to verify that the device has received the content package from the authority 504.
  • the credential allows the device to verify that it has received the content package from a trusted source.
  • the runtime environment running on the wireless device launches a content viewer that operates to process the content package to allow the device user to view the requested content.
  • the BREW runtime environment running on the wireless device 508 launches the content viewer 116.
  • the content viewer uses the digital signature to verify the authenticity of the permissions list and the content descriptor.
  • the content viewer 116 uses the permissions list and the content descriptor to generate a second digital signature that is compared to the digital signature received from the authority 504 in the content package. Assuming the permissions list and the content descriptor are authentic, the method proceeds to block 616.
  • the content viewer processes the content package and determines that it contains a content descriptor that identifies the content data.
  • the content descriptor is an address (URL) to the content, which is located at the content server 506.
  • the content viewer transmits a request to the content server to receive the content.
  • the content viewer 514 transmits a request to the content server 506 over the wireless network 502, as shown at path 5e.
  • the request is a request to receive the content pointed to by the content descriptor.
  • the content server transmits the content to the wireless device.
  • the content server 506 receives the request, and in response, transmits the content identified by the content descriptor to the wireless device 508, as shown at path 5f.
  • the content viewer then renders the content on the device.
  • the content viewer uses the restrictions provided in the permission list to apply to the content so that the content is restricted from accessing selected functions, features, device settings, and/or specific information stored on the device.
  • Virtually any type of resource or operational restriction may be provided based on the permissions in the permissions list.
  • the restriction system allows the device 508 to download content from remote servers and render the content knowing that the restriction system has restricted the content so that device resources or information will not be access without proper authorization.
  • the restriction of the content occurs without burdening the device user with having to determine when and how to restrict the content.
  • the method 600 describes the use of a content package that comprises a permissions list, content descriptor and digital signature
  • a content package is not used.
  • the permissions list, content descriptor, and modification detection indicator may be transmitted to the wireless device from the same or different sources.
  • a content provider may transmit the content descriptor
  • a device server may transmit the permissions list
  • an authority may transmit the modification detection indicator.
  • the modification detection indicator is incorporated into the permissions list and/or the content descriptor. Virtually any combination of the information is possible, and the information may be transmitted to the device from one or any number of transmitting sources.
  • the wireless device operates to authenticate that the modification detection indicator was generated by the proper authority. For example, any type of encoding, encryption, credentials, etc., may be used to authenticate the modification detection indicator. Once the modification detection indicator is authenticated, it is used to authenticate the permissions list and the content descriptor. Thus, no matter how the information is transmitted to the device, the authentication process allows the device to verify that it has the authentic information, which may be used to safely render the content on the device.
  • FlG. 7 shows one embodiment of an authority 700 suitable for implementing one or more embodiments of a restriction system as described herein.
  • the authority 700 and all its functional blocks may be implemented as software, hardware, or both.
  • the functional blocks are implemented as instructions stored in memory 708 and executed by processing logic 702.
  • some of the functional blocks such as the package generator 712 may be implemented as special purpose hardware (i.e., a gate array) or any other hardware, logic, or circuit capable of providing the described functionality.
  • a network interface 706 operates to provide communications 714 between the authority and a data network.
  • the network interface 706 allows the authority 700 to communicate with content servers, devices, and other network entities.
  • a user interface 710 operates to provide interaction between the authority 700 and a user via the user input 716.
  • the user interface 710 is used to allow a user to communicate operating parameters to the processing logic 702.
  • the package generator logic 712 operates to receive content and a permissions list, evaluate the permissions list, and approve or disapprove it. In another embodiment, the package logic 712 operates to generate a permissions list based on the received content and other parameters. Once an authorized permissions list is obtained, the logic 712 operates to binding the permissions list and the content using a modification detection indicator, such as a digital signature. The content, permissions list, and digital signature are then combined into a content package that is transmitted to a device via the network interface 706.
  • a modification detection indicator such as a digital signature
  • FIG. 8 shows one embodiment of device 800 suitable for implementing one or more embodiments of a restriction system as described herein.
  • the device 800 comprises processing logic 802, internal bus 804, network interface 806, rendering logic 812, memory 808, and user interface 810.
  • all the functional blocks of the device 800 are implemented as instructions stored in the memory 808 and executed by processing logic 802.
  • some of the functional blocks such as the content viewer 116 may be implemented as special purpose hardware (i.e., a gate array) connected to the bus 804, or as any other hardware circuit capable of providing the required functionality.
  • the network interface 806 may use any means of transferring, storing or copying data including a network connection 816 that may be coupled to local or remote networks, devices, or systems.
  • the processing logic 802 executes program instructions stored in the memory 808 that cause a runtime environment 814 to be activated.
  • the runtime environment 814 processes a content package received via the network interface 806, and in response, activates a content viewer 116.
  • the content viewer 116 operates to render content contained in the content package using the rendering logic 812.
  • the content viewer renders the content using restrictions based on a permissions list provided in the content package.
  • the content package includes a content descriptor that identifies the location of the content to be rendered.
  • the content viewer 116 uses the content descriptor to obtain the content from the specified location via the network interface 806. Once obtained, the content is rendered via the rendering logic 812.
  • the device 800 illustrates just one embodiment of a device suitable for implementing a restriction system as described herein. It is also possible to implement a restriction system using different functional elements, rearranging the elements, or using a different type of device. Thus, the embodiments described herein are not limited to the implementation shown in FIG. 8.
  • the device user may override access rights or restrictions provided in the permissions list. For example, by providing specific user inputs, the user may override access rights provided in the permissions list to prevent an application or content from accessing a specific device resource or stored information. Thus, the device user maintains the ability to control access to device resources even if access to those resources is not granted in the permissions list.
  • a restriction system has been described that includes methods and apparatus to enforce application level restrictions on local and remote applications and content rendered on a wireless device.
  • the system is suitable for use with all types of wireless devices and is especially well suited for use with mobile telephones to provide access to a wide range of network resources while providing restrictions to protect feature, functions, settings, information and other device systems.

Landscapes

  • Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Technology Law (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Methods and apparatus for enforcing application level restrictions on local and remote content rendered on a device (102,600). One method comprises receiving a permissions list (120,302) associated with the content, receiving a content descriptor (120,306) that identifies the content, and receiving a modification detection indicator (120,308) that was created by an authority (108), wherein the modification detection indicator binds the permissions list and the content descriptor. The method further comprises retrieving the content identified by the content descriptor (106,402), and rendering the content on the device (116,622), wherein the content is restricted based on the permissions list (120,624).

Description

METHODS AND APPARATUS FOR ENFORCING APPLICATION LEVEL RESTRICTIONS ON LOCAL AND REMOTE CONTENT
BACKGROUND
I. FIELD
[0001] The present invention relates generally to the operation of data networks, and more particularly, to methods and apparatus for enforcing application level restrictions on local and remote content rendered on a device.
II. DESCRIPTIONOFTHERELATEDART
[0002] Advances in technology have resulted in the development and deployment of extensive data networks. These networks include both public data networks, such as the Internet, and specialized networks, such as wireless telecommunication networks. Users of these networks have the ability to access a wide variety of information and services that are available as network resources.
[0003] One example where there is an increasing demand for network resources is in wireless network environments. In wireless environments, a variety of wireless devices, such as wireless telephones, personal digital assistants (PDAs), and paging devices, communicate over a wireless network. The wireless network may also include network servers that operate to provide various network resources to the wireless devices. Furthermore, the wireless networks may also be coupled to a public network, such as the Internet, so that resources on the public network can be made available to the wireless devices on the wireless network.
[0004] Typically, a wireless device may download and store an application program or multimedia content using the wireless network. The application or content may be downloaded for free or purchased by the user of the wireless device, who effectively obtains the rights to use the application or content for an unlimited, fixed, or usage count based expiration period.
[0005] However, downloaded content has the potential to damage or delete information, or otherwise compromise the device that it is running on. For example, the content may include scripting, animations, or other commands that may delete files, generate pop- ups, create loud sounds or display inappropriate content. Thus, device users cannot fully trust that downloaded applications or content will not access files or other personal information on their devices, or perform other undesirable functions. [0006] One technique that has been used to restrict downloaded content is to allow the device user to set general controls regarding device operation. For example, device users can block all scripting from functioning on the device. Unfortunately, this technique forces the device user to make decisions about how and when to use these types of controls. In most cases, device users are not well informed or do not have enough knowledge to make these decisions. Furthermore, setting general device controls may result in device users being unable to access content they would like to receive or unable to obtain certain application functionality without exposing the device to potential compromise.
[0007] Therefore, what is needed is a system to enforce application level restrictions on applications or content available to a device over a network. The system should allow the device user to access a wide range of network resources without having to worry about downloading unrestricted content that may compromise the device or corrupt valuable device information. The system should also operate without requiring the device user to make decisions about the types of restrictions that are required, or having to know which content requires specific restrictions. As a result, device users can be confident that the content they download will not damage or corrupt their devices or personal information stored on their devices.
SUMMARY
[0008] In one or more embodiments, a restriction system is provided to enforce application level restrictions on local and remote content rendered on a device. In one embodiment, the restriction system comprises a content descriptor, a permissions list and a modification detection indicator, (i.e., a digital signature) that binds the content descriptor and the permissions list. In one embodiment, the content descriptor comprises actual content data to be rendered on the device, and in another embodiment, the content descriptor identifies the location of an application or multimedia content that is to be downloaded and rendered on the device. The permissions list is used by the restriction system to restrict the rendering, display and execution of the downloaded application or content. For example, the permissions list is used to control the access rights and privileges of the application or content so that systems, features, settings, and information on the wireless device are protected against unauthorized access by the application or content. An authority, such as a device service provider or other entity, approves the permissions list and generates the modification detection indicator that binds the permissions list and the content descriptor.
[0009] In one embodiment, a method is provided for use in a device to enforce restrictions on content render on the device. The method comprises receiving a permissions list associated with the content, receiving a content descriptor that identifies the content, and receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor. The method further comprises retrieving the content identified by the content descriptor, and rendering the content on the device, wherein the content is restricted based on the permissions list.
[0010] In another embodiment, a device for rendering content is provided. The device comprises receiving logic that operates to obtain a permissions list, content descriptor, and a modification detection indicator that was created by an authority. The device also comprises rendering logic that operates to verify the modification detection indicator, obtain content identified by the content descriptor, and render the content on the device, wherein the content is restricted based on the permissions list.
[0011] In another embodiment, a device is provided that operates to enforce restrictions on rendered content. The device comprises means for receiving a permissions list associated with the content, means for receiving a content descriptor that identifies the content, and means receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor. The device also comprises means for retrieving the content identified by the content descriptor, and means for rendering the content on the device, wherein the content is restricted based on the permissions list.
[0012] In another embodiment, a computer-readable media is provided that comprises instructions, which when executed by a processor in a wireless device, enforce restrictions on content rendered by the device. The computer readable media comprises instructions for receiving a permissions list associated with the content, instructions for receiving a content descriptor that identifies the content, and instructions receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor. The computer-readable media also comprises instructions for retrieving the content identified by the content descriptor, and instructions for rendering the content on the device, wherein the content is restricted based on the permissions list. [0013] In another embodiment, a method is provided for generating a content package that is used to enforce restrictions on content rendered on a device. The method comprises receiving a permissions list associated with the content, receiving a content descriptor that describes the content, and generating a modification detection indicator that binds the permissions list and the content descriptor.
[0014] In another embodiment, apparatus is provided for generating a content package that is used to enforce restrictions on content rendered on a device. The apparatus comprises receiving logic that operates to receive a permissions list associated with the content, and a content descriptor that describes the content. The apparatus also comprises generating logic that operates to generate a modification detection indicator that binds the permissions list and the content descriptor.
[0015] In another embodiment, apparatus is provided for generating a content package that is used to enforce restrictions on content rendered on a device. The apparatus comprising means for receiving a permissions list associated with the content, means for receiving a content descriptor that describes the content, and means for generating a modification detection indicator that binds the permissions list and the content descriptor.
[0016] hi another embodiment, a computer-readable media is provided that comprises instructions, which when executed by a processor, generate a content package that is used to enforce restrictions on content rendered on a device. The computer readable media comprises instructions for receiving a permissions list associated with the content, instructions for receiving a content descriptor that identifies the content, and instructions generating a modification detection indicator that binds the permissions list and the content descriptor.
[0017] Other aspects, advantages, and features of the present invention will become apparent after review of the hereinafter set forth Brief Description of the Drawings, Detailed Description of the Invention, and the Claims.
BRIEF DESCRIPTION OF THE DRAWINGS
[0018] The foregoing aspects and the attendant advantages of the embodiments described herein will become more readily apparent by reference to the following detailed description when taken in conjunction with the accompanying drawings wherein: [0019] FIG. 1 shows a data network that comprises one embodiment of a restriction system to enforce application level restrictions on local and remote content rendered on a wireless device;
[0020] FIG. 2 shows a functional diagram of one embodiment of a restriction system for use in an authority that operates to generate a content package that is downloaded to a device;
[0021] FIG. 3 shows one embodiment of a content package for use with one or more embodiments of a restriction system;
[0022] FIG. 4 shows a functional diagram of one embodiment of a restriction system for use in a device that operates to provide application level restrictions to applications and content rendered on the device;
[0023] FIG. 5 shows a data network that comprises one embodiment of a restriction system for use with a wireless device;
[0024] FIG. 6 shows one embodiment of a method for enforcing application level restrictions on applications and content rendered on a wireless device;
[0025] FIG. 7 shows one embodiment of an authority suitable for implementing one or more embodiments of a restriction system; and
[0026] FIG. 8 shows one embodiment of device suitable for implementing one or more embodiments of a restriction system.
DETAILED DESCRIPTION
[0027] The following detailed description describes one or more embodiments of a restriction system that includes methods and apparatus to enforce application level restrictions on local and remote content rendered on a device. In one embodiment, the restriction system comprises a content viewer on the device to allow the device to access various network resources in an efficient and cost effective manner. The content viewer also enforces restrictions on downloaded content to prevent unauthorized operation of device systems or access to specific device information. The device may be any type of wired or wireless device, including but not limited to, a computer, a wireless telephone, a pager, a PDA, an email device, a tablet computer, or other type of wired or wireless device.
[0028] In one or more embodiments, the content viewer interacts with a runtime environment executing on the device that is used to simplify operation of the device, such as by providing generalized calls for device specific resources. One such runtime environment is the Binary Runtime Environment for Wireless™ (BREW™) software platform developed by QUALCOMM, Inc., of San Diego, California. In the following description, it will be assumed that the restriction system uses a content viewer implemented on a wireless device that is executing a runtime environment, such as the
BREW software platform. However, one or more embodiments of the restriction system are suitable for use with other types of content viewers and/or runtime environments to enforce application level restrictions on local and remote content rendered on wired and wireless devices. Furthermore, the term "content" is use herein to describe any type of application, multimedia content, image file, executable, web page, script, document, presentation, message, or any other type of information that may be rendered on a device.
[0029] In one embodiment, the restriction system operates to enforce application level restrictions on content rendered on a wireless device by performing one or more of the following steps.
[0030] 1. A wireless device downloads a content package associated with content to be viewed on the device. The content package includes a permissions list that describes the associated rights, restrictions, and privileges to be applied to the content. The content package also includes a content descriptor, which identifies the content, and a modification detection indicator (i.e., a digital signature) that binds the permissions list and the content descriptor.
[0031] 2. When the user attempts to view the content, a content viewer application is activated. The content viewer application uses the digital signature to verify the authenticity of the permissions list and the content descriptor.
[0032] 3. The content viewer application retrieves the content using the content descriptor and renders the content on the wireless device.
[0033] 4. The rendered content is governed by the rules enforced on the content viewer application that were provided in the permissions list.
[0034] In one embodiment, the content descriptor contains the actual content data. For example, the content descriptor may be a document, image file, web page, or any other type of viewable content.
[0035] In one embodiment, the content descriptor is a content locator. For example, the content viewer operates as a network browser and the content descriptor is a content locator, such as a universal resource locator (URL). The content viewer navigates to the network address provided by the content descriptor and displays content pages retrieved from that location. In one embodiment, the content viewer operates to restrict the operation of the retrieved content pages according to the restrictions in the permissions list.
Permissions List
[0036] In one or more embodiments, the restriction system comprises a permissions list.
The permissions list is a list of access rights, privileges, restrictions, or limitations that are applied to an application or content that is executed or rendered on a device. For example, when content and an associated permission list are installed on a device, the restriction system operates to allow the rendered content to access only the resources granted in the permission list.
[0037] In one embodiment, the developer of the application or content, a system administrator, or other authority, such as a carrier or device manufacturer, may create or provide input to creating the permissions list for the content. In another embodiment, a device server may be used to create the permissions list based on the input from authorities, entities, or parties involved with creating the application or content.
[0038] In one embodiment, a content developer submits the content to an authority.
The authority reviews or evaluates the content and determines what privileges to assign to the content. The privileges then become part of the permissions list. Thus, the authority operates to approve the content and authorizes the associated rights provided in the permissions list.
[0039] It will be recognized by those skilled in the art that a device may further limit or grant access to device resources beyond the scope of the permissions list. For example, a user may not have rights to a resource on the device to which the application has been granted permission by the permissions list. Thus, the device may provide additional rights or limitations and may therefore grant or refuse to grant access to resources even if permission has been granted in the permissions list.
[0040] By associating the resources of a device to an application or content using a permission list, multiple permission lists may be created for use with the same application or content. Consequently, on different devices, different resources may be granted access to the same application or content. Bindings
[0041] In one or more embodiments, the restriction system comprises a modification detection indicator that is used to provide a binding between a permissions list and a content descriptor. For example, any technique may be used to generate the modification detection indicator that binds the permissions list and the content descriptor. For example, in one embodiment, the modification detection indicator is a digital signature that is generated using the permissions list and the content descriptor. However, any type of signature, encoding, or other modification detection technique may be used to provide a binding between a permissions list and its associated content descriptor. Once the digital signature, permissions list, and content locator are transmitted to a wireless device, the device can use the signature to authenticate the permissions list and the content descriptor. For the purpose of this description, it will be assumed that entities transmitting the above-described information to the device are properly credentialed using any type of known credentialing or authentication technique, so that the receiving device can verify that it is receiving the information from a trusted source.
[0042] FIG. 1 shows a data network 100 that comprises one embodiment of a restriction system to enforce application level restrictions on local and remote content rendered on a wireless device. The network 100 comprises a wireless device 102 that communicates with a data network 104 via a wireless communication channel 106. The data network 104 subsumes a wired and wireless data network that is private, public or both. The network 100 also comprises an authority 108 that operates to provide services to the wireless device 102. For example, the wireless device 102 may be a wireless telephone, and the authority 108 may be part of a nationwide telecommunications network that provides telecommunication services to the device 102. [0043] Also in communication with the network 104 is a content server 110. The content server 110 operates to provide content, such as multimedia content, to devices that are in communication with the network 104.
[0044] In one embodiment, the authority 108 comprises logic to generate a content package 120 that comprises a permissions list, a content descriptor and a digital signature. The permissions list describes rendering and resource access restrictions that are applied to applications or content identified by the content descriptor. The content descriptor may comprise actual content data, such as an image file or document. The content descriptor may also comprise a content locator that identifies the location of the content. For example, the content descriptor may identify an application or multimedia content located at the content server 110.
[0045] During operation of the system, the content package 120 is downloaded from the authority 108 to the device 102. The device 102 launches a content viewer 116 that operates to retrieve the content identified by the content descriptor and renders the content on the device 102 while applying the restrictions provided in the permissions list. For example, the content descriptor may be the actual content, which is rendered on the device by the content viewer 116. In another embodiment, the content descriptor is a content locator, which is used by the content viewer 116 to obtain the content for rendering on the device 102.
[0046] Because the permissions list is used to restrict the rendered content, the restriction system operates to protect the resources on the wireless device 102 from unauthorized access by the downloaded content, and thereby removes this burden from the device user. This allows the device user to download applications and content for use on the wireless device 102 without having to worry that the downloaded application or content may compromise the operation of the device or corrupt important information stored on the device.
[0047] The permissions list and content descriptor may be created by the authority 108 and bound together using the digital signature. For secure transmission of the content package 120, as well as any other data transfer, the authority 108 may incorporate various security techniques, such as encoding, encryption, credentials, authentication signatures, or other modification detection/authentication techniques to transmit the content package 120 to the device 102. Thus, the device can be sure it is receiving the content package 120 from a trusted source.
[0048] In one embodiment, the authority 108, and the server 110, are distinct network servers located at different physical locations. In another embodiment, the servers 108, 110 are located at the same physical location, and in still another embodiment, the servers 108 and 110 are the same server. Thus, in one or more embodiments, the restriction system may be implemented using virtually any network configuration having a variety of servers that operate to provide the functions of the restriction system described herein.
[0049] ElG. 2 shows a functional diagram of one embodiment of a restriction system for use in the authority 108 that operates to generate a content package that is downloaded to a device. In one embodiment, the authority 108 operates to approve a permissions list and generate the content package for download to a wireless device, for example, the device 102. The authority comprises a content receiver 202 that receives content 212 from the content server 110. The authority also comprises a permission list receiver 204 that receives a proposed permission list 214 from the content server 110. The approval/creation logic 206 takes the content 212 and the received permission list 214, evaluates the permissions list, and either approves or disapproves it. If no permission list is received, the logic 206 operates to generate one based on the content itself and other parameters. For example, based on the type of content or the source of the content, the logic 206 generates an associated permissions list. Once an approved permissions list is obtained, the permission list and content go to the modification detection generator 208. The generator 208 generates a modification detection indicator that binds the permissions list to the content. For example, the modification detection indicator may be a digital signature. Finally, a package generator 210 generates a content package 216 that incorporates the content 214, the permission list 212, and modification detection indicator.
[0050] In one embodiment, the content 214 is a content descriptor that identifies the content and its location. In another embodiment, the content 214 contains the actual application or content data. Once the content package is generated it is made available to the wireless device 102 which downloads it and renders it.
[0051] FIG. 3 shows one embodiment of a content package 300 for use with one or more embodiments of a restriction system. For example, the content package 300 shown in FIG. 3 may be the content package 120 shown in FIG. 1. The content package comprises a permissions list 302, actual content or a content descriptor 306, a modification detection indicator 308, and additional information 310. [0052] The permissions list 302 comprises authorization settings 304 that indicate what restrictions, authorizations, or privileges are granted to the described application or content. For example, the authorization settings 304 comprises a series of bits that when set to a value of "1" grant a particular authorization to the content based on the position of the bit. For example, the first bit position may grant or deny access to selected device files, the second bit may grant or deny access to device hardware, such as a modem, and the third bit may grant or deny access to particular device settings, and so on. Thus, it is possible to grant or deny access to any type of device feature, function, setting or other information based on the bit settings in the permissions list 302. [0053] In one embodiment, the content section 306 comprises a content descriptor that describes the application or content. For example, the content descriptor may comprise the actual application or content data downloaded to the device. For example, the content descriptor may include multimedia content, such as a MPEG or MIDI file, or may include an application, such as a gaming program. In another embodiment, the content descriptor may comprise a content locator (i.e., a URL) that identifies an application or content and/or its location on a data network that the device has access to. For example, the content descriptor may comprise the link (http://www.foo.com/videos/movie.mpg) that when accessed by the device, will cause "movie.mpg" to be downloaded to the device. In another embodiment, the content descriptor describes a set of content pages or addresses, a domain name, or any other type of information set. Thus, the content descriptor may be the actual application or content data, or a content locator that identifies the location of an application or content, or a content group that can be accessed and downloaded by the device. [0054] In one embodiment, the modification detection indicator 308 comprises a digital signature and/or other security information that binds the permissions list with the content descriptor so that it is possible to verify their authenticity. Virtually any type of modification detection technique may be used to produce the modification detection indicator 308.
[0055] The additional information section 310 comprises additional information about the application or content that is associated with the content package. For example, the information section 310 may include file size, version, or other information relative to the content package 120 or the associated application or content. The additional information section 310 may also include license information associated with the application or content. For example, the license information may include the type of license granted, the date granted, the duration of the license, the cost of the license, or other license information.
[0056] In one embodiment, the content package is generated by the package generation logic 212 at the authority 108. However, it is also possible to generate all or part of the content package at other locations. For example, application or content developers may generate a permissions list for their application or content. In this case, the permissions list may be transmitted to the wireless device in several ways. For example, the application or content developer may transmit the permissions list to the authority 108 where it is evaluated, authorized and stored until the wireless device requests to download the associated content. In another example, a permissions list authorized by an authority is stored with the application or content at their respective servers. When the wireless device attempts to download the application or content, the associated permissions list is also downloaded to the wireless device. Regardless of the originating location of the content descriptor and the permissions list, the modification detection indicator 308 generated by the authority is used to bind them and to allow the device to authenticate them as unmodified originals. Furthermore, the authority operates to create, evaluate, and/or authorize the permissions list so that regardless of where it is stored, the permissions list only grants authorized permissions to the associated application or content.
[0057] FIG. 4 shows a functional diagram of one embodiment of a restriction system for use in the device 102 that operates to provide application level restrictions to applications and content rendered on the device. In one embodiment, the content viewer 116 receives the content package 120 via a content receiver 402. The content package 120 is transferred to the content viewer 116, which takes the package apart and verifies the digital signature. If the content is not in the package, then the content viewer 116 fetches the content using content request logic 404. For example, the content descriptor may be an address where the content is stored. The content request logic 404 operates to transmit a request 408 to retrieve the content 410 from this address. Once the content is available, the content viewer 116 operates to render the content on the device and restrict the rendering operation based on the permission list 402 in the content package 120. In this embodiment the runtime/OS 406 is not directly involved and only supports the content viewer 116.
[0058] In another embodiment the content package is received by the receiver 402 and is handed off to the runtime/OS 406. The runtime/OS takes apart the package 120 and verifies the digital signature 408 in it. It also extracts the permission list 402. It then invokes the content viewer 116 handing it the content descriptor 406. It also restricts the operation of the content viewer 116 based on the permission list 402. [0059] In a third embodiment the restrictions in the permission list are partly imposed by the content viewer 116 and partly by the runtime/OS 406.
[0060] FIG. 5 shows a data network 500 that comprises one embodiment of a restriction system for use with a wireless device. The network 500 comprises a general purpose data network 502 that includes connections to an authority 504 and a content server 506. The data network 502 may be private or public or both and may be wired or wireless or both. The authority 504 may be a carrier server, device server, or other authority. The network 502 also communicates with a wireless device 508 via a wireless communication channel 510. For this description, it will be assumed that wireless device 508 includes a runtime environment, such as that provided by the BREW software platform.
[0061] ElG. 6 shows one embodiment of a method 600 for enforcing application level restrictions on applications and content rendered on a wireless device. For example, the method 600 is suitable for use with the network 500 shown in FlG. 5. Therefore, for added clarity, the following detailed description of the method 600 includes additional references to the network 500.
[0062] Referring now to FIG. 6, the method 600 begins at block 602, when a content server submits a request to the restriction system to authorize content so that a wireless device may render it without concern. For example, the content server 506 submits a request, as shown at path 5a, to register content with the authority 504. The request may include a content descriptor that comprises the actual content data, or a content locator, and may also include a permissions list for the content. In one embodiment, if the permissions list is not provided, the authority 504 generates the permissions list for the content.
[0063] At block 604, the authority operates to create/evaluate an authorized permissions list. For example, in one embodiment, the authority 504 evaluates the content and/or other information related to the content and generates an authorized permissions list that is associated with the content. In another embodiment, the content provider 506 provides a permissions list and the authority operates to evaluate the provided permissions list and determine whether the permissions list should be authorized. Thus, any privileges granted to the content via the permissions list are first authorized by the authority 504.
[0064] At block 606, the authority generates a modification detection indicator that binds the content descriptor and the permissions list. For example, in one embodiment, the authority 504 generates a digital signature using the content descriptor and the permissions list. However, any other modification detection technique could be used. In one embodiment, the content descriptor, permissions list and the digital signature form a content package that may be transmitted to a wireless device or any other entities on the network 502. The content descriptor may be the actual content or a content locator. [0065] At block 608, an indication is provided to the wireless device that the content is available for download. For example, the device 508 may browse a catalog of available content provided by the authority 504. In one embodiment, the authority 504 transmits an icon, as shown at path 5b, for display on the wireless device 508 that the user may select to access the content, hi one embodiment, the runtime environment executing on the device 508 receives and displays the icon to the device user. [0066] At block 610, the wireless device user submits a request to the authority to download an application or multimedia content. For example, the device user selects the icon displayed on the device 508 and the runtime environment executing on the device 508 transmits a request, as shown at path 5c, to the authority 504 using the network 502 to download the application or multimedia content associated with the displayed icon.
[0067] At block 612, in response to the request for content, a content package is transmitted to the device. For example, the authority 504 responds to the device's 508 request by transmitting to the device 508 (as shown at path 5d) a content package that includes the content descriptor, the permissions list and the digital signature. The content package may also include additional information about the content or additional security information used, such as a key or credential to verify that the device has received the content package from the authority 504. For example, the credential allows the device to verify that it has received the content package from a trusted source. [0068] At block 614, the runtime environment running on the wireless device launches a content viewer that operates to process the content package to allow the device user to view the requested content. For example, the BREW runtime environment running on the wireless device 508 launches the content viewer 116.
[0069] At block 616, the content viewer uses the digital signature to verify the authenticity of the permissions list and the content descriptor. For example, the content viewer 116 uses the permissions list and the content descriptor to generate a second digital signature that is compared to the digital signature received from the authority 504 in the content package. Assuming the permissions list and the content descriptor are authentic, the method proceeds to block 616.
[0070] At block 618, the content viewer processes the content package and determines that it contains a content descriptor that identifies the content data. For example, the content descriptor is an address (URL) to the content, which is located at the content server 506. [0071] At block 620, the content viewer transmits a request to the content server to receive the content. For example, the content viewer 514 transmits a request to the content server 506 over the wireless network 502, as shown at path 5e. The request is a request to receive the content pointed to by the content descriptor. [0072] At block 622, in response to the request, the content server transmits the content to the wireless device. For example, the content server 506 receives the request, and in response, transmits the content identified by the content descriptor to the wireless device 508, as shown at path 5f.
[0073] At block 624, the content viewer then renders the content on the device. When the content is rendered, the content viewer uses the restrictions provided in the permission list to apply to the content so that the content is restricted from accessing selected functions, features, device settings, and/or specific information stored on the device. Virtually any type of resource or operational restriction may be provided based on the permissions in the permissions list. Thus, the restriction system allows the device 508 to download content from remote servers and render the content knowing that the restriction system has restricted the content so that device resources or information will not be access without proper authorization. The restriction of the content occurs without burdening the device user with having to determine when and how to restrict the content.
[0074] Although the method 600 describes the use of a content package that comprises a permissions list, content descriptor and digital signature, in one or more embodiments, a content package is not used. For example, the permissions list, content descriptor, and modification detection indicator may be transmitted to the wireless device from the same or different sources. Thus, a content provider may transmit the content descriptor, a device server may transmit the permissions list, and an authority may transmit the modification detection indicator. In another embodiment, the modification detection indicator is incorporated into the permissions list and/or the content descriptor. Virtually any combination of the information is possible, and the information may be transmitted to the device from one or any number of transmitting sources. [0075] In one embodiment, the wireless device operates to authenticate that the modification detection indicator was generated by the proper authority. For example, any type of encoding, encryption, credentials, etc., may be used to authenticate the modification detection indicator. Once the modification detection indicator is authenticated, it is used to authenticate the permissions list and the content descriptor. Thus, no matter how the information is transmitted to the device, the authentication process allows the device to verify that it has the authentic information, which may be used to safely render the content on the device.
[0076] The method 600 is intended to be illustrative and not limiting of the operation of the various embodiments described herein. For example, it would be obvious to one with skill in the art to make minor changes, additions or deletions to any of the described methods. Furthermore, the described method steps may be combined, rearranged or reordered without deviating from the scope of the described embodiments. [0077] FlG. 7 shows one embodiment of an authority 700 suitable for implementing one or more embodiments of a restriction system as described herein. The authority 700 and all its functional blocks may be implemented as software, hardware, or both. In one embodiment the functional blocks are implemented as instructions stored in memory 708 and executed by processing logic 702. In another embodiment, some of the functional blocks such as the package generator 712 may be implemented as special purpose hardware (i.e., a gate array) or any other hardware, logic, or circuit capable of providing the described functionality.
[0078] A network interface 706 operates to provide communications 714 between the authority and a data network. The network interface 706 allows the authority 700 to communicate with content servers, devices, and other network entities. [0079] A user interface 710 operates to provide interaction between the authority 700 and a user via the user input 716. The user interface 710 is used to allow a user to communicate operating parameters to the processing logic 702.
[0080] In one embodiment, the package generator logic 712 operates to receive content and a permissions list, evaluate the permissions list, and approve or disapprove it. In another embodiment, the package logic 712 operates to generate a permissions list based on the received content and other parameters. Once an authorized permissions list is obtained, the logic 712 operates to binding the permissions list and the content using a modification detection indicator, such as a digital signature. The content, permissions list, and digital signature are then combined into a content package that is transmitted to a device via the network interface 706.
[0081] It should be noted that the device 700 illustrates just one embodiment of an authority suitable for implementing a restriction system as described herein. It is also possible to implement a restriction system using different functional elements, rearranging the elements, or using a different type of device. Thus, the embodiments described herein are not limited to the implementation shown in FIG. 7. [0082] FIG. 8 shows one embodiment of device 800 suitable for implementing one or more embodiments of a restriction system as described herein. The device 800 comprises processing logic 802, internal bus 804, network interface 806, rendering logic 812, memory 808, and user interface 810. In one embodiment, all the functional blocks of the device 800 are implemented as instructions stored in the memory 808 and executed by processing logic 802. In another embodiment, some of the functional blocks such as the content viewer 116 may be implemented as special purpose hardware (i.e., a gate array) connected to the bus 804, or as any other hardware circuit capable of providing the required functionality. The network interface 806 may use any means of transferring, storing or copying data including a network connection 816 that may be coupled to local or remote networks, devices, or systems.
[0083] In one embodiment, the processing logic 802 executes program instructions stored in the memory 808 that cause a runtime environment 814 to be activated. The runtime environment 814 processes a content package received via the network interface 806, and in response, activates a content viewer 116. The content viewer 116 operates to render content contained in the content package using the rendering logic 812. The content viewer renders the content using restrictions based on a permissions list provided in the content package. In one embodiment, the content package includes a content descriptor that identifies the location of the content to be rendered. The content viewer 116 uses the content descriptor to obtain the content from the specified location via the network interface 806. Once obtained, the content is rendered via the rendering logic 812.
[0084] It should be noted that the device 800 illustrates just one embodiment of a device suitable for implementing a restriction system as described herein. It is also possible to implement a restriction system using different functional elements, rearranging the elements, or using a different type of device. Thus, the embodiments described herein are not limited to the implementation shown in FIG. 8.
Restriction Override
[0085] In one embodiment, the device user may override access rights or restrictions provided in the permissions list. For example, by providing specific user inputs, the user may override access rights provided in the permissions list to prevent an application or content from accessing a specific device resource or stored information. Thus, the device user maintains the ability to control access to device resources even if access to those resources is not granted in the permissions list.
[0086] A restriction system has been described that includes methods and apparatus to enforce application level restrictions on local and remote applications and content rendered on a wireless device. The system is suitable for use with all types of wireless devices and is especially well suited for use with mobile telephones to provide access to a wide range of network resources while providing restrictions to protect feature, functions, settings, information and other device systems.
[0087] Accordingly, while one or more embodiments of methods and apparatus for enforcing application level restrictions have been illustrated and described herein, it will be appreciated that various changes can be made to the embodiments without departing from their spirit or essential characteristics. Therefore, the disclosures and descriptions herein are intended to be illustrative, but not limiting, of the scope of the invention, which is set forth in the following claims.
I CLAIM:

Claims

1. A method for use in a device to enforce restrictions on content rendered by the device, the method comprising: receiving a permissions list associated with the content; receiving a content descriptor that identifies the content; receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor; retrieving the content identified by the content descriptor; and rendering the content on the device, wherein the content is restricted based on the permissions list.
2. The method of claim 1 , wherein the step of retrieving comprises retrieving the content from a data network at a location identified by the content descriptor.
3. The method of claim 1, wherein the content descriptor includes the content and the step of retrieving comprises retrieving the content from the content descriptor.
4. The method of claim 1, wherein the step of receiving the permissions list comprises receiving the permissions list from the authority.
5. The method of claim 1, wherein the step of receiving the content descriptor comprises receiving the content descriptor from the authority.
6. The method of claim 1, wherein the step of receiving the permissions list comprises receiving the permissions list from a content provider.
7. The method of claim 1, wherein the modification detection indicator is a digital signature.
8. The method of claim 1, wherein the device is a wireless device.
9. A device for rendering content, comprising: receiving logic that operates to obtain a permissions list, content descriptor, and a modification detection indicator that was created by an authority; rendering logic that operates to verify the modification detection indicator, obtain content identified by the content descriptor, and render the content on the device, wherein the content is restricted based on the permissions list.
10. The device of claim 9, wherein the device is a wireless device.
11. The device of claim 9, wherein the modification detection indicator is a digital signature.
12. The device of claim 9, wherein the content descriptor includes the content and the rendering logic operates to obtain the content from the content descriptor.
13. A device that operates to enforce restrictions on downloadable content that is rendered on the device, the device comprising: means for receiving a permissions list associated with the content; means for receiving a content descriptor that identifies the content; means receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor; means for retrieving the content identified by the content descriptor; and means for rendering the content on the device, wherein the content is restricted based on the permissions list.
14. The device of claim 13, wherein the means for retrieving comprises means for retrieving the content from a data network at a location identified by the content descriptor.
15. The device of claim 13, wherein the content descriptor includes the content and the means for retrieving comprises means for retrieving the content from the content descriptor.
16. The device of claim 13, wherein the means for receiving the permissions list comprises means for receiving the permissions list from the authority.
17. The device of claim 13, wherein the means for receiving the content descriptor comprises means for receiving the content descriptor from the authority.
18. The device of claim 13, wherein the means for receiving the permissions list comprises means for receiving the permissions list from a content provider.
19. The device of claim 13, wherein the modification detection indicator is a digital signature.
20. The device of claim 13, wherein the device is a wireless device.
21. A computer-readable media comprising instructions that when executed by a processor in a wireless device enforces restrictions on content rendered by the device, the computer readable media comprising: instructions for receiving a permissions list associated with the content; instructions for receiving a content descriptor that identifies the content; instructions receiving a modification detection indicator that was created by an authority, wherein the modification detection indicator binds the permissions list and the content descriptor; instructions for retrieving the content identified by the content descriptor; and instructions for rendering the content on the device, wherein the content is restricted based on the permissions list.
22. The computer readable media of claim 21, wherein the instructions for retrieving comprises instructions for retrieving the content from a data network at a location identified by the content descriptor.
23. The computer readable media of claim 21, wherein the content descriptor includes the content and the instructions for retrieving comprises instructions for retrieving the content from the content descriptor.
24. The computer readable media of claim 21, wherein the instructions for receiving the permissions list comprises instructions for receiving the permissions list from the authority.
25. The computer readable media of claim 21, wherein the instructions for receiving the content descriptor comprises instructions for receiving the content descriptor from the authority.
26. The computer readable media of claim 21, wherein the instructions for receiving the permissions list comprises instructions for receiving the permissions list from a content provider.
27. The computer readable media of claim 21, wherein the modification detection indicator is a digital signature.
28. A method for generating a content package that is used to enforce restrictions on content rendered on a device, the method comprising: authorizing a permissions list associated with the content; receiving a content descriptor that describes the content; and generating a modification detection indicator that binds the permissions list and the content descriptor.
29. The method of claim 28, wherein the step of authorizing the permissions list comprises generating the permissions list.
30. The method of claim 28, wherein the step of receiving the content descriptor comprises receiving the content descriptor which includes the content.
31. The method of claim 28, wherein the step of generating a modification detection indicator is a step of generating a digital signature.
32. Apparatus for generating a content package that is used to enforce restrictions on content rendered on a device, the apparatus comprising: approval logic that operates to authorize a permissions list associated with the content; receiving logic that operates to receive a content descriptor that describes the content; and generating logic that operates to generate a modification detection indicator that binds the permissions list and the content descriptor.
33. The apparatus of claim 32, wherein the approval logic comprises logic to generate the permissions list.
34. The apparatus of claim 32, wherein the content descriptor includes the content.
35. The apparatus of claim 32, wherein the generating logic comprises logic to generate a digital signature as the detection modification indicator.
36. Apparatus for generating a content package that is used to enforce restrictions on content rendered on a device, comprising: means for authorizing a permissions list associated with the content; means for receiving a content descriptor that describes the content; and means for generating a modification detection indicator that binds the permissions list and the content descriptor.
37. The apparatus of claim 36, wherein the means for authorizing the permissions list comprises means for generating the permissions list.
38. The apparatus of claim 36, wherein the content descriptor includes the content.
39. The apparatus of claim 36, wherein the means for generating a modification detection indicator comprises means for generating a digital signature.
40. A computer-readable media comprising instructions that when executed by a processor generate a content package that is used to enforce restrictions on content rendered on a device, the computer readable media comprising: instructions for receiving a permissions list associated with the content; instructions for receiving a content descriptor that identifies the content; and instructions generating a modification detection indicator that binds the permissions list and the content descriptor.
41. The computer readable media of claim 40, wherein the instructions for receiving the permissions list comprise instructions for generating the permissions list.
42. The computer readable media of claim 40, wherein the content descriptor includes the content.
43. The computer readable media of claim 40, wherein the instructions for generating a modification detection indicator comprise instructions for generating a digital signature.
44. The computer readable media of claim 40, further comprising instructions for authorizing the permissions list.
PCT/US2005/041327 2004-11-16 2005-11-15 Methods and apparatus for enforcing application level restrictions on local and remote content WO2006055544A2 (en)

Priority Applications (5)

Application Number Priority Date Filing Date Title
EP05851662A EP1813108A4 (en) 2004-11-16 2005-11-15 Methods and apparatus for enforcing application level restrictions on local and remote content
KR1020077013650A KR100875798B1 (en) 2004-11-16 2005-11-15 Method and apparatus for enforcing application level restrictions on local and remote content
BRPI0518017-1A BRPI0518017A (en) 2004-11-16 2005-11-15 methods and equipment for enforcing application restrictions on local and remote content
CN2005800464772A CN101099385B (en) 2004-11-16 2005-11-15 Methods and apparatus for enforcing application level restrictions on local and remote content
JP2007543171A JP2008521134A (en) 2004-11-16 2005-11-15 Method and apparatus for enforcing application level restrictions on local and remote content

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/990,664 2004-11-16
US10/990,664 US20060107327A1 (en) 2004-11-16 2004-11-16 Methods and apparatus for enforcing application level restrictions on local and remote content

Publications (2)

Publication Number Publication Date
WO2006055544A2 true WO2006055544A2 (en) 2006-05-26
WO2006055544A3 WO2006055544A3 (en) 2007-03-29

Family

ID=36388006

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2005/041327 WO2006055544A2 (en) 2004-11-16 2005-11-15 Methods and apparatus for enforcing application level restrictions on local and remote content

Country Status (8)

Country Link
US (1) US20060107327A1 (en)
EP (1) EP1813108A4 (en)
JP (2) JP2008521134A (en)
KR (1) KR100875798B1 (en)
CN (1) CN101099385B (en)
BR (1) BRPI0518017A (en)
TW (1) TW200633530A (en)
WO (1) WO2006055544A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100998923B1 (en) * 2006-12-05 2010-12-09 삼성전자주식회사 Method and Apparatus for transmitting contents with authorized control of system
US8370957B2 (en) * 2006-12-05 2013-02-05 Samsung Electronics Co., Ltd Method and apparatus for transmitting contents with limited system permissions
US9100403B2 (en) 2008-12-28 2015-08-04 Qualcomm, Incorporated Apparatus and methods for providing authorized device access

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100680296B1 (en) * 2005-04-15 2007-02-07 주식회사 케이티프리텔 Method for providing continuous downloading service of large size contents through wireless network and record media recored program for realizing the same
JP2008515046A (en) * 2005-04-15 2008-05-08 ケーティーフリーテル・カンパニー・リミテッド How to provide content
EP1944726A4 (en) * 2005-11-02 2010-05-05 Panasonic Corp Information communicating device, server, and content presenting method
US20070150617A1 (en) * 2005-12-22 2007-06-28 Innopath Software, Inc. Resource application program interface utility for changing user interface elements on wireless devices
US20070150816A1 (en) * 2005-12-22 2007-06-28 Innopath Software, Inc. User interface authoring utility for changing user interface elements on wireless devices
US8326296B1 (en) 2006-07-12 2012-12-04 At&T Intellectual Property I, L.P. Pico-cell extension for cellular network
US8312518B1 (en) * 2007-09-27 2012-11-13 Avaya Inc. Island of trust in a service-oriented environment
EP2045756A3 (en) 2007-10-04 2011-11-23 Samsung Electronics Co., Ltd. Method and apparatus for transmitting contents with limited system permissions
US8041372B1 (en) 2007-11-26 2011-10-18 Adobe Systems Incorporated Selecting data in a mobile information system
US8677476B2 (en) * 2007-11-26 2014-03-18 Adobe Systems Incorporated Providing remotely defined security data to a local application extension
US8281390B1 (en) 2007-11-26 2012-10-02 Adobe Systems Incorporated Remotely defining security data for authorization of local application activity
US8413233B1 (en) 2007-11-26 2013-04-02 Adobe Systems Incorporated Authorizing local application activity using remotely defined security data
US8214619B1 (en) 2007-11-26 2012-07-03 Adobe Systems Incorporated Memory allocation in a mobile device
US8094551B2 (en) 2008-05-13 2012-01-10 At&T Mobility Ii Llc Exchange of access control lists to manage femto cell coverage
US8719420B2 (en) 2008-05-13 2014-05-06 At&T Mobility Ii Llc Administration of access lists for femtocell service
US20100041365A1 (en) 2008-06-12 2010-02-18 At&T Mobility Ii Llc Mediation, rating, and billing associated with a femtocell service framework
US8520570B2 (en) * 2008-06-17 2013-08-27 Nintendo Co., Ltd. Data communication system, information processing apparatus and storage medium having stored thereon information processing program
JP4334602B1 (en) * 2008-06-17 2009-09-30 任天堂株式会社 Information processing apparatus, information processing system, and information processing program
US8510838B1 (en) * 2009-04-08 2013-08-13 Trend Micro, Inc. Malware protection using file input/output virtualization
US8433296B2 (en) 2009-05-01 2013-04-30 Ryan Hardin Exclusive delivery of content within geographic areas
US8510801B2 (en) 2009-10-15 2013-08-13 At&T Intellectual Property I, L.P. Management of access to service in an access point
US8799355B2 (en) * 2009-11-03 2014-08-05 Microsoft Corporation Client server application manager
US20110239270A1 (en) * 2010-03-26 2011-09-29 Nokia Corporation Method and apparatus for providing heterogeneous security management
US9721090B2 (en) * 2010-04-29 2017-08-01 Safend Ltd. System and method for efficient inspection of content
US9652542B2 (en) * 2011-04-06 2017-05-16 Teradata Us, Inc. Securely extending analytics within a data warehouse environment
US8818339B2 (en) * 2011-10-10 2014-08-26 Blackberry Limited Capturing and processing multi-media information using mobile communication devices
JP6261933B2 (en) * 2012-10-16 2018-01-17 日本放送協会 Broadcast communication cooperative receiver and broadcast communication cooperative system
US9058493B1 (en) * 2013-01-16 2015-06-16 Amdocs Software Systems Limited System, method, and computer program for conditionally implementing protected content
US20140282886A1 (en) * 2013-03-14 2014-09-18 TollShare, Inc. Content list sharing
JP2016540287A (en) 2013-10-18 2016-12-22 ノキア テクノロジーズ オサケユイチア Method and system for running applications on electronic devices and monitoring permissions
US9342672B2 (en) * 2014-01-29 2016-05-17 Dspace Digital Signal Processing And Control Engineering Gmbh Computer-implemented method for managing at least one data element in control unit development

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6345288B1 (en) * 1989-08-31 2002-02-05 Onename Corporation Computer-based communication system and method using metadata defining a control-structure
US6505300B2 (en) * 1998-06-12 2003-01-07 Microsoft Corporation Method and system for secure running of untrusted content
JP3992396B2 (en) * 1999-03-31 2007-10-17 株式会社リコー Electronic document management apparatus, electronic document management method, and computer-readable recording medium storing program for causing computer to execute the method
US6981262B1 (en) * 2000-06-27 2005-12-27 Microsoft Corporation System and method for client interaction in a multi-level rights-management architecture
US6704024B2 (en) * 2000-08-07 2004-03-09 Zframe, Inc. Visual content browsing using rasterized representations
US7743259B2 (en) * 2000-08-28 2010-06-22 Contentguard Holdings, Inc. System and method for digital rights management using a standard rendering engine
WO2002065258A2 (en) * 2001-02-13 2002-08-22 Qualcomm Incorporated Method and apparatus for authenticating embedded software in a remote unit over a communications channel
WO2002088911A2 (en) * 2001-04-30 2002-11-07 Nokia Corporation Protection of content reproduction using digital rights
US7099663B2 (en) * 2001-05-31 2006-08-29 Qualcomm Inc. Safe application distribution and execution in a wireless environment
BR0211884A (en) * 2001-08-13 2004-09-21 Qualcomm Inc Using Permissions to Allocate Device Resources for an Application
US7921287B2 (en) * 2001-08-13 2011-04-05 Qualcomm Incorporated Application level access privilege to a storage area on a computer device
JP2003202929A (en) * 2002-01-08 2003-07-18 Ntt Docomo Inc Distribution method and distribution system
JP2005517244A (en) * 2002-02-07 2005-06-09 クアルコム ケンブリッジ リミテッド Method and apparatus for providing content to portable terminal
WO2003083646A1 (en) * 2002-04-03 2003-10-09 Ntt Docomo, Inc. Distribution method, distribution system, and terminal device
US7529929B2 (en) * 2002-05-30 2009-05-05 Nokia Corporation System and method for dynamically enforcing digital rights management rules
JP3819345B2 (en) * 2002-08-30 2006-09-06 株式会社エヌ・ティ・ティ・データ IC chip and application providing system
US20040148356A1 (en) * 2002-11-04 2004-07-29 Bishop James William System and method for private messaging
JP4176533B2 (en) * 2003-03-31 2008-11-05 株式会社エヌ・ティ・ティ・ドコモ Terminal device and program
US8041957B2 (en) * 2003-04-08 2011-10-18 Qualcomm Incorporated Associating software with hardware using cryptography
US7500267B2 (en) * 2004-04-30 2009-03-03 Microsoft Corporation Systems and methods for disabling software components to protect digital media
US7761863B2 (en) * 2004-06-08 2010-07-20 Covia Labs, Inc. Method system and data structure for content renditioning adaptation and interoperability segmentation model

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of EP1813108A4 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100998923B1 (en) * 2006-12-05 2010-12-09 삼성전자주식회사 Method and Apparatus for transmitting contents with authorized control of system
US8370957B2 (en) * 2006-12-05 2013-02-05 Samsung Electronics Co., Ltd Method and apparatus for transmitting contents with limited system permissions
US9100403B2 (en) 2008-12-28 2015-08-04 Qualcomm, Incorporated Apparatus and methods for providing authorized device access

Also Published As

Publication number Publication date
KR100875798B1 (en) 2008-12-26
TW200633530A (en) 2006-09-16
EP1813108A4 (en) 2013-01-02
WO2006055544A3 (en) 2007-03-29
CN101099385B (en) 2013-03-27
JP2012053894A (en) 2012-03-15
EP1813108A2 (en) 2007-08-01
US20060107327A1 (en) 2006-05-18
KR20070086318A (en) 2007-08-27
CN101099385A (en) 2008-01-02
JP2008521134A (en) 2008-06-19
BRPI0518017A (en) 2008-10-21

Similar Documents

Publication Publication Date Title
KR100875798B1 (en) Method and apparatus for enforcing application level restrictions on local and remote content
US9985969B1 (en) Controlling use of computing-related resources by multiple independent parties
Jackson et al. Subspace: secure cross-domain communication for web mashups
KR101219819B1 (en) Flexible licensing architecture for licensing digital application
KR101409634B1 (en) Methods and apparatus for content protection in a wireless network
US7540024B2 (en) Security features for portable computing environment
EP0845733B1 (en) Implementing digital signatures for data streams and data archives
EP2334027B1 (en) Method for scalable access control decisions
EP1132796A1 (en) Mobile code and method for resource management for mobile code
AU2001244194A1 (en) Mobile code and method for resource management for mobile code
JPH09288575A (en) System and method for managing try-and-by usage for application program
US20090125987A1 (en) Digital rights management
AU2005222507B2 (en) Portable computing environment
CN101547202A (en) Method for processing security level of device on the net
US8474055B2 (en) Method and apparatus for managing digital content
KR20060108093A (en) Method and apparatus for presenting contents service using drm
EP1462909B1 (en) A computer for managing data sharing among application programs
KR101249343B1 (en) Method for protection of a digital rights file
JP3888273B2 (en) External program operation control method, operation control program, operation control apparatus, and operation control program providing apparatus
US20080282258A1 (en) Sharing the common session between two applications on the same server
KR100662460B1 (en) Method and system of content download
KR20060117786A (en) Method and apparatus for providing multi-media contents service using drm
JP2006058994A (en) Module starting device, method and system
JP2007525738A (en) Download multiple objects

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2005851662

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2007543171

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 4241/DELNP/2007

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 1020077013650

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 200580046477.2

Country of ref document: CN

WWP Wipo information: published in national office

Ref document number: 2005851662

Country of ref document: EP

ENP Entry into the national phase

Ref document number: PI0518017

Country of ref document: BR