Patent application number | Description | Published |
20090064108 | Configuring Software Stacks - The present disclosure is directed to a system and method for configuring software stacks. In some implementations, a method for configuring devices includes automatically identifying one or more applications in the software stack based, at least in part, on at least one of a plurality of identifiable device models or types. The software stack is stored in a device. The one or more applications is automatically configured for execution in the device in accordance with the identified device model. Each of the plurality of identifiable device models is associated with a different configuration of the software stack. | 03-05-2009 |
20090098857 | Securely Locating a Device - Methods, systems, and computer-readable medium for securely locating a mobile device. In one implementation, a method is provided. The method includes receiving first information from a first device, where the first information is usable to identify a geographic location of the first device. The first information is verified as originating from the first device. A first request for the geographic location of the first device is received, where the first request includes second information associated with a user associated with the first device. The geographic location of the first device is provided to the user at a second device. | 04-16-2009 |
20090247124 | PROVISIONING MOBILE DEVICES BASED ON A CARRIER PROFILE - Systems and methods for provisioning computing devices are provided. Carrier provisioning profiles are distributed to computing devices via an activation service during the provisioning process. The carrier provisioning profiles specify access limitations to certain device resources which may otherwise be available to users of the device. | 10-01-2009 |
20090249064 | SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE BASED ON A TRUSTED CACHE - Embodiments include systems and methods for authorizing software code to be executed on a device based on a trusted cache. When receiving a request to execute software, this software may be checked for a digital signature by at least one trusted authority. According, a digest value indicative of at least a portion of the software module may be determined. A cache stored in trusted space of the device is then accessed for a matching digest value. If an entry is found, the device may allow execution of the software module; if an entry is not found, then the device may continue with the cryptographic operations for verifying the software's digital signature, or may be configured to block execution of the software. | 10-01-2009 |
20090249065 | SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE BASED ON AT LEAST ONE INSTALLED PROFILE - Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The profiles allow entities to add software code to the device without reauthorizing each distribution by a trusted authority such as testing, quality assurance, or to limited groups of devices controlled or authorized by the other entities. | 10-01-2009 |
20090249071 | MANAGING CODE ENTITLEMENTS FOR SOFTWARE DEVELOPERS IN SECURE OPERATING ENVIRONMENTS - Systems and methods for managing access to restricted data and system resources in secure operating environments are disclosed. Developer access profiles are issued by trusted authorities to developers which define entitlements that provide limited access to system resources and data on specified computing devices. The developer access profiles allow software developers to write software which accesses parts of the target platform environment which are typically off limits to third party developers. | 10-01-2009 |
20090249075 | SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE IN A DEVICE BASED ON ENTITLEMENTS GRANTED TO A CARRIER - Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments based on at least one carrier profile. Carrier profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The carrier profiles allow entities to add software code to a device without reauthorizing each distribution by the trusted authority, or to limited groups of devices controlled or authorized by the other entities. | 10-01-2009 |
20090254753 | SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE BASED ON ACCESSIBLE ENTITLEMENTS - Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. A request in a first program may be received from a second program. A profile is then identified. The profile includes at least one entitlement associated with the second program. The profile is authenticated based on a first digest indicative of the profile and the second program is authenticated based on a second digest indicative of the second program. The request is then executed based on the entitlement. | 10-08-2009 |
20100029247 | Service Provider Activation - Systems and methods for activating a mobile device for use with a service provider are described. In one exemplary method, a mobile device having a currently inserted SIM card may be prepared for activation using a signing process in which an activation server generates a signed activation ticket that uniquely corresponds to the combination of the device and SIM card, and that is securely stored on the mobile device. In another exemplary method the mobile device may be activated in an activation process in which the device verifies an activation ticket against information specific to the device and SIM card, and initiates activation when the verification of the activation ticket is successful. | 02-04-2010 |
20100313196 | MANAGING SECURELY INSTALLED APPLICATIONS - Embodiments of the present disclosure provide methods and systems for managing securely installed applications. After installation, an installation framework performs a bind process to correlate the randomly assigned identifier with the unique identifier of the application. The installation framework also manages the execution of the application. When an application is launched, the application framework performs a search for that application's randomly assigned identifier and locates the application's container. The application is then allowed to execute within its container. During execution, the software application may also be restricted in various ways by the installation framework to its dynamic containers. The installer may also work with a trusted operating system component, such as the kernel, to help enforce the container restrictions. In addition, if desired, the use of random identifiers for containers may be used in conjunction with other security mechanisms, such as the use of code signing. | 12-09-2010 |
20110010699 | Methods and Systems for Upgrade and Synchronization of Securely Installed Applications on a Computing Device - Embodiments of the present disclosure provide for upgrades and synchronization of applications installed on a device, such as a mobile device. In one embodiment, a device may include applications purchased and downloaded via a content management system. The device maintains a list or database of applications that are authorized for each device. This list is also replicated in a remote cache that is maintained by an archive host. The device may then synchronize and upgrade these applications across multiple platforms, such as one or more computers that can be coupled to the device or the archive host. The archive host allows for files of the application be provided back to the device. Upon installation, the device can then confirm the authorization and identity of the newly installed application. | 01-13-2011 |
20110010701 | Methods and Systems for Archiving and Restoring Securely Installed Applications on a Computing Device - Embodiments of the present disclosure provide methods and systems of backing up applications and their associated data installed on a device, such as a mobile device. In particular, data for a backed-up application is stored on a remote archive host and can be restored to dynamically managed containers of securely installed applications on the device. Upon request, the archive host may provide a package of files to the device. The device may then restore the application based on the contents of the package. The package may comprise all the files needed to install the application including the program code, data, and documents. Alternatively, the package may simply comprise just some of the files, such as just the data or documents for an application. After installation, a secure installer framework may be used to verify the applications and authorize the application's execution on the device. | 01-13-2011 |
20110195751 | Service Provider Activation - Systems and methods for activating a mobile device for use with a service provider are described. In one exemplary method, a mobile device having a currently inserted SIM card may be prepared for activation using a signing process in which an activation server generates a signed activation ticket that uniquely corresponds to the combination of the device and SIM card, and that is securely stored on the mobile device. In another exemplary method the mobile device may be activated in an activation process in which the device verifies an activation ticket against information specific to the device and SIM card, and initiates activation when the verification of the activation ticket is successful. | 08-11-2011 |
20110289483 | AUTOMATED QUALIFICATION OF A BINARY APPLICATION PROGRAM - Methods and systems are disclosed that allow automated qualification of a binary application program. A binary application program submitted from a developer can be automatically examined to determine whether the binary application program complies with rules or guidelines of a platform. If the binary application program complies with the rules or guidelines, the binary application program can be qualified, and can be distributed upon further approval. If the binary application program does not comply with the rules or guidelines, the application program can be rejected and a notification can be sent to the developer. | 11-24-2011 |
20120309377 | OVER-THE-AIR DEVICE CONFIGURATION - Methods, program products, and systems of over-the-air device configuration are disclosed. In general, in one aspect, a mobile device can determine, in an application subsystem of the mobile device, that the mobile device requests an initial setup. The application subsystem can send a request to a baseband subsystem of the mobile device. The request can include an indicator specifying that the baseband subsystem is to operate in a service configuration mode. The mobile device can request the configuration information from a registration server using the baseband subsystem that operates under the service configuration mode. Requesting the configuration information from the server can include connecting to the server over the air using a cellular network, through a specified carrier and under a specified data transfer cap. The mobile device can then configure the mobile device using configuration information received from the server. | 12-06-2012 |
20120310880 | Cloud Storage - Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for data storage. In one aspect, a method includes the actions of identifying a running query from an application; determining one or more data items of a plurality of data items that the application has permission to view according to one or more application specific access policies; and presenting the one or more data items to the application while not presenting other data items of the plurality of data items. | 12-06-2012 |
20130061314 | SECURE SOFTWARE INSTALLATION - Embodiments of the present disclosure provide methods and systems for securely installing software on a computing device, such as a mobile device. In one embodiment, the device executes an installer that securely installs the software. In order to perform installations securely, the installer configures one or more secure containers for the software and installs the software exclusively in these containers. In some embodiments, the installer randomly determines the identifiers for the containers. These identifiers remain unknown to the software to be installed. Instead, an installation framework maintains the correspondence between an application and its container. Other methods and apparatuses are also described. | 03-07-2013 |
20130260833 | SERVICE PROVIDER ACTIVATION - Systems and methods for activating a mobile device for use with a service provider are described. In one exemplary method, a mobile device having a currently inserted SIM card may be prepared for activation using a signing process in which an activation server generates a signed activation ticket that uniquely corresponds to the combination of the device and SIM card, and that is securely stored on the mobile device. In another exemplary method the mobile device may be activated in an activation process in which the device verifies an activation ticket against information specific to the device and SIM card, and initiates activation when the verification of the activation ticket is successful. | 10-03-2013 |
20150082458 | METHODS AND SYSTEMS FOR UPGRADE AND SYNCHRONIZATION OF SECURELY INSTALLED APPLICATIONS ON A COMPUTING DEVICE - Embodiments of the present disclosure provide for upgrades and synchronization of applications installed on a device, such as a mobile device. In one embodiment, a device may include applications purchased and downloaded via a content management system. The device maintains a list or database of applications that are authorized for each device. This list is also replicated in a remote cache that is maintained by an archive host. The device may then synchronize and upgrade these applications across multiple platforms, such as one or more computers that can be coupled to the device or the archive host. The archive host allows for files of the application be provided back to the device. Upon installation, the device can then confirm the authorization and identity of the newly installed application. | 03-19-2015 |