公开(公告)号：US08595489B1

公开(公告)日：2013-11-26

申请号：US13668493

申请日：2012-11-05

Applicant: Google Inc.

Inventor： Alexander Faaborg ,  Adrian Ludwig

IPC: H04L29/06

CPC classification number: H04W12/02 ,  H04W12/08

Abstract: The present disclosure provides a system and method for a mobile device to run an application that requires one or more permissions. The mobile device may comprise a screen and a processor. The one or more permissions may be displayed graphically on the screen prior to the application being installed by the processor.

Abstract translation: 本公开提供了一种用于移动设备运行需要一个或多个许可的应用的系统和方法。 移动设备可以包括屏幕和处理器。 一个或多个权限可以在应用程序被处理器安装之前以图形方式显示在屏幕上。

公开(公告)号：US09195831B1

公开(公告)日：2015-11-24

申请号：US14268486

申请日：2014-05-02

Applicant: Google Inc.

Inventor： Curtis Gerald Condra ,  Adrian Ludwig ,  Colin Cross ,  Kenneth Root

IPC: H04L29/06 ,  G06F21/57 ,  G06F11/14

CPC classification number: G06F21/575 ,  G06F11/1417 ,  G06F2221/034

Abstract: A user-provided keystore may be utilized in a boot process to verify a boot image as disclosed herein. A device may be determined to be in a locked or verified state. A selected keystore may be determined to not verify against a first key such as a root key. A user may provide a keystore to a device. The system may display a prompt to the user which asks whether the user would like to continue to boot or not, if the system determines that the keystore does not verify against the first key. The user may respond to the prompt by indicating a desire to continue booting. The system may determine that the boot image verifies against the keystore and finish booting the device. Thus, the prompt may alert the user to a threat to the integrity of the boot process or device.

Abstract translation: 可以在引导过程中使用用户提供的密钥库来验证如本文所公开的引导映像。 可以确定设备处于锁定或验证状态。 可以确定所选择的密钥库不能针对诸如根密钥的第一密钥进行验证。 用户可以向设备提供密钥库。 如果系统确定密钥库不针对第一个密钥进行验证，系统可能会向用户显示一个提示，询问用户是否要继续启动。 用户可以通过指示继续引导的愿望来响应提示。 系统可以确定引导映像针对密钥库进行验证并完成启动设备。 因此，提示可以提醒用户对引导过程或设备的完整性的威胁。

公开(公告)号：US20140096246A1

公开(公告)日：2014-04-03

申请号：US13633093

申请日：2012-10-01

Applicant: Google Inc.

Inventor： Michael Gerard Morrissey ,  Richard Cannings ,  Joseph Benjamin Gruver ,  Angana Ghosh ,  Jonathan Bruce Larimer ,  Andrew Devron Stadler ,  Panayiotis Mavrommatis ,  Niels Holger Gerhard Konstantin Provos ,  Adrian Ludwig

IPC: G06F21/00

CPC classification number: G06F21/51 ,  G06F21/56 ,  H04L63/12 ,  H04W12/1208

Abstract: Systems, methods, routines and/or techniques are described to protect users from undesirable content, for example, on an open platform. One or more embodiments may prevent the installation of an application package or warn a user if the application package may be undesirable (e.g., because it may contain malware). In one or more embodiments, a method may include receiving a first request to install an application package, and receiving and/or capturing metadata related to the application package. The method may include communicating a second request (e.g., including the metadata) to a remote server, such that the remote server can determine whether the application package may be undesirable. The method may include receiving a response from the remote server, where the response may indicate whether the application package may be undesirable, and initiating installation of the application package if the application package is determined to be safe and/or acceptable.

Abstract translation: 描述系统，方法，例程和/或技术来保护用户免受不期望的内容，例如在开放平台上。 如果应用程序包可能是不期望的（例如，因为它可能包含恶意软件），则一个或多个实施例可以阻止安装应用程序包或警告用户。 在一个或多个实施例中，方法可以包括接收安装应用程序包的第一请求，以及接收和/或捕获与应用程序包相关的元数据。 该方法可以包括将第二请求（例如，包括元数据）传送到远程服务器，使得远程服务器可以确定应用程序包是否是不期望的。 该方法可以包括从远程服务器接收响应，其中响应可以指示应用包是否是不期望的，以及如果应用包被确定为安全的和/或可接受的，则启动应用包的安装。

公开(公告)号：US09633184B2

公开(公告)日：2017-04-25

申请号：US14291677

申请日：2014-05-30

Applicant: Google Inc.

Inventor： Maya Ben Ari ,  Mayank Upadhyay ,  Adrian Ludwig ,  Tal Dayan

IPC: G06F21/31 ,  G06N99/00 ,  H04W12/06 ,  H04L29/08 ,  H04W12/08 ,  H04W88/02

CPC classification number: G06F21/31 ,  G06N99/005 ,  H04L67/306 ,  H04W12/06 ,  H04W12/08 ,  H04W88/02

Abstract: Systems and techniques are provided for dynamic authorization. A signal may be received from a sensor. A concept may be determined from the signal. The concept may be a location of a computing device, an action being performed with the computing device, an identity of a user of the computing device, or a temporal context for the computing device. A current pattern may be determined from the concept. The current pattern may be matched to a stored pattern. The stored pattern may be associated with a security outcome. The security outcome may be sent to be implemented. A security message may displayed indicating the security outcome and part of the stored pattern that was matched to the current pattern. The security outcome may be causing presentation of an authentication prompt or not causing presentation of an authentication prompt.

公开(公告)号：US09143906B2

公开(公告)日：2015-09-22

申请号：US13934176

申请日：2013-07-02

Applicant: Google Inc.

Inventor： Adrian Ludwig ,  Robert J. Greenwalt, III ,  Winthrop Lyon Saville, III ,  Nicholas Neil Kralevich, IV ,  Jake Hamby ,  Randall Sarafa ,  Alexander Faaborg

IPC: H04W4/00 ,  H04W4/14 ,  H04L12/58 ,  H04W4/24 ,  H04M1/725 ,  H04M11/00

CPC classification number: H04W4/14 ,  H04L51/00 ,  H04L51/38 ,  H04M1/72552 ,  H04M1/72577 ,  H04M2215/28 ,  H04M2250/10 ,  H04W4/24

Abstract: A device includes at least one processor, a messaging service operable by the at least one processor to determine whether an outgoing message is a likely premium message, and a user interface module operable by the at least one processor to responsive to determining that outgoing message is the likely premium message, output, for display, a prompt for confirmation to send the outgoing message to a likely premium code, and receive an indication of input detected within the prompt for confirmation. The module is further operable by the at least one processor to selectively send, based at least in part on the received indication of the user input, the outgoing message to the likely premium code.

Abstract translation: 一种设备包括至少一个处理器，由至少一个处理器可操作的消息传递服务，以确定传出消息是否是可能的溢价消息，以及由所述至少一个处理器可操作以响应于确定传出消息是 可能的溢价消息，输出，用于显示，提示确认将输出消息发送到可能的溢价代码，以及接收在提示中检测到的输入的指示以进行确认。 所述模块还可由所述至少一个处理器操作，至少部分地基于所接收的用户输入的指示，将所述输出消息选择性地发送到所述可能的溢价代码。

公开(公告)号：US08613094B1

公开(公告)日：2013-12-17

申请号：US13717240

申请日：2012-12-17

Applicant: Google Inc.

Inventor： Nico Falliere ,  Richard Cannings ,  Joseph Benjamin Gruver ,  Jonathan Bruce Larimer ,  Sebastian Johannes Porst ,  Curtis Gerald Condra ,  Adrian Ludwig

IPC: G06F11/00

CPC classification number: G06F21/57 ,  G06F11/3003 ,  G06F11/3055 ,  G06F21/577 ,  G06F2201/865 ,  G06F2221/033 ,  G06F2221/2125 ,  G06F2221/2127

Abstract: An application distribution server may be operable to perform an application distribution process for an application, where the application distribution process may comprise a plurality of phases. The plurality of phases may comprise, in sequence, a developer account creation phase, a risk assessment phase, an application upload phase, an application publication phase, an application promotion phase and an application download phase. The application distribution server may detect, at each of the plurality of phases, whether a particular behavior corresponding to use of the application to distribute undesirable software may occur. In instances when an occurrence of the particular behavior is detected at a certain phase in the application distribution process, the application distribution server may continue, utilizing a trap system, one or more subsequent phases after the certain phase for the application, without communicating information on the detection of the occurrence of the particular behavior.

Abstract translation: 应用分发服务器可以用于对应用执行应用分发过程，其中应用分发过程可以包括多个阶段。 多个阶段可以依次包括开发者帐户创建阶段，风险评估阶段，应用上传阶段，应用发布阶段，应用促进阶段和应用下载阶段。 应用分发服务器可以在多个阶段的每个阶段检测是否可能发生与应用的使用相对应的特定行为来分发不期望的软件。 在应用分发过程中在特定阶段检测到特定行为的发生的情况下，应用分发服务器可以使用陷阱系统继续在应用的特定阶段之后的一个或多个后续阶段，而不传递关于 检测特定行为的发生。

公开(公告)号：US09710652B1

公开(公告)日：2017-07-18

申请号：US14946863

申请日：2015-11-20

Applicant: Google Inc.

Inventor： Curtis Gerald Condra ,  Adrian Ludwig ,  Colin Cross ,  Kenneth Root

IPC: G06F15/177 ,  G06F21/57

CPC classification number: G06F21/575 ,  G06F11/1417 ,  G06F2221/034

Abstract: A user-provided keystore may be utilized in a boot process to verify a boot image as disclosed herein. A device may be determined to be in a locked or verified state. A selected keystore may be determined to not verify against a first key such as a root key. A user may provide a keystore to a device. The system may display a prompt to the user which asks whether the user would like to continue to boot or not, if the system determines that the keystore does not verify against the first key. The user may respond to the prompt by indicating a desire to continue booting. The system may determine that the boot image verifies against the keystore and finish booting the device. Thus, the prompt may alert the user to a threat to the integrity of the boot process or device.

公开(公告)号：US20150347725A1

公开(公告)日：2015-12-03

申请号：US14291677

申请日：2014-05-30

Applicant: Google Inc.

Inventor： Maya Ben Ari ,  Mayank Upadhyay ,  Adrian Ludwig ,  Tal Dayan

IPC: G06F21/31 ,  G06N99/00

CPC classification number: G06F21/31 ,  G06N99/005 ,  H04L67/306 ,  H04W12/06 ,  H04W12/08 ,  H04W88/02

Abstract: Systems and techniques are provided for dynamic authorization. A signal may be received from a sensor. A concept may be determined from the signal. The concept may be a location of a computing device, an action being performed with the computing device, an identity of a user of the computing device, or a temporal context for the computing device. A current pattern may be determined from the concept. The current pattern may be matched to a stored pattern. The stored pattern may be associated with a security outcome. The security outcome may be sent to be implemented. A security message may displayed indicating the security outcome and part of the stored pattern that was matched to the current pattern. The security outcome may be causing presentation of an authentication prompt or not causing presentation of an authentication prompt.

Abstract translation: 提供了动态授权的系统和技术。 可以从传感器接收信号。 可以根据信号确定概念。 该概念可以是计算设备的位置，与计算设备一起执行的动作，计算设备的用户的身份或计算设备的时间上下文。 可以从该概念确定当前模式。 当前图案可以与存储的图案匹配。 存储的模式可以与安全结果相关联。 安全性结果可能被发送执行。 可能会显示安全消息，指示安全结果和与当前模式匹配的存储模式的一部分。 安全性结果可能导致认证提示的显示或不引起认证提示的呈现。

公开(公告)号：US20140274172A1

公开(公告)日：2014-09-18

申请号：US13934176

申请日：2013-07-02

Applicant: Google Inc.

Inventor： Adrian Ludwig ,  Robert J. Greenwalt, III ,  Winthrop Lyon Saville, III ,  Nicholas Neil Kralevich, IV ,  Jake Hamby ,  Randall Sarafa ,  Alexander Faaborg

IPC: H04W4/14

CPC classification number: H04W4/14 ,  H04L51/00 ,  H04L51/38 ,  H04M1/72552 ,  H04M1/72577 ,  H04M2215/28 ,  H04M2250/10 ,  H04W4/24

Abstract: A device includes at least one processor, a messaging service operable by the at least one processor to determine whether an outgoing message is a likely premium message, and a user interface module operable by the at least one processor to responsive to determining that outgoing message is the likely premium message, output, for display, a prompt for confirmation to send the outgoing message to a likely premium code, and receive an indication of input detected within the prompt for confirmation. The module is further operable by the at least one processor to selectively send, based at least in part on the received indication of the user input, the outgoing message to the likely premium code.

Abstract translation: 一种设备包括至少一个处理器，由至少一个处理器可操作的消息传递服务，以确定传出消息是否是可能的溢价消息，以及由所述至少一个处理器可操作以响应于确定传出消息是 可能的溢价消息，输出，用于显示，提示确认将输出消息发送到可能的溢价代码，以及接收在提示中检测到的输入的指示以进行确认。 所述模块还可由所述至少一个处理器操作，至少部分地基于所接收的用户输入的指示，将所述输出消息选择性地发送到所述可能的溢价代码。