公开(公告)号：US10037423B2

公开(公告)日：2018-07-31

申请号：US15787197

申请日：2017-10-18

Applicant: Google LLC

Inventor： Benjamin D. Poiesz ,  Andrew Abramson ,  Roger William Graves

IPC: G06F21/00 ,  G06F21/52 ,  G06F21/62 ,  G06F9/46

CPC classification number: G06F21/52 ,  G06F9/468 ,  G06F21/6209 ,  G06F2221/033

Abstract: Examples described may relate to methods and systems for controlling permission requests for applications running on a computing device to access resources provided by the computing device. A computing device may maintain in memory for a given application responses to permission requests. The computing device may receive responses to a first permission request that includes two selectable options to either allow or deny access to a particular resource. The computing device may determine whether a number of the responses to the first request that indicate to deny access exceeds a predefined threshold. If the number exceeds the threshold, the computing device may provide, at a run-time of the application subsequent to presentation of the first request, and based on the application attempting to access the resource, a modified permission request that includes, in addition to the two selectable options, a selectable option to prevent requesting permission to access the resource.

公开(公告)号：US20180060609A1

公开(公告)日：2018-03-01

申请号：US15790542

申请日：2017-10-23

Applicant: Google LLC

Inventor： Benjamin David Poiesz ,  Andrew Abramson ,  Neel Rao ,  Shawn Willden ,  Andres Guillermo Morales ,  James Brooks Miller

IPC: G06F21/72 ,  G06F21/62 ,  H04L9/32 ,  G06F21/53 ,  H04L9/08 ,  G06F21/74

CPC classification number: G06F21/72 ,  G06F21/53 ,  G06F21/629 ,  G06F21/74 ,  G06F2221/034 ,  G06F2221/2141 ,  H04L9/088 ,  H04L9/3247

Abstract: A computing device executes one or more trusted execution environment (TEE) processes in a TEE of a processor. The one or more TEE processes cryptographically protect a secret and a policy. The policy specifies a plurality of conditions on usage of the secret. A particular non-TEE process generates a request whose fulfillment involves an action requiring use of the secret. Responsive to the request, one or more non-TEE processes determine whether a first subset of the plurality of conditions is satisfied. Responsive to the first subset of the plurality of conditions being satisfied, the one or more TEE processes determine that a second, different subset of the plurality of conditions is satisfied. Responsive to determining the second subset of the plurality of conditions is satisfied, the one or more TEE processes use the secret to perform the action.