| 发明名称 |
Fine-Grained User Control Over Usages Of Sensitive System Resources Having Private Data With Applications In Privacy Enforcement |
| 摘要 |
A system and method whereby permission is accessed that is to be revoked for an application. The permission involves access to private data of a user via an API of an OS. It is determined, in the application, program point(s) involving access to the private data of the user via the API. For each selected one of the program point(s), code in the application is rewritten to replace a source statement, at the selected program point, that accesses the private data with another statement that allocates a mock object or value based on a type of an actual value returned by the source statement. The mock object or value does not expose the private data of the user. The application with the rewritten code is packaged as an output application able to be subsequently executed by the user, and is output for use by the user. |
| 申请公布号 |
US2016246992(A1) |
申请公布日期 |
2016.08.25 |
| 申请号 |
US201514742904 |
申请日期 |
2015.06.18 |
| 申请人 |
International Business Machines Corporation |
发明人 |
Brutschy Lucas;Ferrara Pietro;Pistoia Marco;Tripp Omer |
| 分类号 |
G06F21/62;G06F9/445 |
主分类号 |
G06F21/62 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A computer-readable storage medium comprising computer-readable code embodied thereon, wherein execution of the computer-readable code by at least one processor causes an apparatus to perform:
accessing a permission that is to be revoked for an application, wherein the permission involves access to private data of a user via an application programming interface of an operating system; determining, in the application, one or more program points involving access to the private data of the user via the application programming interface; for each selected one of the one or more program points, rewriting code in the application to replace a source statement, at the selected program point, that accesses the private data with another statement that allocates a mock object or value based on a type of an actual value returned by the source statement, wherein the mock object or value does not expose the private data of the user; packaging the application with the rewritten code as an output application able to be subsequently executed by the user; and outputting the application with the rewritten code for use by the user. |
| 地址 |
Armonk NY US |
