摘要 |
Controlling access to a specific resource on a mobile telephone comprises the steps of: <SL> <LI>(a) associating an identity, e.g. a user, with a permission state, in which an identity is a label applicable to one of several entities on whose behalf the resource could potentially be used and the permission state defines whether or not the resource can actually be used; and <LI>(b) allowing use of the resource solely to an entity or entities labelled with an identity associated with a permission state that does permit such use. </SL> The method may further comprise: a script or other kind of executable code associated with a given entity sending a request to use the specific resource; the script being labelled with an identity or including a secure signature from which an identity can be deduced; and a software component running on the device processing the request and using the identity to determine the applicable permission state associated with the identity for that script or executable code.
|