SYSTEM AND METHOD FOR DISTRIBUTED AUTHORIZATION FOR ACCESS TO COMMUNICATIONS DEVICE

摘要

According to the invention cellular telephones or other communications devices (102) may intercept requests (114) by applications (104), for instance applications received via over-the-air programming (OAP), to access sensitive device-specific data (110). That device-specific data (110) may include hardware identifiers such as IMEI or other serial or subscriber identification values, personalized settings such as phone books, contact lists, messaging or other information. The requests (114) by applications (104) for access to that type of data may be intercepted, for instance, by an application programming interface (106) executing on the communications device (102). The application programming interface (106) may communication the request (114), along with information identifying the requesting application, to a remote authorization server (118). The facility may compare the application identifier or other information against a list or table of applications authorized (120) to access device-specific data (110). A grant, denial, deferral or other determination may be communicated back to the device, to permit or deny access accordingly. The routing of requests (114) for such data to a remote host server (118) may, for example, prevent the accessing or corruption of sensitive data by viruses, rogue applications or other types of wireless intrusions.