Method and apparatus for optimizing data storage
US-8996480-B2 · Mar 31, 2015 · US
Application privacy scanning systems and related methods
US10909265B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10909265-B2 |
| Application number | US-202016915097-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 29, 2020 |
| Priority date | Jun 10, 2016 |
| Publication date | Feb 2, 2021 |
| Grant date | Feb 2, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An application privacy analysis system is described, where the system obtains an application and analyzes it for privacy related data use. The system may determine privacy related activities of the application from established sources of such data and/or may decompile the application and analyze the resulting code to determine the privacy related activities of the application. The system may execute the application and monitor the communications traffic exchanged by the application to determine privacy related activities of the application. The system may store the results of such analyses for future reference.
First claim
Opening claim text (preview).
What is claimed is: 1. A mobile device application privacy analysis system comprising: one or more processors; and computer memory, wherein the application privacy analysis system is configured for: obtaining a mobile device application; determining identifying information for the mobile device application; querying a database of application characteristics using the identifying information; receiving a response to the database query comprising an identifier of a software development kit used to generate the mobile device application; decompiling the application based on the software development kit used to generate the mobile device application to generate a decompiled mobile device application; performing static privacy analysis of the mobile device application using the decompiled mobile device application by: determining a plurality of access permissions based on the decompiled mobile device application, and determining a plurality of privacy permissions based on the decompiled mobile device application; determining to perform dynamic privacy analysis of the mobile device application based on the static privacy analysis; responsive to determining to perform dynamic privacy analysis of the mobile device application, setting a dynamic privacy analysis indicator; detecting the dynamic privacy analysis indicator; responsive to detecting the dynamic privacy analysis indicator, performing the dynamic privacy analysis of the mobile device application by: generating test data based on the application characteristics, executing the mobile device application using test data as input, inspecting data and metadata exchanged by the executing mobile device application, inspecting network traffic generated by the executing mobile device application, determining personal data transmitted by the mobile device application based on the network traffic and the data and the metadata exchanged by the executing mobile device application, and determining a destination jurisdiction based on the network traffic; and determining a privacy risk score for the mobile device application based on the plurality of access permissions, the plurality of privacy permissions, the data and the metadata by the executing mobile device application, the personal data transmitted by the mobile device application, and the destination jurisdiction. 2. The mobile device application privacy analysis system of claim 1 , wherein the application privacy analysis system is further configured for presenting the privacy risk score to a user on a graphical user interface as a color-coded element of a list comprising a plurality of privacy risk scores. 3. The mobile device application privacy analysis system of claim 1 , wherein performing the static privacy analysis of the mobile device application using the decompiled mobile device application comprises determining personal data referenced by the decompiled mobile device application. 4. The mobile device application privacy analysis system of claim 1 , wherein performing the dynamic privacy analysis of the mobile device application further comprises inspecting data directed to the mobile device application from at least one remote system. 5. The mobile device application privacy analysis system of claim 1 , wherein determining the destination jurisdiction based on the network traffic comprises: determining a destination network address based on the network traffic, and determining the destination jurisdiction based on the destination network address. 6. The mobile device application privacy analysis system of claim 1 , wherein inspecting the network traffic generated by the mobile device application comprises determining at least one data element comprised in the network traffic generated by the mobile device application. 7. The mobile device application privacy analysis system of claim 1 , wherein determining to perform the dynamic privacy analysis of the mobile device application is further based on the response to the database query. 8. A computer-implemented data processing method for performing static application privacy analysis, the method comprising: obtaining a mobile device application at a privacy analysis system; determining identifying information for the mobile device application at the privacy analysis system; querying, by the privacy analysis system, a database of application characteristics using the identifying information; receiving, at the privacy analysis system, a response to the database query comprising an identifier of a software development kit used to generate the mobile device application; decompiling, at the privacy analysis system, the mobile device application based on the software development kit used to generate the mobile device application to generate a decompiled mobile device application; analyzing, by the privacy analysis system, the decompiled mobile device application to determine device component access permissions used by the mobile device application and device storage accessed by the mobile device application based on the application characteristics; determining to perform dynamic privacy analysis of the mobile device application based on analyzing the decompiled mobile device application; responsive to determining to perform the dynamic privacy analysis of the mobile device application, setting a dynamic privacy analysis indicator; determining, by the privacy analysis system, a privacy risk score based on the response to the database query, the device component access permissions used by the mobile device application, and the device storage accessed by the mobile device application; and storing, by the privacy analysis system, the privacy risk score, the device component access permissions used by the mobile device application, and the device storage accessed by the mobile device application. 9. The computer-implemented data processing method of claim 8 , further comprising analyzing the decompiled mobile device application to determine at least one of advertising identifiers used by the mobile device application, authentication key information used by the mobile device application, or blockchain information used by the mobile device application. 10. The computer-implemented data processing method of claim 8 , wherein the device component access permissions used by the mobile device application comprise permissions to access at least one of a camera, a microphone, location data, calendar data, contacts data, or photographs. 11. The computer-implemented data processing method of claim 8 , wherein the device storage accessed by the mobile device application comprises at least one of shared storage, encrypted storage, or unencrypted storage. 12. The computer-implemented data processing method of claim 8 , further comprising presenting the privacy risk score to a user on a graphical user interface as a color-coded element of a list comprising a plurality of privacy risk scores. 13. The computer-implemented data processing method of claim 8 , further comprising determining personal data referenced by the decompiled mobile device application. 14. A computer-implemented data processing method for performing dynamic application privacy analysis, the method comprising: obtaining a mobile device application at a privacy analysis system; determining identifying information for the mobile device application at the privacy analysis system; querying, by the privacy analysis system, a database of application characteristics using the identifying information; receiving, at the privacy analysis system, a response to the database query comprising application characte
Assignees
Inventors
Classifications
- G06F21/6245Primary
Protecting personal data, e.g. for financial or medical purposes · CPC title
Browsing; Visualisation therefor (for navigating the web G06F16/954; browsing optimisation for the web G06F16/957) · CPC title
Test or assess software · CPC title
Indexing; Data structures therefor; Storage structures (for retrieval from the web G06F16/951) · CPC title
Details of hyperlinks; Management of linked annotations · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10909265B2 cover?
- An application privacy analysis system is described, where the system obtains an application and analyzes it for privacy related data use. The system may determine privacy related activities of the application from established sources of such data and/or may decompile the application and analyze the resulting code to determine the privacy related activities of the application. The system may ex…
- Who is the assignee on this patent?
- Onetrust Llc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/6245. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Feb 02 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).