In some operating systems (OS), notably in mobile OSs such as Android, in order to ensure security when executing user applications, the operating system organizes an isolated execution environment code (hereinafter, isolated environment) known as a “sandbox”. The isolated environment usually constitutes a controllable set of software and hardware resources accessible to the application for its execution, such as space on the disk or in the memory, the number of processor cores which can be used, and so forth. Moreover, the isolated environment usually either partly emulates the execution of system functions—for example, access to a network (local area or Internet), OS functions, or reading information from data entry devices—or greatly restricts the possibility of their execution—. Applications running in such an isolated environment are not able to read much less write into regions of the RAM of the computing device (e.g., mobile device) which are accessible to or allocated to other applications.
In order to call system functions, a third-party user application needs to request and receive additional authorization. Usually, such authorizations are granted by the user either when installing an application (e.g., in earlier versions of the Android OS) or during the launching or execution of the application (e.g., in later versions of the Android OS and in other OS). Example of such authorizations include: permission to work with text messages (e.g., SMS/MMS messages), permission to access a user's contacts, and permissions to access network services. The volume of actions which an application can perform outside the isolated environment with the help of authorizations is likewise limited. The authorizations themselves are usually of various kinds: those which can be granted to all applications and those which are granted only to a limited group of applications, for example, only the applications constituting the firmware of the computing device or only the applications considered first-party by the OS.
A security application can also be considered a third-party application in this sense and thus limited in its rights within the isolated environment and those additional authorizations granted to it by the user. Therefore, difficulties arise when the security application attempts to analyze data obtained by other foreign applications (for example, from the Internet), since this data cannot be obtained and analyzed by the security application. There are no authorizations for reading the data of other applications in the list of authorizations provided to third-party applications by the operating system, since such authorizations are contrary to the approach of using an isolated environment.
Despite the relative protection of mobile devices against malicious applications (due to the above-described closed nature achieved with the aid of the isolated environment), problems of filtering out unwanted data content obtained by applications on mobile devices are rather serious. For example, parents may want to guard their children against undesirable links, obscene language, and other undesirable information; users may want to guard themselves against phishing, intrusive advertising, and so on; and companies may want their workers to use mobile devices only for business purposes.
Known security system are ineffective because they do not have the ability to receive and process data and content obtained by applications working in isolated environments. Therefore, there is a need to improve a mechanism for a security application to control access to content by user applications executing in an isolated environment on a mobile device.