Wireless communication has experienced explosive growth in recent years. As consumers and businesses rely more on their wireless devices, such as mobile phones and personal digital assistants (PDAs), wireless service providers, i.e., carriers, strive to provide additional functionality on these wireless devices. This additional functionality will not only increase the demand for wireless devices but also increase the usage among current users.
The environment of a wireless device creates unique challenges when one considers the execution of application on a wireless device. Methods of downloading the applications and removing the applications need to be developed. In addition, there is a need for security on the wireless device. Security concerns on the wireless device include controlling the environment the best way possible so that an application cannot, intentionally or unintentionally, degrade or corrupt other files on the wireless device or the network on which the wireless device communicates.
Applications, during execution, require various resources on the device they are executing. These resources include memory (including primary and secondary storage), CPU time and/or access, I/O ports and particularly, the display, speakers, keyboard or keypad and a microphone. If the device is connected to a network, the application may also want to access a device resource to use the network, e.g., a dialer on the device.
It is desirable control the application's access to the device resources as a security measure to limit any damage an application may have on the device, or other devices connected to the device. This damage may be intended via a virus on the application or may be unintended where the application executes with poorly written code that unintentionally dominates a resource and makes it unavailable or damaged to other applications.
Currently, the method of controlling the resources of a device was based on a user privilege level. If the user was a typical user on the system, he or she was provided a level of access to the resources that was anticipated they would need. No matter what applications the user put on or executed on the device, as long as the applications were executing under those user privileges, those applications were all given the same access rights to the device.
If, for example, the user was a systems administrator or systems engineer on the network the device was connected, that user may be given a higher privilege level, e.g., a “super user,” and given more access to the device and network resources. Similarly as with the typical user though, this super user's privileges remained the same across all the applications the super user executed. In this scenario, the same application executed by the typical user may be granted additional resources if executed by the super user.
However, this practice does not allow for the device to limit a device's resources per application. While the user itself may attempt to limit the application's access to resources, this provided no security to those maintaining the device and the network the device was located. The user could avoid limiting the resources and, therefore, damage the device resources or network resources based on the privilege levels defined to the user.
Consequently, what is needed in the art is a system and method for protecting the resources of a device and the connected network and also increasing the flexibility of managing the device's resources by allowing the granting rights to the resources per application.