An apparatus and method for isolating at least one of a plurality of applications included in an electronic device are provided. The method includes selecting at least one of the plurality of applications included in the electronic device, preprocessing the at least one selected application so as to be at least one modified application included in a sandbox isolating the at least one selected applications from others of the plurality of applications, and installing the at least one modified application on the electronic device so as to be executed only according to the sandbox.

PTO Wrapper PDF
Dossier Espace Google
Patent
   RE48311
Priority
Jan 21 2015
Filed
Feb 20 2019
Issued
Nov 17 2020
Expiry
Jan 21 2035
Inventors
Ishihara, …
Assg.orig
Samsung El…
Assg.curr
Samsung El…
Entity
Large
Referenced by
0
References
52
Maint.:
currently ok
0. 21. A method comprising:
selecting an application from among a plurality of applications included in an electronic device;
processing the selected application to generate a modified application in a sandbox, the sandbox configured to isolate the modified application from one or more other applications of the plurality of applications and to provide data isolation for processing of the modified application;
installing the modified application on the electronic device; and
executing the modified application on the electronic device only according to the sandbox, the sandbox configured to provide runtime isolation for execution of the modified application.
1. A method for isolating at least one of a plurality of applications included in an electronic device, the method comprising:
selecting the at least one of the plurality of applications included in the electronic device;
moving and processing the at least one selected application in a sandbox isolating the at least one selected application from others of the plurality of applications so as to be at least one modified application, the sandbox providing data isolation for processing of the at least one selected application; and
installing and executing the at least one modified application on the electronic device so as to be executed only according to the sandbox, the sandbox providing runtime isolation for execution of the at least one selected modified application.
0. 33. An electronic device comprising:
a display;
a processor configured to:
display, via the display, a plurality of applications included in the electronic device;
detect a user input selecting an application from among the plurality of applications;
process the selected application to generate a modified application in a sandbox, the sandbox configured to isolate the modified application from one or more other applications of the plurality of applications and to provide data isolation for processing of the modified application;
install the modified application on the electronic device; and
execute the modified application on the electronic device only according to the sandbox, the sandbox configured to provide runtime isolation for execution of the modified application; and
a memory configured to store the modified application.
11. An apparatus for isolating at least one of a plurality of applications included in an electronic device, the apparatus comprising:
a display configured to:
display the plurality of applications included in the electronic device, and
receive a user input selecting the at least one of the plurality of applications;
a processor configured to:
move and preprocess the at least one selected application in a sandbox isolating the at least one selected application from others of the plurality of applications so as to be at least one modified application, the sandbox providing data isolation for preprocessing of the at least one selected application, and
install and execute the at least one modified application on the electronic device so as to be executed only according to the sandbox, the sandbox providing runtime isolation for execution of the at least one selected modified application; and
a memory configured to store the at least one modified application.
2. The method of claim 1, wherein the selecting of the at least one of the plurality of applications included in the electronic device comprises:
displaying the at least one of the plurality of applications on the electronic device; and
receiving a user input indicating the at least one selected application from among the displayed at least one of the plurality of applications.
3. The method of claim 1,
wherein the processing of the at least one selected application comprises isolating an application file corresponding to the at least one selected application to be the at least one modified application included in the sandbox, and
wherein the at least one modified application includes at least one of a modified application manifest or a modified Dalvik Executable (DEX) file.
4. The method of claim 3, wherein the isolating of the application file corresponding to the at least one selected application comprises:
extracting an application manifest corresponding to the application file;
modifying the application manifest to be the modified application manifest; and
storing the modified application manifest so as to correspond to the at least one modified application included in the sandbox.
5. The method of claim 4, wherein the modifying of the application manifest comprises:
modifying at least one of a descriptor or a reference included in the application manifest,
wherein the at least one of the descriptor or the reference may correspond corresponds to at least one of a process name, a file name, a memory location, a device, an address, a pointer, or an operating system component.
6. The method of claim 4, wherein the modifying of the application manifest comprises:
at least one of adding or modifying at least one of an application permission or an operating system component,
wherein the at least one of the application permission and or the operating system component may be is defined when the at least one selected application is at least one of installed or downloaded.
7. The method of claim 3,
wherein the isolating of the application file corresponding to the at least one selected application comprises containerizing a DEX file corresponding to the at least one selected application to be the modified DEX file, and
wherein the DEX file may include includes Dalvik bytecode.
8. The method of claim 7,
wherein the containerizing of the DEX file comprises at least one of replacing or modifying at least one process included in the Dalvik bytecode with at least one proxy method configured to provide the data isolation and the runtime isolation for the execution of the at least one selected modified application, and
wherein the at least one modified process controls at least one of transmitting or receiving of messages by the at least one selected application.
9. The method of claim 7,
wherein the containerizing of the DEX file comprises inserting an object into a class hierarchy of the Dalvik bytecode, and
wherein the object controls at least one of transmitting or receiving of messages by the at least one selected modified application.
10. The method of claim 3,
wherein the isolating of the application file corresponding to the at least one selected application to be the at least one modified application included in the sandbox comprises packaging the at least one modified application manifest and the at least one modified DEX file into a modified application package corresponding to the at least one modified application, and
wherein the modified application package includes a certificate indicating integrity of the modified application package.
12. The apparatus of claim 11, further comprising an input/output (I/O) interface configured to receive a user input indicating the at least one selected application from among the displayed plurality of applications.
13. The apparatus of claim 11,
wherein the processor is further configured to isolate an application file corresponding to the at least one selected application to be the at least one modified application included in the sandbox, and
wherein the at least one modified application includes at least one of a modified application manifest or a modified Dalvik Executable (DEX) file.
14. The apparatus of claim 13, wherein the processor is further configured to:
extract an application manifest corresponding to the application file,
modify the application manifest to be the modified application manifest, and
store the modified application manifest so as to correspond to the at least one modified application included in the sandbox in the memory.
15. The apparatus of claim 14,
wherein the processor is further configured to modify at least one of a descriptor or a reference included in the application manifest, and
wherein the at least one of the descriptor or the reference may correspond corresponds to at least one of a process name, a file name, a memory location, a device, an address, a pointer, or an operating system component.
16. The apparatus of claim 14,
wherein the processor is further configured to at least one of add or modify at least one of an application permission or an operating system component, and
wherein the at least one of the application permission or the operating system component may be is defined when the at least one selected application is at least one of installed or downloaded.
17. The apparatus of claim 13,
wherein the processor is further configured to containerize a DEX file corresponding to the at least one selected application to be the modified DEX file, and
wherein the DEX file may include includes Dalvik bytecode.
18. The apparatus of claim 17,
wherein the processor is further configured to at least one of replace or modify at least one process included in the Dalvik bytecode with at least one proxy method configured to provide the data isolation and the runtime isolation for the execution of the at least one selected modified application, and
wherein the at least one modified process controls at least one of transmitting or receiving of messages by the at least one selected application.
19. The apparatus of claim 17,
wherein the processor is further configured to insert an object into a class hierarchy of the Dalvik bytecode, and
wherein the object controls at least one of transmitting or receiving of messages by the at least one selected modified application.
20. The apparatus of claim 13,
wherein the processor is further configured to package the at least one modified application manifest or the at least one modified DEX file into a modified application package corresponding to the at least one modified application, and
wherein the modified application package includes a certificate indicating integrity of the modified application package.
0. 22. The method of claim 21, wherein selecting the application from among the plurality of applications comprises:
displaying at least some of the plurality of applications on the electronic device; and
receiving a user input indicating the selected application from among the displayed applications.
0. 23. The method of claim 21, wherein:
processing the selected application comprises isolating an application file corresponding to the selected application to generate the modified application included in the sandbox; and
the modified application includes at least one of a modified application manifest, a modified Dalvik Executable (DEX) file, or a modified or replaced application icon or image.
0. 24. The method of claim 23, wherein isolating the application file corresponding to the selected application comprises:
extracting an application manifest corresponding to the application file;
modifying the application manifest to generate the modified application manifest; and
storing the modified application manifest so as to correspond to the modified application included in the sandbox.
0. 25. The method of claim 24, wherein:
modifying the application manifest comprises modifying at least one of a descriptor or a reference included in the application manifest; and
the at least one of the descriptor or the reference corresponds to at least one of a process name, a file name, a memory location, a device, an address, a pointer, or an operating system component.
0. 26. The method of claim 24, wherein:
modifying the application manifest comprises at least one of adding or modifying at least one of an application permission or an operating system component; and
the at least one of the application permission or the operating system component is defined when the selected application is at least one of installed or downloaded.
0. 27. The method of claim 23, wherein:
isolating the application file comprises containerizing a DEX file corresponding to the selected application to generate the modified DEX file; and
the DEX file includes Dalvik bytecode.
0. 28. The method of claim 27, wherein:
containerizing the DEX file comprises at least one of replacing or modifying at least one process included in the Dalvik bytecode to provide the data isolation and the runtime isolation; and
the at least one process controls at least one of transmitting or receiving of messages by the selected application.
0. 29. The method of claim 27, wherein:
containerizing the DEX file comprises inserting an object into a class hierarchy of the Dalvik bytecode; and
the object controls at least one of transmitting or receiving of messages by the modified application.
0. 30. The method of claim 23, wherein:
isolating the application file comprises packaging the modified application manifest and the modified DEX file into a modified application package corresponding to the modified application; and
the modified application package includes a certificate indicating integrity of the modified application package.
0. 31. The method of claim 21, wherein processing the selected application comprises one of modifying or replacing an icon associated with the selected application.
0. 32. The method of claim 21, wherein:
the method further comprises copying the selected application; and
processing the selected application to generate the modified application comprises processing the copy of the selected application to generate the modified application.
0. 34. The electronic device of claim 33, further comprising:
an input/output (I/O) interface configured to receive a user input indicating the selected application from among the displayed applications.
0. 35. The electronic device of claim 33, wherein:
the processor is further configured to isolate an application file corresponding to the selected application to generate the modified application included in the sandbox; and
the modified application includes at least one of a modified application manifest, a modified Dalvik Executable (DEX) file, or a modified or replaced application icon or image.
0. 36. The electronic device of claim 35, wherein the processor is further configured to:
extract an application manifest corresponding to the application file;
modify the application manifest to be the modified application manifest; and
store the modified application manifest so as to correspond to the modified application included in the sandbox in the memory.
0. 37. The electronic device of claim 36, wherein:
the processor is further configured to modify at least one of a descriptor or a reference included in the application manifest; and
the at least one of the descriptor or the reference corresponds to at least one of a process name, a file name, a memory location, a device, an address, a pointer, or an operating system component.
0. 38. The electronic device of claim 36, wherein:
the processor is further configured to at least one of add or modify at least one of an application permission or an operating system component, and
the at least one of the application permission or the operating system component is defined when the selected application is at least one of installed or downloaded.
0. 39. The electronic device of claim 35, wherein:
the processor is further configured to containerize a DEX file corresponding to the selected application to generate the modified DEX file; and
the DEX file includes Dalvik bytecode.
0. 40. The electronic device of claim 39, wherein:
the processor is further configured to at least one of replace or modify at least one process included in the Dalvik bytecode to provide the data isolation and the runtime isolation; and
the at least one process controls at least one of transmitting or receiving of messages by the selected application.
0. 41. The electronic device of claim 39, wherein:
the processor is further configured to insert an object into a class hierarchy of the Dalvik bytecode; and
the object controls at least one of transmitting or receiving of messages by the modified application.
0. 42. The electronic device of claim 35, wherein:
the processor is further configured to package the modified application manifest or the modified DEX file into a modified application package corresponding to the modified application; and
the modified application package includes a certificate indicating integrity of the modified application package.
0. 43. The electronic device of claim 33, wherein, to process the selected application, the processor is configured to one of modify or replace an icon associated with the selected application.
0. 44. The electronic device of claim 33, wherein:
the processor is further configured to copy the selected application; and
to process the selected application to generate the modified application, the processor is configured to process the copy of the selected application to generate the modified application.
0. 45. The electronic device of claim 33, wherein the processor is configured to execute the selected application and the modified application at a same time.
In some embodiments, descriptors or references that may be modified when modifying the application manifest may correspond to at least one of a process name, a file name, a memory location, a device, an address, a pointer, or an operating system component. Additionally, the APK manifest may be modified by adding application permissions such as special application permissions, and by modifying Android components that are defined when the selected application corresponding to the APK manifest is installed and/or downloaded. Accordingly, the selected application corresponding to the APK manifest that has been modified as described above may be installed alongside an original version of the selected application.

Modifying the APK, or in other words, isolating the APK, may further include containerizing a Dalvik Executable (DEX) file corresponding to the at least one selected application, the DEX file being at least one program and/or application that has been translated into Dalvik bytecode, which may also be referred to as Dalvik machine bytecode. The Dalvik bytecode may be analyzed and modified to provide data isolation and runtime isolation, in or other words, to isolate data corresponding to the Dalvik bytecode and to isolate execution of the selected application.

The data isolation and the runtime isolation of the Dalvik bytecode may be provided in order to intercept flow of the selected application corresponding to the Dalvik bytecode in certain scenarios. In other words, the data isolation and the runtime isolation intercept may be provided by isolating flow of a program and/or an application in a at least one of a state, a scenario, and/or under at least one condition, and to make changes to the program flow, i.e., a logic and/or set of instructions of the program, at an occurrence of the at least one of the state, the scenario, and/or under the at least one condition.

The flow of the program may be isolated by replacing and/or modifying methods and/or processes included in the Dalvik bytecode with and/or according to proxy methods configured to provide the data isolation and the runtime isolation. In addition, an object configured to provide the data isolation and the runtime isolation may be inserted into a class hierarchy of the Dalvik bytecode and/or original code associated with the selected application. By using the proxy methods and/or the objects, a behavior of the selected application may be modified such that passing, i.e., transmitting and/or receiving, of messages, which may also be referred to as intents, by an application and/or between applications may be controlled to provide the data isolation and the runtime isolation.

For example, an intent that launches a camera application, such as a camera application that is included in an electronic device including a camera, may be modified to launch a secure camera application that provides data isolation and runtime isolation. The modifications made in order to containerize the DEX file may match the modifications made to the APK manifest to isolate the APK. Accordingly, a similarly modified set of applications may cooperate as a group and may be isolated according to a sandbox including the similarly modified set of application. Furthermore, the modified APK manifest and the modified DEX file are repackaged into a new APK, and the new APK may be signed with an appropriate certificate in order to ensure integrity of the APK as being ready to be containerized and/or included in a sandbox.

Next, at operation 303, the at least one modified application is installed on an electronic device, such as the electronic device 101. Accordingly, a user of the electronic device 101 may execute and/or run concurrent instances of each of the at least one modified applications, such that each instance of the at least one modified applications does not share resources with another instance of the at least one modified applications.

FIG. 4 illustrates a dynamic method of isolating applications according to an embodiment of the present disclosure.

Referring to FIG. 4, the dynamic method of isolating the applications includes modifying an application during installation of the application on a mobile terminal. At operation 401, an original application 410 is selected from among a plurality of applications stored on an electronic device, such as the electronic device 101. Next, at operation 402, the selected original application 410 is modified according to an isolation process performed so as to generate a modified application 412. In order to generate the modified application 412, the electronic device 101 may modify an APK manifest included in an APK of the selected original application 410 as described above with reference to FIG. 3. After the modified application 412 has been generated, at operation 403, the modified application 412 is stored on the electronic device 101.

Accordingly, the dynamic method of FIG. 4 includes analyzing an application prior to installation of the application and, during runtime, overwriting images “on the fly,” or in other words, during and as a process included in the runtime of the application. In order to change and/or replace any original images and/or icons using the dynamic method, all needed images are modified during the runtime. Accordingly, the dynamic method may include collecting needed information about images and/or icons by reading and parsing all entries from an application, installing an original application without any changes, and modifying, on the device, standard software and/or modules responsible for the handling all activities related to the application installation process and image loading.

Additionally, the dynamic method of FIG. 4 may include recognizing when an image and/or icon should be replaced and/or overwritten during loading and/or presentation of the application, replacing and/or overwriting a particular image “on the fly” on the device and/or remotely, and presenting a newly created image instead of the original one.

FIG. 5 illustrates a combined method of isolating applications according to an embodiment of the present disclosure.

Referring to FIG. 5, at operation 501, an original application 510 is pulled from among a plurality of installed applications stored on an electronic device, such as the electronic device 101 in order to modify the original application 510 so as to include the modified application in a sandbox. In other words, at least one application, i.e. the original application 510 may be selected from among the plurality of installed applications to be included in the sandbox. For example, the original application 510 may be selected by a user of the electronic device and/or the application may be selected automatically to be included the sandbox.

At operation 502, the original application 510 is modified to be included in the sandbox. The original application 510 may be modified in a manner similar to the operations, such as the preprocessing of the at least one selected application, described at operation 302 of FIG. 3, and accordingly, description of such operations will be omitted herein for the purpose of brevity. Next, at operation 503, the modified application may installed according to the preprocessing performed in operation 502 so as to be executed with data isolation and runtime isolation provided according to the sandbox.

Additionally, at and/or after operation 502, the combined method of isolating applications may include analyzing an application before installation of the application, generating a new image and/or icon after the installation of the application, and saving the application locally on the device, on the external memory or remotely, and using the application later by replacing the original application.

In further detail, changing and/or replacing any original images and/or icons of an application using the combined method of FIG. 5 includes collecting needed information about images and/or icons by reading and parsing all entries from an application, installing the original application without any changes, modifying standard software and/or modules on the device responsible for all activities related to the application installation process and image loading. The combined method further includes determining which image and/or icon should be replaced and creating a new image locally and/or remotely during at least one of installation of the application, a first run of the application, and performing overwriting of the application as a separate process, saving the newly created images locally and/or remotely, and presenting the new images instead of the original images and/or icons.

FIGS. 6A, 6B, and 6C illustrate screen shots of isolating multiple instances of an application according to an exemplary embodiment of the present application.

Referring to FIG. 6A, a home screen including a plurality of applications and/or widgets that may be executed on an electronic device are shown. At least one of the plurality of applications and/or widgets may be included in a sandbox. The sandbox may be preconfigured to include at least one of the plurality of applications and/or widgets and/or a user of the electronic device may select at least one of the plurality of applications and/or widgets to be included in a sandbox.

Referring to FIG. 6B, the at least one of the applications and/or widgets included in the sandbox may be displayed on a screen of the electronic device. A sandbox indicator 601 may be displayed on the screen including the plurality of applications and/or widgets included in the sandbox to indicate that only the plurality of applications and/or widgets included in the sandbox are displayed on the screen of the electronic device.

Referring to FIG. 6C, an application 602, from among the at least one application and/or widget included in the sandbox may be executed so as to provide data isolation and application isolation during execution of the application 602.

FIG. 7 illustrates a block diagram of hardware according to various embodiments of the present disclosure.

Referring to FIG. 7, hardware 701 may be, for example, a part or all of the electronic device 101. The hardware 701 may include one or more Application Processors (AP) 710, a communication module 720, a Subscriber Identification Module (SIM) card 724, a memory 730, a sensor module 740, an input module 750, a display module 760, an interface 770, an audio module 780, a camera module 791, a power management module 795, a battery 796, an indicator 797, a motor 798, and/or the like.

The AP 710 may control one or more hardware or software components that are connected to AP 710, perform processing or computation of data (including multimedia data), and/or the like. As an example, the AP 710 may be implemented as a System-on-Chip (SoC). The AP 710 may include a Graphics Processing Unit (GPU) (not shown).

The communication module 720 (e.g., the communication interface 160) may transmit and receive data in communications between the electronic device 101 and other electronic devices (e.g., the electronic device 104, the server 106, and/or the like). As an example, the communication module 720 may include one or more of a cellular module 721, a Wi-Fi module 723, a Bluetooth module 725, a GPS module 727, a NFC module 728, a Radio Frequency (RF) module 729, and/or the like.

The cellular module 721 may provide services such as, for example, a voice call, a video call, a Short Messaging Service (SMS), interne service, and/or the like, via a communication network (e.g., LTE, LTE-A, CDMA, WCDMA, UMTS, WiBro, GSM, and/or the like). As an example, the cellular module 721 may differentiate and authorize electronic devices within a communication network using a Subscriber Identification Module (SIM) card (e.g., the SIM card 724). According to various embodiments of the present disclosure, the cellular module 721 may perform at least a part of the functionalities of the AP 710. For example, the cellular module 721 may perform at least a part of multimedia control functionality.

According to various embodiments of the present disclosure, the communication interface 720 and/or the cellular module 721 may include a Communication Processor (CP). As an example, the cellular module 721 may be implemented as SoC.

Although FIG. 7 illustrates components such as the cellular module 721 (e.g., CP), the memory 730, the power management module 795 as components that are separate from the AP 710, according to various embodiments of the present disclosure, the AP 710 may include, or be integrated with, one or more of the foregoing components (e.g., the cellular module 721).

According to various embodiments of the present disclosure, the AP 710, the cellular module 721 (e.g., CP), and/or the like, may process instructions or data received from at least one of non-volatile memory or other components by loading in volatile memory. The AP 710, the cellular module 721, the communication interface 720, and/or the like, may store at non-volatile memory at least one of data that is received from at least one of other components or data that is generated by at least one of the other components.

Each of the Wi-Fi module 723, the Bluetooth module 725, the GPS module 727, the NFC module 728, and/or the like may, for example, include one or more processors that may process data received or transmitted by the respective modules. Although FIG. 7 illustrates the cellular module 721, the Wi-Fi module 723, the Bluetooth module 725, the GPS module 727, and the NFC module 728 as separate blocks, according to various embodiments of the present disclosure, any combination (e.g., two or more) of the cellular module 721, the Wi-Fi module 723, the Bluetooth module 725, the GPS module 727, the NFC module 728, and/or the like may be included in an Integrated Chip (IC) or an IC package. For example, at least some of the processors corresponding to the respective the cellular module 721, the Wi-Fi module 723, the Bluetooth module 725, the GPS module 727, the NFC module 728, and/or the like, may be implemented as a single SoC. For example, a CP corresponding to the cellular module 721 and a Wi-Fi processor corresponding to Wi-Fi module 723 may be implemented as a single SoC.

The RF module 729 may, for example, transmit and receive RF signals. Although not shown, the RF module 729 may include a transceiver, a Power Amp Module (PAM), a frequency filter, a Low Noise Amplifier (LNA), and/or the like. The RF module 734 may include one or more components for transmitting and receiving Electro-Magnetic (EM) waves (e.g., in free space or the like) such as, for example, conductors or conductive wires. Although FIG. 7 illustrates that the cellular module 721, the Wi-Fi module 723, the Bluetooth module 725, the GPS module 727, and the NFC module 728 are sharing one RF module 729, according to various embodiments of the present disclosure, at least one of the cellular module 721, the Wi-Fi module 723, the Bluetooth module 725, the GPS module 727, the NFC module 728, and/or the like may transmit and receive RF signals via a separate RF module.

The SIM card 724 may be a card implementing a SIM, and may be configured to be inserted into a slot disposed at a specified location of the electronic device. The SIM card 724 may include a unique identifier (e.g., Integrated Circuit Card IDentifier (ICCID)) subscriber information (e.g., International Mobile Subscriber Identity (IMSI)), and/or the like.

The memory 730 (e.g., memory 130) may include an internal memory 732, an external memory 734, or a combination thereof.

According to various embodiments of the present disclosure, the internal memory 732 may be, for example, at least one of volatile memory (e.g., Dynamic Random Access Memory (DRAM), Static Random Access Memory (SRAM) or Synchronous Dynamic Random Access Memory (SDRAM)), non-volatile memory (e.g., One Time Programmable Read Only Memory (OTPROM), Programmable Read Only Memory (PROM), Erasable and Programmable Read Only Memory (EPROM), Electrically Erasable and Programmable Read Only Memory (EEPROM), mask Read Only Memory (ROM), flash ROM, NAND flash memory, NOR flash memory), and/or the like.

According to various embodiments of the present disclosure, the internal memory 732 may be a Solid State Drive (SSD). As an example, the external memory 734 may be a flash drive (e.g., Compact Flash (CF drive), Secure Digital (SD), micro Secure Digital (micro-SD), mini Secure Digital (mini-SD), extreme Digital (xD), Memory Stick, and/or the like). The external memory 734 may be operatively coupled to electronic device 101 via various interfaces. According to various embodiments of the present disclosure, the electronic device 701 may include recording devices (or recording media) such as, for example, Hard Disk Drives (HDD), and/or the like.

The sensor module 740 may measure physical/environmental properties detect operational states associated with electronic device 101, and/or the like, and convert the measured and/or detected information into signals such as, for example, electric signals or electromagnetic signals. As an example, the sensor module 740 may include at least one of a gesture sensor 740A, a gyro sensor 740B, an atmospheric pressure sensor 740C, a magnetic sensor 740D, an accelerometer 740E, a grip sensor 740F, a proximity sensor 740G, an RGB sensor 740H, a biometric sensor 7401, a temperature/humidity sensor 740J, a luminosity sensor 740K, a Ultra Violet (UV) sensor 740M, and/or the like. The sensor module 740 may detect the operation state of the electronic device and/or measure physical properties, and convert the detected or measured information into electrical signals. Additionally or alternatively, the sensor module 740 may also include, for example, an electrical-nose sensor (not shown), an electromyography (EMG) sensor (not shown), an electroencephalogram (EEG) sensor (not shown), an infrared (IR) sensor (not shown), an eye-scanning sensor (e.g., iris sensor) (not shown), a fingerprint sensor, and/or the like. The sensor module 740 may also include control circuitry for controlling one or more sensors included therein.

The input module 750 may include a touch panel 752, a (digital) pen sensor 754, a key 756, an ultrasonic input device 758, and/or the like.

As an example, the touch panel 752 may detect touch input using capacitive, resistive, infrared, ultrasonic methods, and/or the like. The touch panel 752 may also include a touch panel controller (not shown). As an example, a capacitive-type touch panel may detect proximity inputs (e.g. hovering input) in addition to, or as an alternative to, physical touch inputs. The touch panel 752 may also include a tactile layer. According to various embodiments of the present disclosure, the touch panel 752 may provide haptic feedback to the user using the tactile layer.

As an example, the (digital) pen sensor 754 may be implemented using methods identical to or similar to receiving a touch input from a user, or using a separate detection sheet (e.g., a digitizer).

As an example, the key 756 may be a keypad, a touch key, and/or the like.

As an example, the ultrasonic input device 758 may be a device configured to identify data by detecting, using a microphone (e.g., a microphone 788), ultrasonic signals generated by a device capable of generating the ultrasonic signal. The ultrasonic input device 758 may detect data wirelessly.

According to various embodiments of the present disclosure, the electronic device 101 may receive user input from an external device (e.g., a network, computer or server) connected to the electronic device 101 using the communication module 720.

The display module 760 (e.g., display 150) may include a panel 762, a hologram device 764, a projector 766, and/or the like. As an example, the panel 762 may be, for example, a Liquid-Crystal Display (LCD), an Active-Matrix Organic Light-Emitting Diode (AM-OLED) display, and/or the like. As an example, the panel 762 may be configured to be flexible, transparent, and/or wearable. The panel 762 and the touch panel 752 may be implemented as a single module. The hologram device 764 may provide a three-dimensional image. For example, the hologram device 764 may utilize the interference of light waves to provide a three-dimensional image in empty space. The projector 766 may provide image by projecting light on a surface (e.g., a wall, a screen, and/or the like). As an example, the surface may be positioned internal or external to electronic device 101. According to various embodiments of the present disclosure, the display module 760 may also include a control circuitry for controlling the panel 762, the hologram device 764, the projector 766, and/or the like.

The interface 770 may include, for example, one or more interfaces for a High-Definition Multimedia Interface (HDMI) 772, a Universal Serial Bus (USB) 774, a projector 776, or a D-subminiature (D-sub) 778, and/or the like. As an example, the interface 770 may be part of the communication interface 720. Additionally or alternatively, the interface 770 may include, for example, one or more interfaces for Mobile High-definition Link (MHL), Secure Digital (SD)/MultiMedia Card (MMC), Infrared Data Association (IrDA), and/or the like.

The audio module 780 may encode/decode sound into electrical signal, and vice versa. According to various embodiments of the present disclosure, at least a portion of audio module 780 may be part of the I/O interface 140. As an example, the audio module 780 may encode/decode voice information that is input into, or output from, the speaker 782, the receiver 784, the earphone 786, the microphone 788, and/or the like.

The camera module 791 may capture still images and/or video. According to various embodiments of the present disclosure, the camera module 791 may include one or more image sensors (e.g., front sensor module, rear sensor module, and/or the like) (not shown), an Image Signal Processor (ISP) (not shown), or a flash (e.g., Light-Emitting Diode (flash LED), xenon lamp, and/or the like) (not shown).

The power management module 795 may manage electrical power of the electronic device 101. Although not shown, the power management module 795 may include, for example, a Power Management Integrated Circuit (PMIC), a charger Integrated Circuit (charger IC), a battery gauge, a fuel gauge, and/or the like.

As an example, the PMIC may be disposed in an integrated circuit or an SoC semiconductor. The charging method for the electronic device 101 may include wired or wireless charging. The charger IC may charge a battery, may prevent excessive voltage or excessive current from a charger from entering the electronic device 101, and/or the like. According to various embodiments of the present disclosure, the charger IC may include at least one of a wired charger IC or a wireless charger IC. As an example, the wireless charger IC may be a magnetic resonance type, a magnetic induction type, an electromagnetic wave type, and/or the like. As an example, the wireless charger IC may include circuits such as a coil loop, a resonance circuit, a rectifier, and/or the like.

As an example, the battery gauge may measure a charge level, a voltage while charging, a temperature of battery 796, and/or the like.

As an example, the battery 796 may supply power to the electronic device 101. As an example, the battery 796 may be a rechargeable battery, a solar battery, and/or the like.

The indicator 797 may indicate one or more states (e.g., boot status, message status, charge status, and/or the like) of the electronic device 101 or a portion thereof (e.g., the AP 710). Motor 798 may convert an electrical signal into a mechanical vibration.

Although not shown, the electronic device 101 may include one or more devices for supporting mobile television (mobile TV) (e.g., a Graphics Processing Unit (GPU)), and/or the like. The devices for supporting mobile TV may support processing of media data compliant with, for example, Digital Multimedia Broadcasting (DMB), Digital Video Broadcasting (DVB), media flow, and/or the like.

It will be appreciated that various embodiments of the present disclosure according to the claims and description in the specification can be realized in the form of hardware, software or a combination of hardware and software.

Any such software may be stored in a non-transitory computer readable storage medium. The non-transitory computer readable storage medium stores one or more programs (software modules), the one or more programs comprising instructions, which when executed by one or more processors in an electronic device, cause the electronic device to perform a method of the present disclosure.

Any such software may be stored in the form of volatile or non-volatile storage such as, for example, a storage device like a Read Only Memory (ROM), whether erasable or rewritable or not, or in the form of memory such as, for example, Random Access Memory (RAM), memory chips, device or integrated circuits or on an optically or magnetically readable medium such as, for example, a Compact Disk (CD), Digital Versatile Disc (DVD), magnetic disk or magnetic tape or the like. It will be appreciated that the storage devices and storage media are various embodiments of non-transitory machine-readable storage that are suitable for storing a program or programs comprising instructions that, when executed, implement various embodiments of the present disclosure. Accordingly, various embodiments provide a program comprising code for implementing apparatus or a method as claimed in any one of the claims of this specification and a non-transitory machine-readable storage storing such a program.

While the disclosure has been shown and described with reference to various embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the disclosure as defined by the appended claims and their equivalents. Various embodiments of the present disclosure are described as examples only and are noted intended to limit the scope of the present disclosure. Accordingly, the scope of the present disclosure should be understood as to include any and all modifications that may be made without departing from the technical spirit of the present disclosure.

INVENTORS:

Ishihara, Toru, Sankaranarasimhan, Manikandan, Swaney, William, Havin, Victor

THIS PATENT IS REFERENCED BY THESE PATENTS:
Patent Priority Assignee Title
THIS PATENT REFERENCES THESE PATENTS:
Patent Priority Assignee Title
6823376, Apr 26 1999 International Business Machines Corporation Method and system for capturing and storing system changes for application to multiple users and systems in a heterogeneous server environment
6917963, Oct 05 1999 Veritas Technologies LLC Snapshot image for the application state of unshareable and shareable data
7519814, Sep 15 2003 APPZERO SOFTWARE CORP System for containerization of application sets
7941813, Feb 17 2006 Virtuozzo International GmbH System and method for using virtual machine for driver installation sandbox
8176321, May 18 2010 GOOGLE LLC Safe installation of browser extensions
8448244, Jan 08 2010 Adobe Inc Methods and systems for fused files comprising logic and content data
8666938, Mar 28 2012 OMNISSA, LLC Installed application cloning and failover to virtual server
8732474, May 18 2010 GOOGLE LLC Safe installation of browser extensions
8793291, Mar 15 2010 SALESFORCE, INC System, method and computer program product for deploying an update between environments of a multi-tenant on-demand database system
8793348, Sep 18 2009 GBS SOFTWARE AG Process for installing software application and platform operating system
8799862, Jun 24 2011 Alcatel Lucent Application testing using sandboxes
8819638, Sep 20 2011 WSOU Investments, LLC Application protoyping suite
8887152, Nov 04 2011 TREND MICRO, INC Android application virtual environment
8930917, May 22 2012 Adobe Inc Method and apparatus for mobile application development and testing that avoids repackaging and reinstallation
8966632, Feb 17 2012 TREND MICRO INCORPORATED In-the-cloud sandbox for inspecting mobile applications for malicious content
9055080, Dec 14 2009 Citrix Systems, Inc Systems and methods for service isolation
9069607, Jan 31 2012 VMware LLC Selective migration of virtualized applications and configuration settings thereof
9095779, Mar 21 2013 RAZER ASIA-PACIFIC PTE LTD Gaming application state transfer amongst user profiles
9116768, Nov 20 2014 GEN DIGITAL INC Systems and methods for deploying applications included in application containers
9208328, Nov 13 2012 Auckland Uniservices Ltd Security system and method for operating systems
9319270, Apr 12 2012 IVANTI, INC Configuration of third party applications in a sandboxed environment
20050198647,
20080005472,
20080016339,
20080263511,
20080301676,
20090259993,
20090307477,
20100262970,
20100281458,
20110072505,
20110126190,
20110138474,
20110219365,
20120246634,
20120254885,
20130036448,
20130145463,
20130185764,
20140181974,
20140207959,
20140366157,
20150074165,
20150169871,
20150235043,
20150319252,
20150347746,
20150347749,
20160132310,
CN101963914,
CN102736945,
CN104462879,
ASSIGNMENT RECORDS    Assignment records on the USPTO
/
Executed onAssignorAssigneeConveyanceFrameReelDoc
Feb 20 2019Samsung Electronics Co., Ltd.(assignment on the face of the patent)
MAINTENANCE FEES AND DATES:    Maintenance records on the USPTO
Date Maintenance Fee Events
Feb 20 2019BIG: Entity status set to Undiscounted (note the period is included in the code).
Jul 16 2024M1552: Payment of Maintenance Fee, 8th Year, Large Entity.


Date Maintenance Schedule
Nov 17 20234 years fee payment window open
May 17 20246 months grace period start (w surcharge)
Nov 17 2024patent expiry (for year 4)
Nov 17 20262 years to revive unintentionally abandoned end. (for year 4)
Nov 17 20278 years fee payment window open
May 17 20286 months grace period start (w surcharge)
Nov 17 2028patent expiry (for year 8)
Nov 17 20302 years to revive unintentionally abandoned end. (for year 8)
Nov 17 203112 years fee payment window open
May 17 20326 months grace period start (w surcharge)
Nov 17 2032patent expiry (for year 12)
Nov 17 20342 years to revive unintentionally abandoned end. (for year 12)