WO2007064200A1 - Method, system and data carrier for limiting the use of an application - Google Patents

Method, system and data carrier for limiting the use of an application Download PDF

Info

Publication number
WO2007064200A1
WO2007064200A1 PCT/NL2006/000606 NL2006000606W WO2007064200A1 WO 2007064200 A1 WO2007064200 A1 WO 2007064200A1 NL 2006000606 W NL2006000606 W NL 2006000606W WO 2007064200 A1 WO2007064200 A1 WO 2007064200A1
Authority
WO
WIPO (PCT)
Prior art keywords
application
user
computer system
time
running
Prior art date
Application number
PCT/NL2006/000606
Other languages
French (fr)
Inventor
Cornelis Segebertus Van Gils
Original Assignee
Van Gils Beheer B.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Van Gils Beheer B.V. filed Critical Van Gils Beheer B.V.
Priority to EP06843920A priority Critical patent/EP1964017A1/en
Publication of WO2007064200A1 publication Critical patent/WO2007064200A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2101Auditing as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Abstract

Method for limiting the period of use in which at least one user can use an application running on a computer system, the method comprising the steps of : a) checking on the basis of one or more application characteristics whether an application of one of a number of application types to be secured is running on the computer system; b) if it is established that a determined application of an application type to be secured is running, determining the time duration remaining to the user for use of the relevant application and/or application type; c) periodically monitoring the time duration remaining to the user once it has been established that the application type is running, and providing the option of using the relevant application if the user still has application user time available; d) preventing the relevant application from running when the application user time has elapsed.

Description

METHOD, SYSTEM AND DATA CARRIER FOR LIMITING THE USE OF AN APPLICATION
The present invention relates to a method for limiting the period of use in which at least one user can use an application running on a computer system. The present invention also relates to a computer system in which the period of use of an application is limited, and to a computer program for performing said method. Finally, the invention relates to a data carrier having the above stated computer program stored thereon.
A user of a computer, such as for instance a PC, server, laptop, palmtop, after starting up the operating system of the computer and optionally entering the password specific to the user, can gain access to the computer and run computer programs (applications) at random thereon, in principle without limit. This unlimited use of the computer does however have a number of drawbacks.
It is for instance very popular nowadays among young people to make much use of so-called chat programs with which contact can be made via a network, such as for instance the internet, with numerous other users of computer systems. It is then possible to communicate with these users, for instance by sending text messages, video messages and/or audio messages, in particular voice messages, back and forth in a so-called chatroom. It has been found that such communication programs are so popular among young people in particular that far too much time is devoted to communicating via these programs, this having an adverse effect on other activities. A need has therefore arisen to make the use of such communication programs impossible or at least to greatly limit their use.
A particular form of such communication is known under the name "Instant Messenger". An Instant Messenger is an internet application consisting of a program which is installed on a local computer and which makes use of the internet from the local computer. This communication program requires once-only sign-in to a central server and the provision of some personal data. It is only possible to communicate with users who have likewise signed in and provided their personal data. In this way a determined, minimal form of monitoring of the users of the messenger is possible, although the period of use of the messenger is not monitored. So-called web-based applications are also known which consist of programs which are localized on computers accessible via the internet and which also run from these computers, for instance chatrooms on web pages. There is also no limit to the period of time for which a user has access to such web-based applications. Computer programs are known with which the time for which a user can make use of a computer can be limited. A user "buys" for instance a determined amount of computer time. Once the computer time has elapsed, the user is denied access to the computer. Such programs have the drawback however that no distinction is made in the ways in which the computer is used. This means that the use of the computer for purposes other than communication using communication programs is also limited, this being in many cases undesirable.
Also known are safety programs with which determined pre- known computer programs are recognized. When such computer programs are recognized by the safety program, the use of the recognized computer program is prevented. A drawback of this known safety software is however that the names of the programs to be secured must be exactly known beforehand. In view of the large number of programs available, in particular the large number of web-based programs and internet programs, and the rapid changes therein, it has been found difficult in practice to effect adequate protection for a computer system.
It is an object of the present invention to provide a method, computer program and computer system in which at least one of the above stated drawbacks is obviated.
According to a first aspect of the invention, there is provided a method for limiting the period of use in which at least one user can use an application running on a computer system, the method comprising the steps of: al) checking on the basis of one or more application characteristics whether an application of one of a number of predetermined application types to be secured is running on the computer system; a2) checking on the basis of pre-stored identity data of external server means, in particular a web server, whether the application is in communicating connection with any of a number of predetermined external server units against which the computer system must be secured; b) if it is established that a determined application of an application type to be secured is running or an application with a communicating connection to an external server unit to be secured is running, determining the time duration remaining to the user for use of the relevant application and/or application type; c) periodically monitoring the time duration remaining to the user once it has been established that the application type is running, and providing the option of using the relevant application if the user still has application user time available; d) preventing the relevant application from running when the application user time has elapsed.
This imposes limitations on the use of one or more applications of a predetermined type, for instance a game or an internet browser, or one or more applications which communicate with an external server, such as a web server.
The method preferably also comprises of:
- checking whether the application is communicating with a predetermined hardware component of the computer system, in particular a video camera or telephone;
- if it is established that there is communication with a predetermined hardware component, determining the time duration for the user remaining for use of the relevant hardware component; and - preventing the use of the relevant hardware component when the user time has elapsed.
In a preferred embodiment the method comprises of establishing a communicating connection with a network, in particular with the internet, via communication means, wherein one of the predefined application types to be secured relates to applications operating via the communication connection. An application type can for instance relate to all applications communicating via the internet, such as for instance all internet browsers in general, or to a predefined part of the applications, for instance applications communicating with an internet site of a determined category to be secured (categories are for instance site for games, adult sites, sites with criminal or discriminatory statements and so on) . By securing these application types it is possible to avoid people communicating in unauthorized manner via the internet in general or via determined categories of internet site. According to another embodiment, an application type relates to applications in the domains of chatting, playing games, sending and receiving audio signals, in particular voice messages, and sending and receiving video signals. This application type can in turn be subdivided per se into different application types. According to a further embodiment, different application types are defined for applications in different domains, such as for instance chatting, playing games, sending and receiving audio signals, in particular voice messages, and/or sending and receiving video signals.
The application type to be secured is for instance - though not exclusively - a chat application or chat program. A check is made on the program that is running, on the basis of one or more application characteristics such as determined character strings specific to chatting, a determined input speed of characters entered via the input means of the computer and so on, as to whether it matches a determined application type to be secured, in this case therefore a chat program. Once it has been established that a chat program is indeed running, whether the user still has sufficient time available is monitored. When a determined computer user time has elapsed, the safety program prevents the chat program from still running on the computer. Thus is prevented that the user can make use for too long a time of an application of a determined application type.
The method preferably comprises the steps as defined in claim 4. The application characteristics here comprise determined character strings entered by the user of the computer system. In the example of chat programs it is for instance possible to envisage, as will be explained later, determined character strings being a strong indication of the fact that a chat program is running on the computer at that moment .
The method preferably comprises the steps as defined in claim 5. In this embodiment the application characteristics comprise determined incoming and/or outgoing protocol packets which can be a strong indication of the fact that an application of a determined application type, for instance a chat program, is running on the computer system at that moment . The identity data can for instance be formed by the URL (Uniform Resource Locator) or the IP address denoting a web site on which a web-based chat program is running. When the identity data correspond wholly or for a large part with the stored identity data, it is possible to establish that an application of the specific secured application type is running at that moment. At the moment this is established the remaining period of use is determined as already set forth above. The server for an Instant Messenger can thus be identified from the IP address, though not on the basis of the connection. The IP address must however then be known in advance .
In another preferred embodiment checking of the application characteristics comprises of comparing at least the names (sizes, dates of creation etc.) of one or more program parts of the application that is running to a list of pre-stored names, sizes and/or dates and establishing, when there is sufficient similarity, that the application to be secured is running on the computer system. It is for instance possible to scan the computer system for software that is running and optionally for installed software. On the basis of files and installations an application of a type to be secured can be found, such as for instance an Instant Messenger application. Step a) of the method preferably comprises of determining on the basis of application characteristics whether an application that is running is possibly a suspect application type, and step b) comprises, if it is established that a determined application of a suspect application type is running, of sending to a central server a warning message preferably comprising identity data of said other computer system.
Once an application has been found which matches the application characteristics, and is therefore in all likelihood of a determined application type to be secured, information about the found application is forwarded, optionally automatically, to a central server via a network, for instance the internet. The server keeps track via each of the computer systems of users connected thereto which applications must be deemed as applications to be secured. The server is adapted here such that it periodically updates the computer systems of the users via said network, for instance the internet, by sending to the relevant computer systems information about the found application characteristics of applications to be secured. This information is stored on the computer system of the user. On the basis of this stored information the computer system can subsequently check directly whether an application is running which has application characteristics corresponding with the application characteristics sent by the central server. This increases the chance that an application to be secured is indeed found and that the access thereto can be limited.
According to a further preferred embodiment, step d) of the method comprises of interrupting substantially only processes corresponding with the relevant application in the processes of the computer system. This means that the user can continue to make normal use of a computer and that substantially only the application matching the application characteristics is interrupted.
Preventing running of the relevant application can take place in a number of ways. According to a determined preferred embodiment, this comprises of switching off the whole computer system. According to another embodiment as set forth above, step d) comprises of stopping only processes corresponding with the relevant application. Other methods of prevention are however also possible. Another method consists of shielding the computer system from the network connected thereto instead of switching off the computer system completely. According to a determined preferred embodiment, the network connection for the application is therefore switched off as already stated above. The application itself hereby remains active, but does not have a network connection at its disposal.
According to a further preferred embodiment, the period of use is made dependent on the application type. It is for instance less problematic that a user makes longer use of one application type than of another application type. In this embodiment a period of use can therefore be set per application type. Instead of or in addition to a period of use subject to the application type, a period of use can be made subject to specific users. Some users, for instance adults, can be given access to determined application types that is unlimited or limited to only some extent, while other users, for instance young children, are allowed little or no access to applications of this application type.
In the latter mentioned case step b) of the method comprises of determining the identity of the user, for instance by having the user log onto the operating system of the computer system under a determined name, and using this name to determine the identity of the user. The length of the period of use can then be set as desired on the basis of the determined identity.
The method preferably also comprises of generating a warning signal as defined in claim 23. This prevents an application being stopped abruptly without the user being able to anticipate this. When according to this embodiment the user receives a warning signal, he/she knows that he must bring the user session to an end.
In order to stimulate the user to make more efficient and skilful use of computer time, the method preferably also comprises of the user ending use of the computer and of determining the remaining period of computer use for the user and storing of the determined remaining period of use on a storage medium, for instance the storage medium of the computer system itself. When the same user now logs onto the computer system next time, the system retrieves the stored remaining period of computer use and the user can still gain access to the relevant application for the remaining period of time. The information stored on the storage medium of the computer system about the remaining period of use of a user can be modified and once again stored on the storage medium. In another embodiment the information stored on the storage medium relating to the remaining period of use is automatically increased or at least modified periodically. According to the method, determined users can for instance acquire a new amount of user time each week, optionally taking possibly "saved" time into account.
Further advantages, features and details of the present invention will be elucidated on the basis of the following description of several preferred embodiments thereof. Reference is made in the description to the accompanying figures, in which: Figure 1 shows a schematic representation of a preferred embodiment of a computer system according to the invention;
Figure 2 shows a flow diagram of a preferred embodiment of the method according to the invention; Figure 3 shows a flow diagram of a further preferred embodiment of the method according to the invention;
Figure 4 shows a flow diagram of a further preferred embodiment of the method according to the invention;
Figure 5 shows a schematic example of the user-specific data stored on a storage medium;
Figure 6 shows a flow diagram of a further preferred embodiment of the method according to the invention;
Figures 7A and 7B show an example of a first entry screen; Figures 8A and 8B show an example of a second entry screen;
Figures 9A and 9B show an example of a third entry screen; and
Figure 10 shows a table in which the different detection options are summarized.
Figure 1 shows a first preferred embodiment of the invention. The preferred embodiment comprises a personal computer 1 which is constructed in known manner from a monitor 2, a keyboard 3, a pointing unit such as a mouse 16 and a casing 4. Casing 4 comprises, among other components, a central processor unit (CPU) 5, a RAM memory 6, a ROM memory 7, a data storage medium such as a hard disc 8 and/or a diskette station 9 and/or an optical disc read/write device 10 and a graphic card 17 for controlling monitor 2. A memory start-up element 11 is also provided in the shown embodiment. In another embodiment element 15 can be omitted as will be set forth later. Said components are mutually connected using one or more system buses 12 so that the components can communicate with each other. Computer 1 can further be connected to the internet via a modem 13.
Although in the exemplary embodiments only a modem connection to internet is mentioned for simplicity of description, numerous alternative methods of gaining access to the internet lie within the reach of the skilled person, for instance via an (internal) network, a router or switch which are internally and/or externally connected to the casing of the computer, possibly through connection to a number of input/output (10) ports such as USB (Universal
Serial Bus), parallel or serial port or firewire connection ports .
When a user wishes to gain access to computer 1, he/she switches on the power supply of the computer by operating switch 14. An example of a start-up procedure is further shown in the flow diagram of figure 2. In step 110 user A switches on the personal computer 1 so that the operating system of the computer is loaded in the above described manner (step 120) . Once the operating system has been loaded, the processing continues to step 130 in which the safety program (also referred to below as the program) stored on the storage medium of the computer is read. The program now ensures that a sign-in screen is displayed on monitor 2 of computer 1 (step 140) with which the user can enter log-in codes such as for instance his/her name (for instance user A) and password by operating the input means, for instance keyboard 3 and/or mouse 16.
In another embodiment not shown in the flow diagram the user settings and accounts of the safety program are coupled to the preset users of the operating system. As soon as a user logs onto the operating system, the safety software would hereby also be automatically logged in, so that a separate log-in operation can be dispensed with. The log-in codes are compared in the following step (step 150) by the processing unit to user data stored beforehand on storage means 7, 8, 9. A check is then made as to whether the entered user name-password combination corresponds to the pre-stored user data (step 150) . If this is not the case, the processing of the program returns to step 140, so that the sign-in screen is once again displayed on monitor 2.
Once the log-in codes have been compared in step 150 to the user data pre-stored on the computer and a correspondence has been determined, the program determines whether one or more processes are active on computer system 1 which are related to a determined type of application to be secured. In order to determine whether one or more of the applications running on the computer are of a determined application type, use is made of one or more application characteristics representative of the relevant application type.
Application characteristics can for instance be determined strings of characters typed in by the user on his/her keyboard 3. As alternative or addition thereto, application characteristics can relate to determined input/output via modem 13, determined forms of communication via a (not shown) microphone and/or camera etc., as will be set forth below.
As alternative to the above discussed network activity, for instance for chat programs, it is possible in respect of games to look at the activities of the graphic card 17. In the case of increased activity, i.e. more activity than is required to drive screen 2 for the operating system and standard software, this can indicate game activity since this requires more support and execution by the graphic card.
In step 160 the safety program determines which application characteristics the applications running on computer system 1 have. An application in which much input/output takes place, for instance as a result of a relatively large number of keystrokes per unit of time, can for instance match an application characteristic representative of a chat program. When a user is chatting, he/she will after all be sending large numbers of characters (text) with some regularity via modem 13 to the internet, and will have large numbers of characters sent back via the internet.
It is subsequently determined in step 170 whether there are applications which match the application characteristics. If this is not the case, the processing returns to step 160 and the checking process is repeated. If one or more of the applications do match an application characteristic, the processing continues on to step 180. In step 180 the safety program determines how much time the specific user, in this case for instance user A, still has remaining per application of the application type to be secured. For this purpose the user data stored on the storage means of computer system 1 comprise an indication of the remaining time duration for the relevant user and for the relevant application type. The period of use can vary depending on which user is using the computer system at that moment and depending on the determined type of application, as will be explained later. When the user logs in for the first time or when the user data have been recently updated, the user data comprise an indication of the standard user time that is pre-stored (for instance by a supervisor) , for instance two hours computer time for the use of a random chat software (for instance MSN Messenger) , and one hour of computer time for use of another chat program. When the user has already been logged in one or more times and the user data have not been updated in the meantime, the user data comprise an indication of the remaining user time stored on the storage medium during a previous session.
A program then proceeds to step 190 in which a check is made whether the relevant user still has time to run the relevant application. If' this is the case, the processing returns to step 180 and the steps of determining the remaining period of time are repeated. If this is not the case, the processing continues on to step 200 in which the relevant application (s) is/are stopped by the safety program. This prevents the user still being able to run the relevant application.
Figure 3 gives an example of the checking, on the basis of one or more application characteristics, of an application of one or more application types to be secured (step 170, figure 2) . Step 170 is here subdivided into a number of sub- steps. First of all the safety program determines in sub-step 300 which application types are to be secured for the relevant user, in this case user A. User-specific information stored on storage medium 8-10 is consulted for this purpose. The user-specific data also comprise, in addition to the login name and password of the user, information about which application types must be secured for this user and how much time may be used in a specific period for the use of one or more applications of the application type to be secured or the application types to be secured.
In sub-step 310 information is then retrieved from the storage means which is representative for each of the application types to be secured entered in step 300. In sub- step 320 the characteristics of the applications and application types to be secured retrieved in step 310 are then compared to the characteristics determined in step 160 of the applications running on the computer at that moment. The program compares for instance the characters entered via keyboard 3 in a determined period, for instance 10 minutes, to a character string pre-stored on the above stated storage means. The stored character string is representative of a determined type of application. In the use of random chat software, such as MSN messenger, many combinations of characters for instance occur. Possible examples hereof are: 1. "Smilies" ;-) or ; ) = wink
: -) or : ) = smile
:-D or :D = laugh :-P or :P = stick out tongue
8-) or 8) = "cool"
2. Abbreviations lol = Laughing Out Loud roflol = Rolling On the Floor Laughing Out
Loud idd = Indeed imho = In My Humble Opinion brb = Be Right Back afk = Away From Keyboard
It is noted here that not only character strings, in particular abbreviations, in the English language are used, but that character strings occurring in other languages (e.g. French, Spanish, German etc.) can likewise be applied in the recognition of the application and/or the application type. When the entered character strings do not resemble, or at least show too little resemblance to the stored character strings, the program concludes that no application of the type to be secured is being used and the processing returns to step 160. When the entered character string does include many such characters, and therefore greatly resembles the stored character string, it can for instance be concluded that the user is using the chat program at that moment and is in the process of chatting. If this is established (step 330), the processing continues on to step 180 (figure 2).
Figure 4 shows that steps 180 and 190 are made up of a number of sub-steps. In step 340 the program retrieves information about the remaining user time from the storage means. On the basis of the retrieved user time relevant to the user in question and the application in question a counter is then initialized in step 350 and the counter is set to count down (step 360) in order to keep track of the remaining user time for the relevant user. A check is subsequently made in step 370 whether there is sufficient time still remaining. If this is the case, the processing returns to step 360. This loop is repeated until the user time has elapsed. When the time has elapsed the processing goes to step 200 (figure 2).
In the above described embodiment comparison of the application characteristics of the applications that are running to those of the applications to be secured takes place by comparing the character strings entered by the user via the input means. In another embodiment the retrieval of the application characteristics in step 310 comprises of retrieving protocols pre-stored on the storage means of computer system 1, followed by a step 320 in which the retrieved protocols are compared to the protocol packets inputted and outputted via the network in a specific preceding period, for instance the previous 10 minutes. When there is sufficient similarity between the protocol packets inputted and outputted via the network and the protocol packets retrieved from the storage means, it can be concluded (step 330) that an application of the application type to be secured is running at that moment. In that case the processing continues to step 180 (and sub-steps 340-370) as described above. In a further preferred embodiment step 310 also comprises, alternatively or in addition to what is performed in the above stated embodiments, of retrieving identity data representative of the identity of pre-known applications to be secured. Examples of such identity data are the URL (Uniform Resource Locator) or optionally IP (Internet Protocol) addresses of the internet location at which a pre- known chat program can be accessed. It is sometimes problematic to find applications to be secured on the basis of identity data. As stated above, it may well be possible in such a case to recognize an application from for instance the installation of the application, such as for instance by consulting the names of the files and/or the registry keys. Web sites can also be assessed, for instance on the basis of their content (particularly Meta tags) .
Possibilities for recognizing software are on the one hand very limited but on the other still very great. At the level of the operating system identifying whether an application is for instance a game is not possible, or hardly so, because it is not categorized by the system. A (strong) assumption that for instance a game is involved could be made on the basis of criteria, although a great certainty cannot be achieved here. A greater certainty can be achieved however as soon as a game is known which is wholly identical to the application being used. Better identity data can be established by means of comparison by specific criteria, such as for instance names, files and even possible connections on and to specific network/internet servers.
In step 180 the characteristics (i.e. in this case the identity data, in particular the URL) are determined of those computer systems with which the user has contact at that moment via the network. A comparison is carried out on the basis of the identity data determined in step 160 and the identity data retrieved from the storage medium in step 310. When there is sufficient similarity between the identity data, the safety program determines in step 330 whether an application is running of the type to be secured. In that case the processing continues to step 180 (and sub-steps 340- 370) in which the counter is initialized with which the remaining period of use for the user (user A) is determined. In other embodiments the embodiments described above are combined, i.e. executed successively or in parallel to each other. As soon as at least one of the determination methods has the result of indicating that an application of the application type to be secured is running, the safety program determines that the safety measures must come into operation and the counter is initialized with which the period of use remaining for the relevant user (user A) is determined. In such a combined embodiment there is a greatly increased chance of successfully detecting that an application to be secured is running.
When it has been established that an application of an application type which is to be secured or which is at least suspect is active at a given moment on the computer system, in a further embodiment a warning message is sent via the network to a computer system, for instance a central server, connected to the network. The warning messages from all the computer systems connected to the network and provided with the software are stored and processed on the central server. When the computer system of user A has for instance determined that a particular application, application A, fulfils one or more of the application characteristics, all data that can be retrieved by the computer system of user A relating to the relevant application A are added to the warning message and sent to the central server. It is for instance possible here to envisage the address on internet at which the relevant application is running, the protocols specific to the relevant application and so on. The effectiveness of the safety program can be greatly increased by central storage of these data of all users and by periodically sharing these data with the other users of the network, for instance by updating from the central server via the network the application characteristics stored on the storage medium of each of the computer systems.
When it is stated in the foregoing that the safety program prevents the user being able to run a particular application, this can have different meanings. It is for instance possible to have the safety program disable substantially only the processes in the computer system corresponding with the relevant application. This is possible in the case the application operates on the computer system itself as well as in the case that the application is a web- based program operating on an external computer system. In both cases one or more of the processes of the application can be stopped, whereby the effective operation of the application is lost.
Figure 5 shows a schematic example of data which can be stored on the storage medium of the computer system. Figure 5 shows a table in which the maximum time duration (for instance in hours) for a determined user (user A) is stored per day of the week (columns) and per type of application (chat program and so on) (rows) . The same applies for user B, wherein for each day of the week and for each type of application a determined maximum time duration is defined.
These tables are stored in a form suitable for the purpose on the storage medium of computer system 1 and can be consulted when a user logs onto the system. As stated above, it is possible, when a user (user A) has used up only a part of the user time assigned on a particular day and for a determined type, to store the rest of the user time. When for instance user A has chatted for 1.5 hours on Monday, a further half- hour remains for chatting later in the day. In this case the safety program will change the number 2 at top left in the table for user A into 0.5. Variants can also be envisaged where, when a user has a determined user time left, this excess user time can be displaced to one or more other days. When for instance user A has a half-hour remaining because he/she only chatted for 1.5 hours on Monday, this half-hour can for instance be added to the time duration available to him/her for chatting on Saturday. In this case the safety program changes the number 6 into 6.5. It will be apparent that numerous variants can be envisaged, all lying within the reach of the skilled person.
In a further preferred embodiment the user is warned one or more times of the approaching end of the session because the user time has almost elapsed. In this embodiment step 190 in figure 2 is replaced by the steps 400-430 shown in figure 6. After having iteratively determined the remaining time duration in step 180, a check is made in step 400 as to whether the remaining computer user time is shorter than a predetermined value (less than L minutes, wherein L equals for instance 10) . If this is not the case, the program returns to step 180 as shown in figure 6. When the remaining computer user time is less than L minutes, the program goes from step 400 to step 410 and the program generates a warning to the user, for instance in the form of a pop-up window displayed on screen 2 of the computer and/or by means of an acoustic warning signal. The computer user now knows that he/she has only 10 minutes remaining and can finish his/her activities quickly. In step 420 the remaining user time is determined in each case and a check is made in step 430 as to whether the remaining time is sufficient, for instance whether the remaining time equals 0 minutes. If the user time has elapsed, the computer is switched off in step 200. If the time has not yet elapsed, the processing returns to step 420. In another preferred embodiment an indication is given in a window on screen 2 of computer 1 of the computer user time remaining at that moment. It is possible here to envisage for instance a time indication in numbers or an indication in the form of a bar diagram, wherein the length of the bar is indicative of the remaining computer user time. It will be apparent that numerous variants of such an indication are possible, all lying within the scope of the invention. In the above described embodiments the safety system (user time limiting system) is implemented in software. The system does after all comprise a computer program embedded in the operating system of the computer. Embodiments can however be envisaged in which the safety system is implemented in hardware or a combination of software and hardware.
Further preferred embodiments of the invention are described below with reference to figures 7-9. Figures 7A and 8A show a window to be displayed on screen 2 of computer system 1 in which a supervisor for a user (in this case user A) can enter his/her preferences. First of all a supervisor can set up a number of settings, applicable for a user A, of filters for different application types. Shown in the example is a sub-window 50 in which the user is asked to adjust the access options for the application types Internet and Media, or more specifically for the different application types related to the use of different internet sites and the application types related to the use of different forms of media. For this purpose a number of fields 52 of Internet application type 51 can be ticked, whereby diverse filters can be switched on and off, for instance a first filter for filtering sites intended for adults, a second filter for filtering sites in which discrimination is found, and a third filter for filtering sites where it is possible to gamble. For the Media application type 53 a number of fields 54 can be ticked for the purpose of setting diverse media filters, such as a first filter for preventing chatting in general or MSN in particular, a second filter for preventing webcam/video transmissions, a third filter for preventing telephone connections, a fourth filter for playing (online) games via the internet and a fifth filter for forbidding playing of local games (offline) (compare figure 10) .
For the application types "internet" and "media" an overall time per day during the week (Mon-Sun) and/or overall time per week is set by entering thereof in an internet application time-limit table 57 and a media application time- limit table 58. The system can be embodied such that when the sum of the overall times per day is greater than the weekly time, running of an application for which the weekly time has elapsed while the daily time has not is nevertheless prevented.
Figures 7A and 7B show the situation where the supervisor denies to user A access to all secured internet sites as well as the use of the webcam/video and the voice/telephone. Furthermore, user A has only 1080 minutes per week access to internet, and the media applications (such as chatting, gaming via internet, local games), may only be used for 285 minutes. Figures 8A and 8B show the situation where, in addition to the limitation of the weekly time for the application types "internet" and "media", limitations are also imposed on the maximum period of use per day. As shown in boxes 60, the period of use of a determined application type is limited per day. It is noted that the sum of the periods of use is greater per day than the overall weekly period. This can mean, as already explained above, that when the weekly time has elapsed and the daily time of a particular day has not, running applications of the secured application types is nevertheless prevented.
As soon as user A has gained access to the computer system, and it is established that user A is running an application from one of the application types, a counter (not shown) of computer system 1 begins to record how long this is .
Figures 9A and 9B show a window according to a further embodiment. The window corresponds to the window described above in respect of figures 7 and 8. In this embodiment the supervisor can enter per application type the maximum allowed time periods per calendar day by completing a graphic matrix 55 displayed on the screen. Using this graphic matrix displayed in the window three level settings can be made for access on a particular calendar day to internet and to the "web-based" software such as the above-mentioned "Media" applications .
It is possible per unit of time, for instance per half- hour, to make a selection in the rows of the matrix and to assign thereto options or safety levels by ticking thereof, for instance by providing the relevant box with the desired colour coding (red, green, yellow) . It is also possible to give other safety settings for each block (of e.g. a half- hour) in respect of the basic application types as well as the internet filters. Within the set time the software will itself check what is and what is not allowed.
The lower level of the matrix relates to fully blocked access. This is shown with crosshatching in graphic matrix 55. It is more convenient in practice to designate the level with a colour. The level of fully blocked access can for instance can for instance be indicated in red. Within the "red" zone no internet access is possible, not even for e- mail or for visiting web sites. Figure 9 shows for instance that access to the internet applications and media applications is wholly impossible during the night hours.
The middle layer of the matrix is a layer with quite a number of restrictions. The layer is indicated in figure 9 with hatching which is angled to the right but which in practical applications will usually have a colour coding. The middle level is for instance indicated with, yellow time zones. Within the yellow time zones the application type "media", such as chatting, webcam/video, voice, games and the like, is not allowed, while internet applications are allowed (albeit filtered in accordance with the settings in boxes 52) .
The upper layer of the matrix is a layer with few to no restrictions, and is designated in figure 9 with hatching angled to the left. Instead of having such a hatching, the upper layer can have a colour coding, such as for instance a green colour. Within the "green" zones one or more application types are allowed. In the example shown in figure 9 Internet and Media applications (albeit filtered) are allowed in the green zones.
As stated above, access to internet is filtered by ticking boxes 52 for the Internet application type 51. The filters block the web sites with undesirable content. This blocking is unrelated to the time users have to make use of the application types.
It will be apparent from the above that a matrix with times which is individually adjustable is available per user. User A could possibly have everything available for the whole day with the exception of a number of internet filters, while user B only has internet access from 15.00 hrs to 22.00 hrs and may only make use of one or more application types between 19.00 hrs and 21.30 hrs. Modification of the settings can only come into operation when approval is given by the supervisor (administrator) . Approval can for instance be obtained by operating an agreement or accept key on the keyboard, optionally validated by entering a password.
In addition to the basic screen for simple and rapid use shown in figures 7-9, wherein the focus is on simplicity of use, it is also possible to create the option for the advanced user of making more specific and advanced settings. The user for instance has the option of setting a matrix per individual application instead of per application type (internet, "media" or the like) , wherein the user has the option of indicating when this specific application is allowed and when it is not, with also the daily and weekly maximums for this application. If this application falls within one of the application types, it will then be possible to make use of the maximum time set for the application type unless it is explicitly stated that this is not applicable. In the latter case the time used is not added to the application types, but the maximums of the set application are used.
It is preferably the case that if times are set which are shorter than the set time for the relevant application type, the lowest value is valid. In the case of the settings for an explicit application, the matrix can be embodied such that the application types and filters are omitted.
The user has the further option of making his/her own modifications to the lists of explicitly excluded and allowed web sites and/or software which, as a result of these settings, will fall outside the normal matrix and be blocked or allowed. In a determined preferred embodiment data stored in the local database of the safety software are sent anonymously to a central server of the safety software so that user statistics and research can be recorded and carried out worldwide for the purpose of a possible addition to the safety software or a possible enrichment of knowledge relating to the computer use of the users of the computer system (such as for instance young people) .
In a determined embodiment a person who opens a connection to a computer or server protected according to the present invention receives a message, for instance a message appearing briefly on the screen "protected application and/or application type" or, more specifically "MSN Safetynet protected", wherein "MSN Safetynet" is for instance the name given to the safety software. In this case the person making contact with a protected computer is immediately informed of the fact that the computer is protected. Furthermore, information (such as the IP and ID address, time, date etc.) representative of the computer making contact with the protected computer system can then be determined and stored on the central server and/or the protected computer system in order to be able to trace this computer later, for instance in the case of misuse. In yet another embodiment information relating to the sent mail/internet addresses is stored. This information can for instance comprise the name of the address and the date and time of receipt. The consequence hereof is that, if necessary, the information about the addresses can still be traced later.
Although embodiments have been described in the foregoing in which matrices are used for the presentation and input of parameters, such as time periods and the like, other embodiments lie within the reach of the skilled person.
The present invention is not limited to the preferred embodiments thereof described herein. The rights sought are rather defined by the following claims, within the scope of which many modifications can be envisaged.

Claims

CIAIMS
1. Method for limiting the period of use in which at least one user can use an application running on a computer system, the method comprising the steps of: al) checking on the basis of one or more application characteristics whether an application of one of a number of predetermined application types to be secured is running on the computer system; a2) checking on the basis of pre-stored identity data of external server means, in particular a web server, whether the application is in communicating connection with any of a number of predetermined external server units against which the computer system must be secured; b) if it is established that a determined application of an application type to be secured is running or an application with a communicating connection to an external server unit to be secured is running, determining the time duration remaining to the user for use of the relevant application and/or application type; c) periodically monitoring the time duration remaining to the user once it has been established that the application type is running, and providing the option of using the relevant application if the user still has application user time available; d) preventing the relevant application from running when the application user time has elapsed.
2. Method as claimed in claim 1, further comprising of:
- checking whether the application is communicating with a predetermined hardware component of the computer system, in particular a video camera or telephone;
- if it is established that there is communication with a predetermined hardware component, determining the time duration for the user remaining for use of the relevant hardware component; and
- preventing the use of the relevant hardware component when the user time has elapsed.
3. Method as claimed in claim 1, wherein at least one of the predefined application types to be secured relates to applications operating via a communication connection to one or more external server units.
4. Method as claimed in any of the foregoing claims, wherein checking of application characteristics comprises of comparing character strings inputted by the user via the input means of the computer system to character strings which are pre-stored on the computer system and which are representative of one or more of the predefined application types and/or applications and, when there is sufficient similarity between the inputted and stored character strings, establishing that said determined application is running on the computer system.
5. Method as claimed in any of the foregoing claims, wherein checking of the application characteristics comprises of comparing protocols incoming and/or outgoing via the communication means to protocols which are pre-stored on the computer system and which are representative of one or more of the predefined application types and/or applications and, when there is sufficient similarity between the inputted and stored protocols, establishing that said determined application is running on the computer system.
6. Method as claimed in claim 1, wherein step a2) comprises of comparing the pre-stored identity data to the determined identity data of the relevant external server unit and, when there is sufficient similarity between the determined and stored identity data, establishing that the application is in communication connection with an external server unit to be secured.
7. Method as claimed in claim 6, wherein the identity data are formed by a Uniform Resource Locator (URL) or an IP address.
8. Method as claimed in any of the foregoing claims, wherein checking of the application characteristics comprises of comparing at least the names of one or more program parts of the application that is running to a list of pre-stored names and establishing, when there is sufficient similarity, that the application to be secured is running on the computer system.
9. Method as claimed in any of the foregoing claims, wherein step a) comprises of determining on the basis of application characteristics whether an application that is running is possibly a suspect application type, and wherein step b) comprises, if it is established that a determined application of a suspect application type is running, of sending to a central server a warning message preferably comprising identity data of said other computer system.
10. Method as claimed in any of the foregoing claims, wherein different application types relate to applications in the different domains of chatting, playing games, sending and receiving audio signals, in particular voice messages, and/or sending and receiving video signals.
11. Method as claimed in any of the foregoing claims, wherein the application user time per time interval depends on the application type.
12. Method as claimed in claim 11, comprising of setting different application user times per time interval for each of the application types.
13. Method as claimed in any of the foregoing claims, comprising of setting different user times for different specific users.
14. Method as claimed in any of the foregoing claims, comprising of generating a warning signal when the determined remaining application user time has reached a pre-stored minimum value .
15. Method as claimed in any of the foregoing claims, comprising of periodically increasing the remaining user time.
16. Method as claimed in claim 15, comprising of increasing the remaining application user time per interval of time, such as per calendar day or per week.
17. Method as claimed in any of the foregoing claims, wherein step c) also comprises of:
- determining one or more time blocks in a predetermined time interval, such as time blocks during a calendar day and/or a week, within which applications of a type to be secured can run, - providing the possibility of using the relevant application if the current time falls within one of the time blocks, and otherwise preventing the use of the relevant application.
18. Method as claimed in claim 17, comprising different time blocks for applications of different application types.
19. Method as claimed in claim 17 or 18, comprising of allowing the relevant application to run only at times within a time block associated with an application and/or application type and as long as the remaining user time for the application and/or the application type has not yet elapsed.
20. Method as claimed in any of the foregoing claims, comprising of updating and storing on the computer system via the network, preferably from the central server, the application characteristics to be secured and/or identity data of the external server units to be secured.
21. Method as claimed in any of the foregoing claims, wherein step d) comprises of interrupting substantially only the processes corresponding with the relevant application in the processor of the computer system.
22. Method as claimed in any of the foregoing claims, wherein step d) comprises of blocking the communication connection over the network.
23. Method as claimed in any of the foregoing claims, comprising, if the computer system is secured and an external computer system seeks contact with the protected system via communication means, of sending a warning message to the other computer system.
24. Method as claimed in any of the foregoing claims, comprising, when a communication connection is established between the protected computer system and an external computer, of retrieving information representative of the external computer and of saving this information on the protected computer system and/or on the central server.
25. Method as claimed in any of the foregoing claims, comprising of saving "chat" data in a log file.
26. Computer system provided with a central processor unit, a monitor, a memory, a storage medium, input means and network communication means, wherein the system is programmed to perform the method as claimed in any of the foregoing claims .
27. Data carrier comprising a computer access time limiting system in the form of a computer program stored thereon which, when run, performs the method as claimed in any of the claims 1-25.
28. Computer program for performing the steps of the method as claimed in any of the claims 1-25 when it is run on a computer system.
PCT/NL2006/000606 2005-12-02 2006-12-01 Method, system and data carrier for limiting the use of an application WO2007064200A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP06843920A EP1964017A1 (en) 2005-12-02 2006-12-01 Method, system and data carrier for limiting the use of an application

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL1030579A NL1030579C2 (en) 2005-12-02 2005-12-02 Method, system and data carrier for limiting the use of an application.
NL1030579 2005-12-02

Publications (1)

Publication Number Publication Date
WO2007064200A1 true WO2007064200A1 (en) 2007-06-07

Family

ID=36354063

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/NL2006/000606 WO2007064200A1 (en) 2005-12-02 2006-12-01 Method, system and data carrier for limiting the use of an application

Country Status (3)

Country Link
EP (1) EP1964017A1 (en)
NL (1) NL1030579C2 (en)
WO (1) WO2007064200A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104092748A (en) * 2014-06-30 2014-10-08 广州金山网络科技有限公司 Method and device for APP operation control
CN104102570A (en) * 2014-07-18 2014-10-15 广州金山网络科技有限公司 APP (application) running control method and APP running control device
WO2017187234A1 (en) * 2016-04-29 2017-11-02 TOGNI, Andrea Sacha Control method of a smartphone or tablet, and corresponding smartphone or tablet
CN109582535A (en) * 2018-11-01 2019-04-05 Oppo广东移动通信有限公司 Using progress control method, device, storage medium and electronic equipment
US10558546B2 (en) 2018-05-08 2020-02-11 Apple Inc. User interfaces for controlling or presenting device usage on an electronic device
US10789642B2 (en) 2014-05-30 2020-09-29 Apple Inc. Family accounts for an online content storage sharing service
US11188624B2 (en) 2015-02-06 2021-11-30 Apple Inc. Setting and terminating restricted mode operation on electronic devices
US11363137B2 (en) 2019-06-01 2022-06-14 Apple Inc. User interfaces for managing contacts on another electronic device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8215230B2 (en) 2008-12-05 2012-07-10 Progressive International Corporation Collapsible salad spinner

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999054827A1 (en) * 1998-04-20 1999-10-28 Patrick Alan Huges Inappropriate site management software
US5987611A (en) * 1996-12-31 1999-11-16 Zone Labs, Inc. System and methodology for managing internet access on a per application basis for client computers connected to the internet
WO2000060434A1 (en) * 1999-04-06 2000-10-12 Microsoft Corporation Method and system for controlling execution of computer programs
EP1099997A1 (en) * 1999-11-02 2001-05-16 Infineon Technologies AG Application usage time limiter
US20030105822A1 (en) * 2001-12-05 2003-06-05 Ibm Corporation Apparatus and method for monitoring instant messaging accounts

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7356836B2 (en) * 2002-06-28 2008-04-08 Microsoft Corporation User controls for a computer

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5987611A (en) * 1996-12-31 1999-11-16 Zone Labs, Inc. System and methodology for managing internet access on a per application basis for client computers connected to the internet
WO1999054827A1 (en) * 1998-04-20 1999-10-28 Patrick Alan Huges Inappropriate site management software
WO2000060434A1 (en) * 1999-04-06 2000-10-12 Microsoft Corporation Method and system for controlling execution of computer programs
EP1099997A1 (en) * 1999-11-02 2001-05-16 Infineon Technologies AG Application usage time limiter
US20030105822A1 (en) * 2001-12-05 2003-06-05 Ibm Corporation Apparatus and method for monitoring instant messaging accounts

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10789642B2 (en) 2014-05-30 2020-09-29 Apple Inc. Family accounts for an online content storage sharing service
US11941688B2 (en) 2014-05-30 2024-03-26 Apple Inc. Family accounts for an online content storage sharing service
CN104092748A (en) * 2014-06-30 2014-10-08 广州金山网络科技有限公司 Method and device for APP operation control
CN104102570A (en) * 2014-07-18 2014-10-15 广州金山网络科技有限公司 APP (application) running control method and APP running control device
US11188624B2 (en) 2015-02-06 2021-11-30 Apple Inc. Setting and terminating restricted mode operation on electronic devices
US11727093B2 (en) 2015-02-06 2023-08-15 Apple Inc. Setting and terminating restricted mode operation on electronic devices
WO2017187234A1 (en) * 2016-04-29 2017-11-02 TOGNI, Andrea Sacha Control method of a smartphone or tablet, and corresponding smartphone or tablet
US10558546B2 (en) 2018-05-08 2020-02-11 Apple Inc. User interfaces for controlling or presenting device usage on an electronic device
US10872024B2 (en) 2018-05-08 2020-12-22 Apple Inc. User interfaces for controlling or presenting device usage on an electronic device
CN109582535A (en) * 2018-11-01 2019-04-05 Oppo广东移动通信有限公司 Using progress control method, device, storage medium and electronic equipment
CN109582535B (en) * 2018-11-01 2022-06-14 Oppo广东移动通信有限公司 Application operation control method and device, storage medium and electronic equipment
US11363137B2 (en) 2019-06-01 2022-06-14 Apple Inc. User interfaces for managing contacts on another electronic device

Also Published As

Publication number Publication date
EP1964017A1 (en) 2008-09-03
NL1030579C2 (en) 2007-06-05

Similar Documents

Publication Publication Date Title
EP1964017A1 (en) Method, system and data carrier for limiting the use of an application
US11775668B2 (en) Messaging systems and methods
US7874011B2 (en) Authenticating user identity when resetting passwords
US10341349B2 (en) Session security splitting and application profiler
USRE45558E1 (en) Supervising user interaction with online services
US10339298B2 (en) Weak password support in a multi-user environment
US6823363B1 (en) User-moderated electronic conversation process
US7809797B2 (en) Parental control using social metrics system and method
US7818789B2 (en) User controls for a computer
US8301653B2 (en) System and method for capturing and reporting online sessions
US7743153B2 (en) Killing login-based sessions with a single action
EP2239679A1 (en) A method and a system for controlling the use of an electronic device
US20020184496A1 (en) Methods and arrangements for selectively maintaining parental access consent in a network environment
US20090153292A1 (en) Business and software security and storage methods, devices and applications
JP2010027028A (en) Control of website usage via online storage of restricted authentication credential
US6799286B1 (en) Methods and arrangements for providing non-modal error information in a graphical user interface
US20030233447A1 (en) Apparatus and methods for monitoring content requested by a client device
CN113742190A (en) Control method and electronic device
US20010033297A1 (en) Internet conduit providing a safe and secure environment
US20050033993A1 (en) Method of authorising a user
US20110302633A1 (en) Safe Internet Browser
US7181626B1 (en) Smart card security for computer system
JP2007140739A (en) Communication system, access limiting method, access limiting device, program and access limiting service
EP1622332A1 (en) Method and apparatus for regulating network access
CN110199289B (en) Method for regulating access to a data connection by an electronic device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2006843920

Country of ref document: EP