{12} INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT)
`(19) World InteHectual Property
`
`[EEEeT
`Creanivation
`
`International Bureau ta=
`
`=
`WiPo |
`
`{43} International Publication Date
`27 June 2013 (27.06.2013)
`
`(10) Enternational Peblicaiion Number
`WO 2013/096949 Al
`
`Redmond, Washington 98052-6399 (US) GOULDING,
`
`Michael Burt: co?
`osott Cerponition, LCA - Interna-
`
`Uonai Patents, One Microsoft Way, Redmond, Washington
`ONO52-1399
`(US) BERKSEN, Todd Myles; co Mi-
`crosofi Corpersiion, LCA - Internaiional Patents, One Mi-
`crosoli Way, Redmond, Washington 98082-6290 (£55).
`WOO, Aaron Naoyeshi Sheung Yam ovo
`!
`at Cor
`
`poration, LCA ~ Trsemational Patents, Qne Microsalt Way,
`Rednond, Weshingtod 98053-6399 (PS) ITURRIAGA
`DCBOST, Bernards; co Microso® Corporation, LCA -
`International Patews, Ome Microsalt Way. Redmond,
`W:SShIBgIOR oe0S2-6399 (US) ABERBACH, Alan Ben~
`netty
`oo
`off Corsensiion, LCA ~ International Fat-
`
`ems, Gne Microsoft Way, Redmond, Washington S802.
`6399 (8). BRAUN, Bavia Awa wo Microsoft Corporation,
`LOA ~ byternations! Pasents, One Micresoft
`¥
`Red-
`
`
`
`
`pond, W Shington O8052-6399 (G8). BEGTU 8. Andrew
`Son,
`1:
`Patents,
`
`Che Microsoft Way, ‘Redknond, vy 5
`$246399
`
`
`3
`oft Corporation,
`OS). HAGENS, Andrew Craig; co
`anional Patents, Cme Me
`‘:
`
`sotl Wey, Red
`
`mond, Washington 98052-6390 (US).
`ATTHEWS, 1H,
`
`{Ceatinued en nextpage!
`
`(81)
`
`Internationa! Patent Classification:
`
`HOIW 48/04
`AY
`MOG88/02 (2009.01 5
`
`Hage 7206 (SOT
`
`(21)
`
`Internationa}! Application Nucaber:
`
`
`
`POT) ZOPRAPR SS?
`
`(22)
`
`Internatloast Filing Date:
`
`23 Becember 217 (25. 12.2012}
`
`(25) Filing Language:
`
`(26) Publication Language:
`
`Tanglish
`
`Engitsh
`
`Gh Priority Bata:
`23 Decenther 2
`6‘S80, iar
`
`3H Aum3
`
`22 DecemberGE? (22. 12,OD
`
`2
`
`71} Applicant: MICROSOLT CORPORATION [USAISE
`One Microsoft Wey,
`Redmond, Washingion Gh52-6999
`iUS)}.
`
`G72)
`
`tyventorss KENG, doseph Spencer: cco Micrasoh Comar-
`ation, LOA ~ International Psients, One Microsoft Way,
`
`(34) Tide: RESTRICTED EXECUTION MODES
`
`
`
`; Phone
`Ra) Locked
`
`(87) Abstract: In embodiments of restricted execution modes, a mobile device
`device, and transition
`
`can display a device lock screen on an integrated disy
`face ofa shared
`
`fromthe device lock sereen to dispiay a shared space usert
`space, The transhion to display the shared space wer interface is withare-
`
`fee ia
`
`ing a PINcode entered on the
`fee
`i
`
`DALES ohat is iimplemontedto act
` te & ree
`piements a resiticted execution se
`sticted execution made of
`canobile device,
`and restric
`
`
`weted execution mode is activatad.
`
`application to device content while the rest
`
`The restricted execution servic
` can also slow:
`
`ared device application thai
`is included in the shared space access to the device content while the resxicted
`execniion merde is activated.
`
`
`
` e969°9AT[TTTEEoa
`
`Ms
`
`WO2013/
`
`

`

`WO 2013/096949 Al
`
`gla Hootie NITEEEE
`
`CA, CH,
`
`2. DR,
`fo, ON, CO, OR, Ch,
`2
`BE,
`BG, BS, BR ob,
`1, OR,
`pe,
`ECL
`LHS,
`
`ae. GS, WR, HAE,
`JR. ER, UN, TS, GP, RE, EQ,
`
`LS
` LT,
`Ke,
`RPL ORR,
`LA, Lt,
`LE. LR,
`
`
`MW,
`MY,
`MO,
`MD, ME,
`MK. M
`
`NE
`RU,
`TR.
`TT YM.
`ZA, EM 2A,
`
`
`
`.
`
`IR,
`
`
`
`LA,
`
`TAG, ES,
`
`PN,
`tree,
`KM,
`
`YM,
`cM,
`KR,
`
`
`
`
`
`BY
` TH,
`VN,
`
`
`
`- ntermation-
`LOA.
`Jesepi Hu; ot Micresaft Corporation,
`aberits,
`al B
`Ore Mioesalt Way, Redmond, Washington
`Hat
`
`
`as
`(Us) KARR, Jennifer Anme: co Micnis
`Corporation,
`BCA - Intemational
`Patents. One Micrasail
`
`659
`Way,
`Recto,
`Washinateni
`QSOS?
`COS},
`SCHRATER, Joseph A. cs Micmseft
`Corporation,
`LCA + futerationsl
`»
`Owe
`posult
`‘Way, Beal:
`
`
`mond, Washington
`6399
`(OS). CQTEN, Tea Tai-
`
`Yu os Micrasolt Creporation,
`LCA ~ Hefemationa!
`Pat
`ants, One Mictoseft Way, Redmond, Washington
`98052.
`
`
` tt Carper
`8309 (US1.
`SARIN,
`Raman Ka cc Mi
`Patents. One
`tion,
`LOA
` {titeriational
`Micracltt Way.
`
`BeOSI99
`AGARWAL,
`Hediond, Washington
`~ Ksternaniogsal
`Sharad: co M
`c
`
`Cearpanition,
`
` b
`One
`Patents,
`Micrasatt
`Redmond,
`Washinatass
`Way,
`
`
`
`Senss-6ieo
`(tS) GUBAY, Shaiz ccs Microsett Corper-
`dtien, LCA - Hafernatonal
`Patents. One Micmsult Way,
`
`(U8).
`Redond, Wachingtun
`359
`THOMAS,
`
` epeeation,,
`
`
`BOA + buternaé
`Shawe Mu; cs Mi
`MicsGantt
`Beclsrations under Rute 4.17:
`Redswmd, Washing
`tiemal Patents, Onc
`
`
`ton OS9=(US). SROVRON, Jobe IR; eo Mio
`
`cvesod Clorpeeration,=UA = yternaticwal=Patents.9Gre
`
`Micrasat Way, Redmond, Washiugias
`S805 34390 CLS
`
`
`YOVIN, Folin Av co Microsags Corporation,
`LUA + bso
`
`Termativasal
`Butendts,
`Tre Minrascdt Was,
`Reemanel,
`Washington
`
` GS0s2-8390 FOS).
`
`Desienated States (unless ofenvise indivated, for every
`Kind df sadonal protectian availableAB AG, AL. AM,
`AQ, AY. AB,
`BA. BB, BG. BH. BN, BR, AW, BY,
`
`
`(84)
`
`
`Designated States (anfess oternise indicated, for every
`
`hind gf regional protection available} ARIPO (RW,
`aM, AR LR, LS, ADW) Mi?, BA, RW, SD SE. Be
`
`
`2M, 2), Eumsian
`(AM, Ag. BY, K
`
`
`TM), Exrapean
`CAL. AY, BR. BG, CH OY,
`©
`
`
`EE,
`€S,
`FL FR. GR, GR, HR, HEY,
`FEL
`Is,
`93
`:
`
`
`
`MCL MK, YY,
`Soh, 8. PL,
`PIL RO, RS.
`SE,
`Sh
`YR, OAPE LHF.
`BS,
`CFL ¢
`Ch CM, GA, GN,
`
`
`
`cw, ME, MR, SE, SN, TR,sp.
`
`
`
`
`
`
`
`BY)
`
`Published:
`
`with ieternational search report gtr, 21¢3h
`
`

`

`WO 2013096949
`
`PO PUS201 2ANT LSS
`
`RESTRICTED EXECUTION MODES
`
`BACKGROEND
`
`LO00E}
`
`Many types of devices, such as mobile phones,
`
`tablet devices, and other
`
`computing, communication, and entertainment devices increasingly offer more functions,
`
`applications, and features which are beneficial to a user, and can enhance one’s personal
`
`time as well as work and social activities. For example, nol only can a mobile phone be
`
`used for text, emad, and voice communications, but may alse be used for entertaiament,
`
`such as to Hsten to music, surf the Internet, watch video content, gaming, and for photo
`
`and video imaging. Similarly, a pertable tablet device may be utilized for email, browser,
`
`navigation, and other computing applications, as well as for the various entertainment and
`
`phote features.
`
`In addition to the many camputing, communication, and entertainment
`
`applications that are available to a user of a mobile phone or tablet device, a scemingly
`
`animited number of third-party applications and features are alsa available for download
`
`toa device.
`
`[8602]
`
`-arenis of younger children that do nat yet have their own mobile phones
`
`often find that a child wants to "play" with their phone to play games, take pictures, Heten
`
`io music, and other activities. Typically, a parent may pass bis or her phone to a young
`
`child in the back seat of the car while driving ta keep the child entertained. The parent
`
`may nol know then what features and applications the childe access on the device. such as
`
`a Web browser or unintentionally accessing an email apphcation, or which device settings
`
`may have been changed, such as audia settings, alarm setiings, calendar notices, and the
`
`Rke.
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`SUMMARY
`
`0003}
`
`‘fius Summary introduces features and simpfified concepts of restricted
`
`execution modes, which are further described belowin the Detailed Description andor
`
`shown in the Figures. This Summary should not be considered to describe essential
`
`features of the claimed sabject rnatter, nor used to determine or limit the scope ofthe
`
`claimed subject matter.
`
`[RO0}
`
`Resiricled execution modes is described.
`
`In embodiments, a mebile device
`
`can display a device Jack screen on an integrated display device, and transttten froma the
`
`device lock screen to display a shared space user
`
`interface of a shared space.
`
`The
`
`transition to display the shared space user interface happens without receiving a PON code
`
`or other muhentication credential entered on the device lock screen. The mobile device
`
`implements a resiricted execution service that
`
`is implemented to activate a resiricted
`
`execution made of the mobile device, and restrict access of a device appheation to device
`
`content while the restricted execution mode is activated. The resiricted execution service
`
`ean afso allow a shared device application that is included ithe shared space access to ihe
`
`device content while the restricted execution made is activated.
`
`10003}
`
`in embodiments, the restricted execution service restricts device application
`
`access to the device content via the shared device application while the restricted
`
`execution made is activated when the device application calls the shared device
`
`application with a request for the device content. Alternatively,
`
`the restricted execution
`
`service can allow the device application access ta the device content via the shared device
`
`application while the restricted execution mode is activated based on a request token that
`
`the device application mehides in a task call to the shared device application for the device
`
`content. The request icken mdicates that the device application is permilied to access the
`
`device content via the shared device apphtcation in the shared space.
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`fOQ08]
`
`in embodiments, a device application may be implemented or designed so
`
`that a user can destonaic to allow the device application access to te device content if the
`
`device application is
`
`included in the shared space as a shared device application.
`
`Alternatively, a device application may be designed as not to be allowed access to the
`
`device content even ifthe device application is included in the shared space. Additionally,
`
`this type ofa device application may also be implemented as not even being eligible for
`
`aser-dlesignation to be included in the shared space. A device application that is mehided
`
`it the shared space can initiate a task call to access the device content. However, the
`
`restricted execution service restricts access to the device content based on one or more of
`
`the device application tasks betng designated as restricted while the restricted execution
`
`mode is activated. The restricted execution service can also restrict the device application
`
`from a file system of the mobile device while the restricted execution mode is activated,
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`G0073
`
`Embodiments of restricted execution modes are deserthed with reference to
`
`the following Figures. The same numbers may be used throughout to reference like
`
`features and components that are shown in the Figures:
`
`FIG.
`
`iillustraies an example of restricted execution modes.
`
`FIG. 2 illustrates an example systems in which embodiments of restricted
`
`execvation mades can be mmplemented.
`
`FIG.
`
`3 difustrates example method(s) of restricted execution modes in
`
`accordance with one or more embodiments.
`
`FIG. 4 illustrates example method(s) of restricted execution modes im
`
`accordance with one or more embadiments.
`
`hae
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`FIG.
`
`S&
`
`iustrates example methodi(s) of restricted execution modes in
`
`accordance with one or more embodiments.
`
`FlG. 6 illustrates an example system in which embodiments ofprivate
`
`interaction hubs can be implemented.
`
`FIG. 7 illustrates an example system im which embodiments ofrestricted
`
`execution modes and/or family coordination can be implemented.
`
`FIG. § illustrates variows client device services and features in accordance
`
`with one or more embodiments.
`
`FIG. 9 ilhistrates examples of a family hub maccordance with one or more
`
`embodiments.
`
`FIG,
`
`10 ihustrales an example system with an exemple device that can
`
`implement embodiments of resincted execution mades.
`
`DETAILED DESCRIPTION
`
`GG0R}
`
`Embodiments ofrestricted execution modes are described and provide a
`
`restricted execution service that can be implemented as a cHent device service or
`
`application, such as io a mmelile phone, portable tablet device, or other type of computing
`
`ander commanication device. Restricted execution modes enable implementation of a
`
`shared space on a device where a user owner can inchide device applications that a guest
`
`er child can access without requiring a password, and the device applications will be
`
`programmatically prevented from being able to access other pnvate device canfent on the
`
`device.
`
`[0009]
`
`There may be situations when a user owner of a device may want to have
`
`access fo same content or applications on their mobile phone without unlocking the phone
`
`with a PIN cede or other authentication credential. Restricted execution modes enable the
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`user owner to make seme experiences available without passworl access, and without
`
`compromising the security of sensitive personal or corporate data.
`
`In implementations,
`
`restricted execution modes allow applications to ran, but restricts access to sensitive data
`
`or
`
`experiences using
`
`several mechanisms,
`
`such as
`
`security capabilities,
`
`blocked
`
`navigation, and application origin.
`
`[fan application has a particular security capability, a
`
`runtime check is made centrally when the application attempts to access a protected
`
`resource, and if the application is running m a restricted execution zone,
`
`am error is
`
`returned that can be handled by the application. When a device is mining mn a restricted
`
`execution miode, a device application may be referred to as
`
`romsing in a restricted
`
`execution "zone".
`
`FOO}
`
`For
`
`the blocked navigation secumly capability, applications often lake
`
`advaniage of built ip tasks to complete user actions Eke sending an email. makiag a phone
`
`eall, ete. When the restricted execulion mode is activated on a device, the origination ofa
`
`device application task at min-tume is what is considered to determine whether the device
`
`application, and more specifically, whether the task will be alowed. An apphication lask,
`
`which is generally syoonymous to an applicalion programming interface {or APY) call,
`
`may mctude aspects of a data access APT call, but it also inchides a request to initiate a
`
`particular action or actions different than data access, and ihe task request may mecorporalte
`
`pictadata associated with the action of the requested task. The level of functionality is
`
`provided ona task-by-fask basis to defermine whether the action or acUons of a requested
`
`task will be available in the restricied execution mode during run-iime origination of a task
`
`request. A device application can be executed by the device, but only some functions of
`
`the device application will execute when the restricied execution mode is activated on the
`
`device,
`
`ha
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`[OOLR
`
`Examipies of restricting the functionality of a device appheation may
`
`include not permitting the device application to be launched altogether or Timiling the
`
`device application to calling only a restricted subset of API calls that is narrawerthan the
`
`normal set of APE calls available to the application when the mobile device is running in
`
`sormal user mode. Restricting access to device content also may include disallawing
`
`certam APE calls that previce access to particular sets of data or content.
`
`In many
`
`examples,
`
`restricting fimetionality or access docs not
`
`inclade analyzing or changing
`
`Access Control Lists (ACLs), Access Control Entries (ACEs), or semdar file-system
`
`access control metadata maintained by a Ble system. For example, a device application
`
`can be resiricted from access to device content while a resiricted execution made is
`
`activaled on a device.
`
`[0042]
`
`When running in a restricted execution zone, all application requested
`
`vlavigalions are screened and only those allowed by the systern can contunie, Others fas
`
`ina backwards compatible way so that legacy applications de not need to be updated to
`
`run in the restricied execution zone. For the applicalion origin security capalhty, ony
`
`applications that originate and/or have been downloaded from a first-party provider can
`
`Tun feg@, execute) in a resincted execution miode. This emmires that applications which
`
`have not been security checked, and may access sensitive and/or private data on a device,
`
`do net min without the user unlocking the device first.
`
`ODE3}
`
`While
`
`features
`
`and concepts of restricted execution mades can be
`
`gaplemented i any samber of different devices,
`
`sysicms,
`
`environments,
`
`and/or
`
`configurations, embodiments of restricted execution modes are deserthed in the context of
`
`the folowing example devices, systems, and methods.
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`FOOL
`
`FIG.
`
`|
`
`iltustrates an example of user interfaces af a restricted execution
`
`mode, An cxample mobile device 100 may be any one or combination of a mobile phone,
`
`tablet device, computing device, communication,
`
`entertainment, gaming, navigation,
`
`andor other type of portable electronic device. A shared space can be implemented for
`
`user access fo functionality of device applications without a password, as well as for
`
`access to any applications,
`
`fimetions, and features of the mobile device
`
`100 that are
`
`designated by the user in the shared space.
`
`[OdSY
`
`The example mobile device 100 imeiades an integrated display device 102
`
`on which user interfaces can be displayed, such as a device lock sereen 104 that indicates
`
`the device is locked at 106. For example, a user owner of the mobile device may set-up
`
`the device to lock when not in use se that someone else cannot access the fall functionality
`
`of applications, such as email and text, andor have access fo the Internet via a browser
`
`apphcation without providing authentication credentials such as a personal
`
`identification
`
`number (PON), login, or other authentication credential,
`
`FOOT
`
`The user owner of the mobile device 10 can alow another person to use
`
`the phone, and band the phone over without haying to unlock the device fram the device
`
`fock screen H4 by entering a PIN or other credential, As shown in the example 108, a
`
`person that has borrowed the phone can swipe the device lock screen with a gesture mput
`
`
`to access a shared space user interface 11G, which is illustrated at 112 when displayed on
`
`the display device, and which
`
`provides access to a limited subset of application
`
`finctionality. The borrawer duos not enter a PON or other credential
`
`to aceess the shared
`
`space user interface.
`
`In implementations,
`
`the gesture input may be any type of user and/or
`
`gesture Input in any direction on the integrated display device 102 of the mobile device,
`
`Altermatevely or in addition, any type of device, button, and/or gesture inputs may be
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`utilized effective to transition from the device lock screen [04 to the shared space user
`
`interface 120.
`
`[ORF]
`
`Fla.
`
`2 diustrates
`
`an example system 200 in which embodiments of
`
`restricted execution modes can be tmplernented, The example system includes the mobile
`
`device 160 as described with reference to FIG. 1, with the integrated display device 102 on
`
`which a user mterface can be displayed, such as the shared space user interlace 110 that is
`
`representative of a shared space on the device. Additionally,
`
`the mobile device can be
`
`moplemented with various components,
`
`such as a processor and/or memory system, as
`
`well as any number and combimation of differing components as further deseribed with
`
`reference to the example device shown in FIG.
`
`i@ to buplement embodiments ofrestricted
`
`execution modes.
`
`FOOT S|
`
`The mobile device 100 includes a cesteicted execution service 202 thal can
`
`be umplemented as
`
`a sofware application feg.
`
`execatable structions)
`
`stored on
`
`compuler-teadable storage media, such as any suitable memory device or electronic data
`
`storage. Additionally,
`
`the restricted execution service 202 can be executed with a
`
`processing systemat the mobile device to implement embodiments of restricted execution
`
`modes as desertbed herein. The restricted execution service 202 may be unplemented as
`
`an independent device application that
`
`is executable on the device to mierface with the
`
`puny applications, features, and functions of the device.
`
`[OOES}
`
`‘Phe example system 200 may also melude a cloud storage and service 206
`
`that can inchide any type of clond-based feg, network-based} data services 208 used to
`
`store or maintain accessible data 2710 ¢@g.. data accessible by device applications on the
`
`mobile device 100) Amy ofthe devices and services (c.g., implemented as server devices}
`
`deseribed herein can communicate via a network 212, which can be implemented to
`
`include a wired and‘or a wireless network. The network can also be implemented using
`
`ioe)
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`any type of network topology and/or cemmunication protocal, and can be represented or
`
`otherwise implemented as a combination of (wo or more networks, to inchide IP-based
`
`networks and/or the Internet. The network mayalsa include mobile aperator netwarks that
`
`are managed by a mobile network operator and/ar other network operators, such as a
`
`communication services provider, mobile phone provider, and‘or Internet service provider.
`
`Altematively or in addition, peer-to-peer communication techniques may be utilized, such
`
`as multiple devices connected using a peer-to-peer communication network.
`
`fod2ny
`
`The restricted execution service 262 is implemented (a manage arestricted
`
`execution mode 214 of a shared space 216, such as to limit andfar restrict device
`
`applications 218 and shared device applications 220 that are inchided in the shared space
`
`216 that is accessible without a PYN or suthentication credential, The device applications
`
`218 can include any type of software applications, and the functions and features thereat
`
`that run on the device, such as for user interaction with messaging, gaming, media
`
`playback, document viewing, and communication applicaGens. The device applications
`
`mayalso include system-level components that users of a device generally do not access
`
`or atilize, but that typically ran im the background while the device is operational. The
`
`shared device applications can inchide any subset of the device applications, and are
`
`designated as a shared device application when included in the shared space 216 for
`
`limited andor restricted fumetionality when a restricted execution mode 214 is activated
`
`on the device,
`
`10028
`
`A user owner of the mobile device 100 can choose the device applications
`
`and features, and‘or device content that can be included in the shared space and accessed
`
`by a child or guest winle the restricted execution mode is activated. Further, a device
`
`application may be alloweda restnected level of fenetionality while ranning im the shared
`
`space (ie.
`
`the appheation may be executed), yet generally cannot access device content
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`222 that is restricted trem access, such as conlacts, email, and calendar databases, as well
`
`as limited access to the deviee file system.
`
`(0022}
`
`‘The content databases, device file system, Internet access, and other device
`
`content and features can be protected from device application access when the restricted
`
`execution mode is activated.
`
`For example, a device application that can access the
`
`internet, ernail, contacts, etc. when a device is unlocked and operating ima normal user
`
`mode will be automatically restricted when the resincted execution mode is activated,
`
`such as tithe device application has been added to the shared space and is allowed hmitec
`
`functionality in ihe shared space. As an example. a digital camera application that has
`
`been added to ihe shared space may allow a user to take and view new ohotes, bul
`
`previous photes wil be restricted from viewing the restricted execation mode is activated
`
`on the device.
`
`1002.3}
`
`The shared space user interface 110 of the shared space is customizable by
`
`the user owner of the device. For example, the uscr owner can add applications, such as
`
`games and music applicalions, to the shared space so thal the appheations are recognized
`
`and can be launched in the shared space, perhaps with limited functionality. However
`
`applications that are not recognized in the shared space cannot be launched m the shared
`
`space. For example, ifa game application that is pymned or recognized in the shared space
`
`attempts to itself launch a browser application feg., as part of the game's execution), the
`
`restricted execution service 202 will check if the browser application is pinned and
`
`recognized in the shared space.
`
`Ifthe browser application is nol recognized in the shared
`
`space,
`
`then the restricted exceulion service will
`
`fail to launch the application, or if the
`
`browser application is recognized,
`
`then the browser application can be launched in the
`
`shared space by the game application.
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`FGO24
`
`As described with reference ta PIG.
`
`1. an japet can be received, such as a
`
`gesture input or device selectable control
`
`input, and the restricted execution service 207
`
`inviates a transition from displaying the device lovk screen 104 to display the shared space
`
`user
`
`interface
`
`110 of the shared space 216 without recering a PIN cade or other
`
`authentication credential entered an the device lock screen.
`
`The restricted execution
`
`service 202 is implemented to manage the shared space 216 when the restricted excention
`
`mode 214 is activated. The restricted execution service 202 can activate the restricted
`
`execution made 214 ofthe mohile device 160, and resinct access of a device application
`
`218 to the device content 222,
`
`to a file system of the mobile device, andor to fnmit the
`
`application to a limited set of Functionality or tasks while the restricted execution mode is
`
`activated,
`
`fu0z 5}
`
`The shared space 216 can melude « shared device application 220, and the
`
`restricted exceution service 202 can allowthe shared device application access fo the
`
`deyice content 222 while the restricted execution mode 214 is acttvaied. The restricted
`
`execution service 202 can determine whether a device application 2 14 is naplemented or
`
`designed so that a user can designate te allow the device application access to the device
`
`cortent
`
`if the device application is included in the shared space 216 as a shared device
`
`application. Alternatively, a device application may be designed as not to be allowed
`
`access to the device content ever if the device application is meluded in the shared space.
`
`Additionally,
`
`this type of a device application may also be implemented as not even being
`
`cligible for user-designation to be included in the shared space.
`
`FGG264
`
`ta restricted modes,
`
`a configuration of a device application may be
`
`designed or programmed to indicate whether the device application is ever te be allowed
`
`to run fee, execute} im a restricted mode,
`
`irrespective of user choice. For example, a
`
`confidential corporate applicatien or another apphcation downloaded from a third-party
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`application slore that may access privale corporale data can be configured to never be
`
`allowed fo run fe, execute} in any restricted mode, even if a user would Uke it to do so.
`
`A configuration of some device applications may be user-controlled to indicate whether
`
`the device application is to be allowed to run in a particular restricted mode, such as
`
`allowing a subset of games or applications im a kid zone restricted mode, or allowing a
`
`subset of camera lens applications te run when the phone is locked.
`
`(00273
`
`‘The restricled execution service 202 can also be implemented to validate
`
`whether or sol a given device application can be navigated to regardless of the reason for
`
`the navigation request,
`
`taking inte accouni
`
`the current
`
`restricted mode and the targei
`
`application's system and user configuration. Addittenally, a separate navigation stack can
`
`be maintained for a normal mode user experience and for the current restricted execution
`
`mode. The restricted execution service 207 is also implemented to allowor disatlow
`
`migration of applications fromthe normal mode stack to the restricted mode slack or vice-
`
`versa based on scenario needs, and ta determine when to close applteations on each stack
`
`based on available resources and transitions mto and oul of arestrcted mode.
`
`[0028]
`
`A device application 218 may initiate a task call
`
`to a shared device
`
`application 220 with a request for the device content 222, and the restricted execution
`
`service 202 can restrict the device application access to the device content via the shared
`
`device application while the restricted execution mode 214 is activated. The device
`
`application may also initiate a lask calf to the operating system: 704 to request device
`
`content access, and the restricted execution service can restrict fe access to the device
`
`content based on one or more device application tasks being designated as restricted while
`
`ihe restricted execulion mode is activated.
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`fod294
`
`Alternatively,
`
`the device appHeatinn 218 can miliate a task call
`
`to the
`
`shared device application 220 with a request for the device content 222, and the request
`
`includes a request
`
`loken that mdicates the device application is permitied to access the
`
`device content via the shared device application m the shared space 216. The restricted
`
`execuuon service 202 can then allow the device application access to the device content
`
`via the shared device application based on the request token while the restricted execution
`
`mode is activated. The restricted execution service can also deactivate the restricted
`
`execniion mode 214 responsive to a PIN code or anthenticatien credential entered on the
`
`device lock screen, and return to a normal aser mode of the mobile device in which the
`
`device application 2 18 has unrestricted aceess to the device content 222.
`
`fG030f
`
`The restricted execution service 200 maplements a mechantamto indicate in
`
`which restricied modes a device application can rua (eg,
`
`execute) based on a task
`
`information Geld of a device application task.
`
`The lask information field indicates
`
`whether a spectfic task can be alowed to execute im a shared space when the restricted
`
`execution mode is activated. This newfield will be a bit mask, which a navigation server
`
`will use to compare to the navigation filter mask that MobileOl will give te it when a
`
`restricled mode is entered. Yhese are marked per task instead of by application because
`
`some first-party device applications have tasks that can be allowed te fimetion in a child
`
`share space fee, Kid's Corner}, but not all of the application finctionality is allowed
`
`while a restricted execution mode is activated on a devices.
`
`ff a deviee application is
`
`allowed to run im a shared space, the restricted execution service can trace an APTtask call
`
`through the applicauion layer from an origiator feg., device application) that initiates the
`
`task call based on a token that is passed along to a care system component that would not
`
`otherwise be able to determine whether the task call was originated from a device
`
`

`

`WO 1013/096049
`
`POCPBSIOLIANSS7
`
`application running im the shared space. [he token can be utilized to delermine if the task
`
`call is protected from a restricted execution mode.
`
`O03 1}
`
`Example methods 300, 400, and 500 are described with reference to
`
`respeciive FIGs. 3-3 m accordance with one or more embodiments of restricted execution
`
`modes. Generally, any of the services, components, modules, methods, and operations
`
`described herem can be mmplemented using software, firmware, hardware fe.g., fred logic
`
`circuitry), manual processimg, or any combination thereof. Example methods may be
`
`described in the general context of execatable tnstnictions stored on computer-readable
`
`storage media that
`
`is
`
`fecal and‘or
`
`remote to a computer processing system, and
`
`anplementations can include software applications, programs, functions, and the like.
`
`(032)
`
`FIG. 3 illustrates example method(s) 300 of restricted execution modes.
`
`The order in which the meihod is desorbed is noi intended to be construed as a limitation.
`
`and any number or combination of the method operations can be combined m anyorder to
`
`unplement a method, or an alternate method.
`
`f0033}
`
`Ai 302, a device lock screen is displayed on an iniegrated display device of
`
`a mobile device. For example, the mobde device 100 (FIG.
`
`1) displays a device tock
`
`screen 104 on the integrated display device 102 of the mobile device. At 304, the display
`
`is transitioned from the device lock screen to display a shared space user interface of a
`
`shared space without a PIN code or other authentication credential entered on the device
`
`fock screen. For example, an input system of the mobile device 100 receives an imput,
`
`sach as a gesture input or device selectable control
`
`Input, and the input is effective to
`
`gransition ftor displaying the deviee lock screen 104 to display the shared space user
`
`interface 110 of a shared