Operating system integrated domain management

US 10,469,472 B2
Filed: 08/11/2014
Issued: 11/05/2019
Est. Priority Date: 08/12/2013
Status: Active Grant

First Claim

Patent Images

1. A method performed by a processor of a computing device to provide a plurality of secure domains in an operating system of the computing device, the method comprising:

(a) for each secure domain;

(a1) associating resources of the secure domain with a unique domain identifier, the resources comprising at least one data file or at least one application; and

(a2) storing a policy in association with the unique domain identifier, the policy comprising a rule set for controlling access to the resources;

(b) receiving a selection of one of the plurality of secure domains as a current domain, wherein the plurality of secure domains comprises a target domain different from the current domain; and

(c) controlling access by a process to the target domain resources based on the policy associated with the current domain and the policy associated with the target domain, wherein the process is associated with the current domain,wherein (c) is performed at least in part by a first service operating within a kernel of the operating system and at least in part by a second service operating in a middleware of the operating system outside of the kernel, andwherein (a) and (b) are performed by further services operating in the middleware of the operating system outside of the kernel.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing device operating system providing a plurality of secure domains. A domain manager selectively creates a plurality of secure domains, and one of the secure domains is selected as a current domain. A domain policy service stores and enforces, for each secure domain, a policy comprising a rule set controlling access to files and applications associated with the domain. A package manager enforces, for each secure domain, installation of the applications associated with the domain. A domain message service provides communication between running processes associated with different ones of the secure domains. An activity manager selectively switches the current domain. Domain isolation is achieved while enabling a unified user interface providing concurrent access to the resources of multiple domains.

Citations

16 Claims

1. A method performed by a processor of a computing device to provide a plurality of secure domains in an operating system of the computing device, the method comprising:
- (a) for each secure domain;
  
  (a1) associating resources of the secure domain with a unique domain identifier, the resources comprising at least one data file or at least one application; and
  
  (a2) storing a policy in association with the unique domain identifier, the policy comprising a rule set for controlling access to the resources;
  
  (b) receiving a selection of one of the plurality of secure domains as a current domain, wherein the plurality of secure domains comprises a target domain different from the current domain; and
  
  (c) controlling access by a process to the target domain resources based on the policy associated with the current domain and the policy associated with the target domain, wherein the process is associated with the current domain,wherein (c) is performed at least in part by a first service operating within a kernel of the operating system and at least in part by a second service operating in a middleware of the operating system outside of the kernel, andwherein (a) and (b) are performed by further services operating in the middleware of the operating system outside of the kernel.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method according to claim 1 further comprising executing at least one yet further service of the operating system at least partly outside of a kernel of the operating system to perform at least one of (a), (b), and (c).
  - 3. The method according to claim 1, wherein the operating system implements a plurality of user accounts, and wherein the current domain and the target domain are commonly associated with one of the user accounts.
  - 4. The method according to claim 1, wherein the process is associated with an execution context identifier based on the unique domain identifier of the current domain, and wherein (c) comprises controlling access by the process to the target domain resources based on the execution context identifier.
  - 5. The method according to claim 4, wherein the resources of the current domain comprise the at least one application, and wherein the execution context identifier is based on the unique domain identifier of the current domain and a unique application identifier associated with the at least one application executed to generate the process.
  - 6. The method according to claim 5, where the operating system is an Android operating system, the unique application identifier is a Unix-type user identifier (UID) assigned to the application on installation, the execution context identifier comprises the UID of the application, and the unique domain identifier is contained in reserved bits of the UID.
  - 7. The method according to claim 1, wherein the operating system provides a user interface providing concurrent access to the resources of the current domain resources and the resources of the target domain.
  - 8. The method according to claim 7, wherein the resources of target domain comprise the at least one application associated with the target domain, and wherein the user interface provides means for executing the at least one application.
  - 9. The method according to claim 8, wherein the user interface implements an icon associated with the at least one application of the target domain, wherein the icon comprises an overlay signifying the association of the at least one application with the target domain.
  - 10. The method according to claim 7, wherein the resources of the target domain further comprise a received message associated with the target domain, and wherein the user interface provides means for opening the message.
  - 11. The method according to claim 1, wherein (a1) comprises storing metadata associating the resources with the unique domain identifier of the secure domain.
  - 12. The method according to claim 1, wherein one of the secure domains is an externally-controlled domain, and wherein the policy associated with the externally-controlled domain is received from a remote domain management server via a network.
  - 13. The method according to claim 12, wherein the current domain is the externally-controlled domain, and wherein modification to at least a portion of the policy associated with the current domain is blocked except by the remote domain management server.
  - 14. The method according to claim 1, wherein the target domain resources comprise the at least one application comprising a first version of a common application, the policy associated with the current domain and the policy associated with the target domain block access to the first version of the common application.
  - 15. The method according to claim 14, wherein the current domain resources comprise the at least one application comprising a second version of the common application different from the first version of the common application.
  - 16. A tangible non-transitory computer-readable medium comprising instructions stored thereon that, when executed by a computer, perform the method of claim 1.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CIS Maxwell, LLC
Original Assignee
CIS Maxwell, LLC
Inventors
Main, Alexander James, Puderer, James Henry Allan
Primary Examiner(s)
Ullah, Sharif E

Application Number

US14/911,647
Publication Number

US 20160196432A1
Time in Patent Office

1,912 Days
Field of Search

726 1, 726 2, 726 21, 726 36, 713150, 713163, 713181, 380255, 380264, 380276
US Class Current
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/57   Certifying or maintaining t...

G06F 21/6218   to a system of files or obj...

G06F 2221/034   Test or assess a computer o...

G06F 2221/2105   Dual mode as a secondary as...

G06F 2221/2149   Restricted operating enviro...

G06F 8/61   Installation

G06F 9/4451   User profiles; Roaming

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

H04L 63/20   for managing network securi...

H04L 9/3271   using challenge-response

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/086   using security domains

Operating system integrated domain management

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Operating system integrated domain management

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links