Balancing public and personal security needs
First Claim
1. A computing device operated by a user of the computing device, said computing device comprising:
- a first partition accessible by the user in which only applications authorized by a digital signature verification using an application verification key and performed on the computing device can execute, wherein digital signatures verified by the application verification key are not generated on the computing device;
a second partition in which applications can execute without the authorization required for applications to execute in the first partition, wherein applications that execute in the second partition are accessible by an authorized external access entity and by the user, wherein the authorized external access entity is not the user and is not a module executing on the computing device;
coupled to the first and second partitions and executing on the computing device, a set of protection modules configured to protect data used by applications authorized to execute in the first partition and to prevent even the authorized external access entity from accessing protected data used by applications authorized to execute in the first partition, wherein protected data resides in device resources and a disk drive; and
coupled to the second partition, an access control module having access to an access verification key, wherein;
digitally signed requests to access the second partition are verified by the access control module using the access verification key; and
digital signatures verified using the access verification key are not generated on the computing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods for balancing public and personal security needs in a computing device (1). In an apparatus embodiment, the device (1) has two partitions: a first partition (310) in which only applications (312) authorized by a protected application approval entity can execute; and a second partition (205, 210) in which applications that execute are accessible by an authorized external access entity (500). Coupled to the partitions (310, 205, 210) are protection modules (215, 250, 290) configured to protect data used by applications (312) authorized to execute in the first partition (310), and to prevent even authorized external access entities (500) from accessing protected data used by applications (312) authorized to execute in the first partition (310).
-
Citations
11 Claims
-
1. A computing device operated by a user of the computing device, said computing device comprising:
-
a first partition accessible by the user in which only applications authorized by a digital signature verification using an application verification key and performed on the computing device can execute, wherein digital signatures verified by the application verification key are not generated on the computing device; a second partition in which applications can execute without the authorization required for applications to execute in the first partition, wherein applications that execute in the second partition are accessible by an authorized external access entity and by the user, wherein the authorized external access entity is not the user and is not a module executing on the computing device; coupled to the first and second partitions and executing on the computing device, a set of protection modules configured to protect data used by applications authorized to execute in the first partition and to prevent even the authorized external access entity from accessing protected data used by applications authorized to execute in the first partition, wherein protected data resides in device resources and a disk drive; and coupled to the second partition, an access control module having access to an access verification key, wherein; digitally signed requests to access the second partition are verified by the access control module using the access verification key; and digital signatures verified using the access verification key are not generated on the computing device. - View Dependent Claims (2, 3, 4)
-
-
5. A method for allowing authorized access to certain partitions of a computing device operated by a user of the computing device while protecting other partitions of the computing device, said method comprising the steps of:
-
an application authorization module validating approval for any applications executing in, and for protecting data in, a first partition of the computing device accessible by the user, wherein the application authorization module is not the user; verifying authorization to an external access entity to enable the authorized external access entity to access a second partition of the computing device, wherein the authorized external access entity is not the user and is not a module executing on the computing device, the user can also access the second partition, and applications can execute in the second partition without approval from the application authorization module; enabling said authorized external access entity to access data of applications executing in the second partition; and preventing even the authorized external access entity from accessing protected data used by applications executing in the first partition;
wherein;approval to execute an application in the first partition is performed by validating a digital signature, using an application verification key stored in said computing device; and digital signatures verified using the application verification key are not generated on the computing device. - View Dependent Claims (6, 7)
-
-
8. A computing device comprising:
-
a public cryptographic key; an unlocking component comprising two modules for unlocking the device;
a primary unlock module, and an authorized external unlock module in which the authorized external unlock module confirms a cryptographic verification with the public cryptographic key before authorizing an external unlock;a first partition in which only applications authorized by a cryptographic verification performed on the computing device can execute and store protected data, wherein applications are accessible after unlocking through the primary unlock module; a second partition in which applications can execute without the authorization required by the first partition, wherein applications are accessible after unlocking through either the primary unlock module or the authorized external unlock module; coupled to the first and second partitions, a resource protection module configured to prevent access to protected data of applications authorized to execute in the first partition conditioned upon the device having been unlocked using the authorized external unlock module, wherein protected data resides in device resources and a disk drive. - View Dependent Claims (9)
-
-
10. A method for allowing authorized access to certain partitions of a computing device operated by a user of the computing device while protecting other partitions of the computing device, said method comprising the steps of:
-
an application authorization module validating approval for any applications executing in, and for protecting data in, a first partition of the computing device accessible by the user, wherein the application authorization module is not the user; digitally signing, on a component that is not on the computing device, a request of an external access entity to access the computing device, wherein the external access entity is not the user and is not a module executing on the computing device; verifying on the computing device the digitally signed request of the external access entity to access the computing device; enabling the verified external access entity to access data of applications executing in a second partition of the computing device, wherein the user can also access the second partition and applications can execute in the second partition without approval from the application authorization module; preventing the authorized external access entity from accessing protected data used by applications executing in the first partition; and recording information contained in the verified external access entity request in a record that cannot be deleted or modified by the external access entity;
wherein;approval to execute an application in the first partition is performed by validating a digital signature, using an application verification key stored in said computing device; and digital signatures verified using the application verification key are not generated on the computing device. - View Dependent Claims (11)
-
Specification