Mobile security system and method
First Claim
1. A security system for a communications device or network having at least one component, the system comprising:
- at least one trust zone correlating to an area of the at least one component, the trust zone determining accessibility by trusted entities and non-trusted entities to the area of the component of the communications device.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing a secure environment for mobile telephones and other devices are disclosed. The system and method may utilize trust zoning, layered memory, and a secure matrix model having, for example, a memory protection module for protecting memory; a secure debug module for ensuring security of the debug module; a secure file system module for protecting the secure file system; and a trusted time source module for protecting components. Embodiments of the present invention may protect against security attacks on a variety of hardware and software components while permitting suitable levels of accessibility for developmental and maintenance purposes.
-
Citations
49 Claims
-
1. A security system for a communications device or network having at least one component, the system comprising:
at least one trust zone correlating to an area of the at least one component, the trust zone determining accessibility by trusted entities and non-trusted entities to the area of the component of the communications device. - View Dependent Claims (2, 3, 4, 5)
-
6. A security system for a communications environment having a plurality of components, the system comprising:
a security matrix model having a plurality of modules, each module in the plurality of modules securing at least one component in the plurality of components. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
36. A security system for a communications device having a plurality of components including a debug module, a secure file system, and a layered memory scheme, the system comprising:
-
at least one trust zone correlating to the layered memory scheme, the trust zone determining accessibility by trusted entities and non-trusted entities to the area of the component of the communications device;
a security matrix model having a plurality of modules, each module in the plurality of modules securing at least one component in the plurality of components, the security matrix model having;
a memory protection module for protecting memory;
a secure debug module for ensuring security of the debug module;
a secure file system module for protecting the secure file system; and
a trusted time source module for protecting at least one component in the plurality of components; and
a security mode control module. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43)
-
-
44. A mobile telephone having a plurality of components including a debug module, a secure file system, and a layered memory scheme, the mobile telephone comprising:
-
at least one trust zone correlating to the layered memory scheme, the trust zone determining accessibility by trusted entities and non-trusted entities to the area of the component of the communications device;
a security matrix model having a plurality of modules, each module in the plurality of modules securing at least one component in the plurality of components, the security matrix model having;
a memory protection module for protecting memory;
a secure debug module for ensuring security of the debug module;
a secure file system module for protecting the secure file system; and
a trusted time source module for protecting at least one component in the plurality of components; and
a security mode control module.
-
-
45. A security method for a communications device having a plurality of components including a debug module, a secure file system, a secure boot mode, secure debug mode, and a layered memory scheme, the method comprising steps of:
-
a step for correlating at least one trust zone to the layered memory scheme, the trust zone determining accessibility by trusted entities and non-trusted entities to the area of at least one component in the plurality of components of the communications device;
a step for protecting memory via a memory protection module;
a step for ensuring security of the debug module via a secure debug module;
a step for protecting the secure file system via a secure file system module;
a step for protecting at least one component in the plurality of components via a trusted time source module; and
a step for aggregating logic and signals of the secure boot mode and secure debug mode security via a security mode control module.
-
-
46. A security method for a communications device having components including layered memory, a debug module, and a file system, the method comprising steps of:
-
correlating at least one trust zone to a portion of layered memory;
protecting memory via a memory protection module;
ensuring the security of the debug module via a secure debug module;
protecting the secure file system via a secure file system module;
protecting the communications device via a trusted time source module; and
aggregating logic and signals for secure boot mode and secure debug mode via a security mode control module.
-
-
48. A security system for a communications device having components including layered memory, a debug module, and a file system, the system comprising:
-
means for correlating at least one trust zone to a portion of layered memory;
means for protecting memory via a memory protection module;
means for ensuring the security of the debug module via a secure debug module;
means for protecting the secure file system via a secure file system module;
means for protecting the communications device via a trusted time source module; and
means for aggregating logic and signals for secure boot mode and secure debug mode via a security mode control module. - View Dependent Claims (47, 49)
-
Specification