Integration of Untrusted Framework Components With a Secure Operating System Environment

US 20140115623A1
Filed: 12/14/2012
Published: 04/24/2014
Est. Priority Date: 10/18/2012
Status: Active Grant

First Claim

Patent Images

1. A media processing device having software and hardware resources for performing media delivery operations, comprising:

a secure operating system environment;

a software framework to support at least one application; and

a secure access interface configured to regulate communications between the secure operating system environment and the software framework, and to provide restricted access to at least a portion of the software and hardware resources for performing media delivery operations.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A set top box or like device incorporating an untrusted software framework as a client of a secure operating system kernel. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment having a secure kernel. The software framework can be executed using a variety of process isolation techniques depending on performance and isolation requirements. A secure access client/server interface may also be provided to support interactions between the untrusted software framework (and applications utilizing the untrusted software framework) and secure or trusted portions of the device. The secure access interface can be configured to perform operations such as handle validation, heap pointer validation, non-pointer parameter validation, heap isolation, and resource release relating to terminated processes. In further embodiments, a software framework aggregator is used to support a plurality of additional software frameworks for use in the set top box.

27 Citations

View as Search Results

20 Claims

1. A media processing device having software and hardware resources for performing media delivery operations, comprising:
- a secure operating system environment;
  
  a software framework to support at least one application; and
  
  a secure access interface configured to regulate communications between the secure operating system environment and the software framework, and to provide restricted access to at least a portion of the software and hardware resources for performing media delivery operations.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The media processing device of claim 1, the secure access interface configured to utilize process isolation for applications executed via the software framework.
  - 3. The media processing device of claim 1, the secure access interface performing at least one operation selected from the group consisting of:
    - handle validation, heap pointer validation, non-pointer parameter validation, heap isolation, and resource release relating to unused resources.
  - 4. The media processing device of claim 1, the secure access interface comprising a secure access server and secure access client, the secure access server incorporated in the secure operating system environment or executed as a secure kernel module, and the secure access client incorporated in the software framework.
  - 5. The media processing device of claim 4, wherein communications between the secure access server and secure access client occur, at least in part, through inter-process communication calls.
  - 6. The media processing device of claim 1, wherein the secure operating system environment comprises a Linux-based operating system kernel.
  - 7. The media processing device of claim 1, wherein the software framework comprises at least one version of an Android framework.
  - 8. The media processing device of claim 1 configured as a set top box device, the media processing device further comprising a set top box application executable in the secure operating system environment for performing media delivery operations, wherein communications between the set top box application and software framework occur, at least in part, via the secure access interface.
  - 9. The media processing device of claim 8, the secure operating system environment comprising a privileged operating system environment to perform secure media processing operations, the secure operating system environment further configured to establish a restricted operating system environment,the set top box application executed in the privileged operating system environment and the software framework executed in the restricted operating system environment.
  - 10. The media processing device of claim 1, further comprising:
    - a software framework aggregator to support a plurality of additional software frameworks, the secure access interface further configured to regulate communications between the secure operating system environment and the software framework aggregator.

11. A method used in a media delivery device having a secure operating system kernel and an untrusted software framework, comprising:
- establishing a privileged operating system environment to perform secure media processing operations supported by the secure operating system kernel;
  
  establishing a restricted operating system environment to support the untrusted software framework, the restricted operating system environment utilizing process isolation; and
  
  executing at least a portion of the untrusted software framework in the restricted operating system environment.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The method of claim 11, wherein the secure operating system kernel is a symmetric multiprocessing Linux-based operating system kernel.
  - 13. The method of claim 12, wherein the untrusted software framework comprises at least one version of an Android framework.
  - 14. The method of claim 11, further comprising:
    - providing a secure access interface to regulate interactions between the privileged operating system environment and components of the untrusted software framework.
  - 15. The method of claim 11, the media delivery device further having a set top box application, the secure media processing operations performed in the privileged operating system environment by the set top box application.
  - 16. The method of claim 11, the media delivery device having a first processing unit and a second processing unit, wherein the privileged operating system environment is executed on the first processing unit and the restricted operating system environment is executed on the second processing unit.

17. A media processing device comprising:
- processing circuitry;
  
  a software framework to support software applications; and
  
  an operating system executed by the processing circuitry, the operating system configured to establish at least one restricted operating system environment that utilizes process isolation, the software framework executed in the at least one restricted operating system environment.
- View Dependent Claims (18, 19, 20)
- - 18. The media processing device of claim 17, further comprising:
    - a set top box application for performing secure media processing operations,the operating system further configured to establish at least one privileged operating system environment for execution of the set top box application.
  - 19. The media processing device of claim 18, the software framework and the set box application implemented in accordance with at least one version of an Android framework.
  - 20. The media processing device of claim 18, further comprising a secure access interface to support interactions between the at least one privileged operating system environment and the at least one restricted operating system environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Kellerman, Marcus C., Erickson, David, Rajgopal, Narayan

Granted Patent

US 9,338,522 B2
Time in Patent Office

Days
Field of Search
US Class Current

725/25
CPC Class Codes

H04N 21/443   OS processes, e.g. booting ...

H04N 21/4437   Implementing a Virtual Mach...

H04N 21/835   Generation of protective da...

Integration of Untrusted Framework Components With a Secure Operating System Environment

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Integration of Untrusted Framework Components With a Secure Operating System Environment

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links