Integration of Untrusted Applications and Frameworks with a Secure Operating System Environment

US 20140115646A1
Filed: 12/17/2012
Published: 04/24/2014
Est. Priority Date: 10/18/2012
Status: Active Grant

First Claim

Patent Images

1. An apparatus operable as a set top box, the apparatus having underlying hardware resources, comprising:

a set top box application to perform trusted media processing operations utilizing the underlying hardware resources;

a software framework;

a secure access interface configured to support communications between the set top box application and the software framework; and

at least one trusted software application, the application executable on the software framework.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A set top box or like device utilizing trusted applications in conjunction with an untrusted software framework. In one implementation, trusted or certified applications are received from a service provider for execution by a software framework of the device. Certification of a trusted application may entail, for example, verifying that the application is executable by the device in a manner consist with the industry standard certification process. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment and isolated in a Linux resource container. A secure access client/server interface may also be provided to support interactions between the software framework and trusted portions of the device. In further embodiments, both trusted applications and a set top box application utilized by the device to perform traditional set top box operations are implemented in at least one version of an Android or like framework.

Citations

20 Claims

1. An apparatus operable as a set top box, the apparatus having underlying hardware resources, comprising:
- a set top box application to perform trusted media processing operations utilizing the underlying hardware resources;
  
  a software framework;
  
  a secure access interface configured to support communications between the set top box application and the software framework; and
  
  at least one trusted software application, the application executable on the software framework.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The apparatus of claim 1, the secure access interface performing at least one operation selected from the group consisting of:
    - handle and pointer validation, non-pointer parameter validation, heap isolation, and resource release relating to unused resources.
  - 3. The apparatus of claim 1 further comprising a secure operating system environment, the secure access interface configured to support communications between the software framework and the secure operating system environment.
  - 4. The apparatus of claim 3, wherein the secure operating system environment comprises a Linux-based operating system kernel.
  - 5. The apparatus of claim 3, the secure access interface comprising a secure access server and secure access client, the secure access client incorporated in the software framework.
  - 6. The apparatus of claim 5, wherein communications between the secure access server and secure access client occur, at least in part, through inter-process communication calls.
  - 7. The apparatus of claim 1, wherein the untrusted software framework comprises at least one version of an Android framework.
  - 8. The apparatus of claim 1, wherein the media processing device is a set top box device, and wherein the at least one trusted software application is provided by a service operator.
  - 9. The apparatus of claim 1 certified in accordance with an industry standard certification process, the at least one trusted application certified to be executable by the apparatus in a manner consistent with the industry standard certification process.

10. A method used in a media processing device that includes a software framework, the method comprising:
- receiving a trusted application software for use by the media processing device;
  
  associating the trusted application software with the software framework, the software framework supporting execution of the trusted application software; and
  
  establishing a restricted operating system environment for execution of the software framework.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The method of claim 10, wherein the media processing device is a set top box device, and wherein the trusted application software is provided by a service operator.
  - 12. The method of claim 11, the set top box certified in accordance with an industry standard certification process, the trusted application software certified to be executable by the software framework in a manner consist with the industry standard certification process.
  - 13. The method of claim 10, the media processing device further including a set top box application, the method further comprising:
    - providing a secure access interface to regulate interactions between the set top box application and components of the software framework.
  - 14. The method of claim 10, the media processing device including a plurality of software frameworks, wherein associating the trusted application software with the software framework comprises selecting a compatible one of the plurality of software frameworks to support execution of the trusted application software.
  - 15. The method of claim 10, wherein the restricted operating system environment comprises a virtual machine container.
  - 16. The method of claim 12, wherein the software framework and trusted application software are based on at least one version of an Android framework.

17. A media processing device having hardware resources for performing media delivery operations, comprising:
- processing circuitry;
  
  a trusted software application;
  
  a software framework for execution of the trusted software application; and
  
  an operating system executed by the processing circuitry, the operating system configured to establish or support a privileged operating system environment and a restricted operating system environment, the software framework executed in the restricted operating system environment.
- View Dependent Claims (18, 19, 20)
- - 18. The media processing device of claim 17, further comprising:
    - a set top box application for performing secure media processing operations, the set top box application executed in the privileged operating system environment.
  - 19. The media processing device of claim 18, the trusted software application and the set top box application implemented in accordance with at least one version of an Android framework.
  - 20. The media processing device of claim 17 certified in accordance with an industry standard certification process, wherein the trusted software application is provided by a service operator.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Avago Technologies International Sales Pte Limited (Broadcom, Inc.)
Original Assignee
Broadcom Corporation (Broadcom, Inc.)
Inventors
Rajgopal, Narayan, Russo, Fabian, Miville, Xavier

Granted Patent

US 9,344,762 B2
Time in Patent Office

Days
Field of Search
US Class Current

725/110
CPC Class Codes

H04N 21/443   OS processes, e.g. booting ...

H04N 21/4433   Implementing client middlew...

H04N 21/4437   Implementing a Virtual Mach...

H04N 21/4622   Retrieving content or addit...

H04N 21/4627   Rights management associate...

Integration of Untrusted Applications and Frameworks with a Secure Operating System Environment

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Integration of Untrusted Applications and Frameworks with a Secure Operating System Environment

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links