SYSTEMS AND METHODS FOR ENHANCING MOBILE DEVICE SECURITY WITH A PROCESSOR TRUSTED ZONE

US 20140157355A1
Filed: 06/20/2013
Published: 06/05/2014
Est. Priority Date: 01/06/2012
Status: Abandoned Application

First Claim

Patent Images

1. A method for enhancing mobile device security, the method comprising:

providing a trusted zone of a processor; and

configuring at least one of the following in the trusted zone of a processor to facilitate enhanced mobile device security;

a specialized debugging interface;

a remote auditing tool;

an inter-process communication mechanism;

a secure daemon;

a package manager;

a virtual machine;

a configuration function;

a device management system;

a touch screen software; and

a geo-localization function.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and systems described herein relate to enhancing security on a mobile device. A method for enhancing mobile device security includes providing a trusted zone of a processor, and configuring various items in the trusted zone. Such items may include a specialized debugging interface; a remote auditing tool; an inter-process communication mechanism; a secure daemon; a package manager; a virtual machine, a configuration function, a device management system, touch screen management software, and a geo-localization function.

33 Citations

View as Search Results

21 Claims

1. A method for enhancing mobile device security, the method comprising:
- providing a trusted zone of a processor; and
  
  configuring at least one of the following in the trusted zone of a processor to facilitate enhanced mobile device security;
  
  a specialized debugging interface;
  
  a remote auditing tool;
  
  an inter-process communication mechanism;
  
  a secure daemon;
  
  a package manager;
  
  a virtual machine;
  
  a configuration function;
  
  a device management system;
  
  a touch screen software; and
  
  a geo-localization function.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, wherein at least one of file system components and USB I/O components of a specialized debugging interface are configured in the trusted zone of a processor.
  - 3. The method of claim 1, wherein a specialized debugging interface in the trusted zone is enabled to provide at least one mechanism to perform at least one of auditing, configuring and controlling of at least one of the processes, file systems, and applications.
  - 4. The method of claim 3, wherein a specialized debugging interface in the trusted zone is further enabled to provide the said at least one mechanism via USB, wireless or wired communication.
  - 5. The method of claim 1, wherein a remote auditing tool in the trusted zone is enabled to provide at least one mechanism to perform at least one of auditing, configuring and controlling of at least one of the processes, file systems, and applications.
  - 6. The method of claim 5, wherein the remote auditing tool is further enabled to provide the at least one mechanism via USB, wireless or wired communication.
  - 7. The method of claim 1, wherein the method further comprises auditing the integrity of the mobile device via a remote computer.
  - 8. The method of claim 1, wherein the method further comprises securely controlling at least one of the processing and configuration of the mobile device by a remote computer.
  - 9. The method of claim 1, wherein the method further comprises at least one of intercepting, inspecting, blocking, filtering, and adapting communications between user-space applications and services via inter-process communication mechanisms in the trusted zone.
  - 10. The method of claim 1, wherein the method further comprises at least one of installing, configuring, uninstalling, and responding to queries regarding application artifacts, configuration, and permissions by a package manager in the trusted zone.
  - 11. The method of claim 1, wherein the method further comprises at least one of installing, configuring, uninstalling, and responding to queries regarding application artifacts, configuration, and permissions by a package manager in the trusted zone.
  - 12. The method of claim 1, wherein configuring a virtual machine in the trusted zone comprises placing the virtual machine'"'"'s instruction dispatching, virtual dispatch tables, socket and I/O code, file system interaction code, class bytecode caches, symbol tables, and class loading mechanisms in the trusted zone of the processor.
  - 13. The method of claim 1, wherein configuring the configuration functions in the trusted zone comprises placing the I/O, reading, and interpretation of configuration data sources associated with the configuration functions in the trusted zone of the processor.
  - 14. The method of claim 1, wherein the device management system is enabled to control policies governing one or more of the usage and security of the mobile device
  - 15. The method of claim 1, wherein configuring the touch screen software in the trusted zone comprises placing one or more of the touch screen software event dispatching, shared memory reading/writing, inter-process communication dispatch, and intra-application dispatch code in the trusted zone of the processor.
  - 16. The method of claim 1, wherein the geo-localization function may be enabled to provide a proximity detection function.
  - 17. The method of claim 16, wherein the proximity detection function may be enabled to provide a proximity authentication function.

18. A system for enforcing security of a mobile device, comprising:
- a processor enabled to providea trusted zone enabled to execute a trusted application and a trusted inter-process communication bus, andan application zone enabled to execute an application and inter-process communication bus; and
  
  a hardware bus enabled to communicate with the inter-process communication bus and the trusted inter-process communication bus.
- View Dependent Claims (19, 20, 21)
- - 19. The system of claim 18, wherein the processor is a plurality of processors.
  - 20. The system of claim 18, wherein the application is a plurality of applications.
  - 21. The system of claim 18, wherein the trusted application is a plurality of trusted applications.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Optio Labs
Original Assignee
Optio Labs LLC
Inventors
Clancy, Thomas Charles III, White, Christopher Jules

Application Number

US13/922,673
Publication Number

US 20140157355A1
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/577   Assessing vulnerabilities a...

G06F 21/71   to assure secure computing ...

H04L 63/0227   Filtering policies mail mes...

H04W 12/08   Access security

H04W 12/086   using security domains

SYSTEMS AND METHODS FOR ENHANCING MOBILE DEVICE SECURITY WITH A PROCESSOR TRUSTED ZONE

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

33 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEMS AND METHODS FOR ENHANCING MOBILE DEVICE SECURITY WITH A PROCESSOR TRUSTED ZONE

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

33 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links