SECURITY ENGINE FOR A SECURE OPERATING ENVIRONMENT

US 20140331279A1
Filed: 05/05/2014
Published: 11/06/2014
Est. Priority Date: 05/03/2013
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

executing, by a mobile computing device, a secure operating environment on the mobile computing device, wherein the secure operating environment executes on the mobile computing device independently of a host operating environment of the mobile computing device;

receiving, by the secure operating environment, a request for a security service, the request received from an application executing in the secure operating environment;

determining, by the secure operating environment, a security capability of the mobile computing device to provide the security service, wherein the security capability of the mobile device includes a security capability provided by the host operating environment;

determining, by the secure operating environment, a security capability of the secure operating environment to provide the security service;

selecting, by the secure operating environment, a security capability to provide the security service, wherein the security capability is selected from one or both of the security capability of the mobile computing device or the security capability of the secure operating environment; and

providing, by the secure operating environment, the security service to the application, wherein the security service is provided based on the selected security capability.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device.

78 Citations

View as Search Results

27 Claims

1. A method comprising:
- executing, by a mobile computing device, a secure operating environment on the mobile computing device, wherein the secure operating environment executes on the mobile computing device independently of a host operating environment of the mobile computing device;
  
  receiving, by the secure operating environment, a request for a security service, the request received from an application executing in the secure operating environment;
  
  determining, by the secure operating environment, a security capability of the mobile computing device to provide the security service, wherein the security capability of the mobile device includes a security capability provided by the host operating environment;
  
  determining, by the secure operating environment, a security capability of the secure operating environment to provide the security service;
  
  selecting, by the secure operating environment, a security capability to provide the security service, wherein the security capability is selected from one or both of the security capability of the mobile computing device or the security capability of the secure operating environment; and
  
  providing, by the secure operating environment, the security service to the application, wherein the security service is provided based on the selected security capability.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the security capability provided by the host operating environment includes one or both of a security capability of a host operating system of the mobile computing device or a security capability of hardware in the mobile computing device.
  - 3. The method of claim 1 further comprising:
    - prior to selecting the security capability, determining whether privilege escalation has occurred on the mobile computing device; and
      
      wherein the security capability of the mobile computing device is not selected as the selected security capability when it is determined that privilege escalation has occurred on the mobile computing device.
  - 4. The method of claim 3 wherein privilege escalation occurs by jail-breaking or rooting of the mobile computing device.
  - 5. The method of claim 1 wherein the selected security capability is selected from the security capability of the secure operating environment upon determining that the host operating environment does not have a security capability to provide the security service.
  - 6. The method of claim 1 wherein the mobile computing device includes a memory device used by the secure operating environment to execute the application, and wherein the security service includes a scrubbing service to scrub the memory device used to execute the application.
  - 7. The method of claim 1 wherein the security service includes a memory management service, wherein the memory management service performs operations to manage fragmentation of memory used for the application, and wherein the fragmentation of the memory is managed to prevent unauthorized access to security information stored in the memory for the application.
  - 8. The method of claim 1 further comprising:
    - determining whether the security capability of the mobile computing device includes a capability for receiving input via a trusted security mechanism; and
      
      wherein the selected security capability is selected from the security capability of the secure operating environment upon determining that the security capability of the mobile computing device does not include a trusted security mechanism for receiving input.
  - 9. The method of claim 1 wherein the mobile computing device includes a first memory device used by the secure operating environment to execute the application, and wherein the mobile computing device includes a second memory device used by the mobile computing device to operate the host operating environment, and wherein the first memory device is different from the second memory device.

10. A mobile communication device comprising:
- one or more processors;
  
  one or more first memory devices coupled to the one or more processors, the one more first memory devices configured to be used by the one or more processors to execute a secure operating environment; and
  
  one or more second memory devices coupled to the one or more processors, the one or more second memory devices including instructions which when executed on the one or more processors, cause the one or more processor to;
  
  execute a host operating environment; and
  
  execute the secure operating environment, wherein upon execution of the secure operating environment, the secure operating environment performs a method comprising;
  
  executing an application in the secure operating environment;
  
  receiving, from the application, a request for a security service;
  
  determining a security capability of the mobile computing device to provide the security service, wherein the security capability of the mobile device includes a security capability provided by the host operating environment;
  
  determining a security capability of the secure operating environment to provide the security service;
  
  selecting a security capability to provide the security service, wherein the security capability is selected from one or both of the security capability of the mobile computing device and the security capability of the secure operating environment; and
  
  providing, to the application, the security service based on the selected security capability.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The mobile communication device of claim 10 wherein the security capability provided by the host operating environment includes a security capability provided by the host operating system and a security capability provided by hardware of the mobile communication device, and wherein the hardware includes the one or more processors and the one or more first memory devices and the one or more second memory devices.
  - 12. The mobile communication device of claim 10 wherein the selected security capability is selected from the security capability of the secure operating environment upon determining that the host operating environment does not have a security capability to provide the security service.
  - 13. The mobile communication device of claim 10, wherein the method further comprises:
    - prior to selecting the security capability, determining whether privilege escalation has occurred on the mobile communication device; and
      
      wherein the security capability of the mobile communication device is not selected as the selected security capability when it is determined that privilege escalation has occurred on the mobile communication device.
  - 14. The mobile communication device of claim 10, wherein the selected security capability is selected from the security capability of the secure operating environment upon determining that the host operating environment does not have a security capability to provide the security service.

15. A method comprising:
- executing, by a mobile computing device, a secure operating environment on the mobile computing device, wherein the secure operating environment executes on the mobile computing device independently of a host operating environment on the mobile computing device;
  
  executing, by the secure operating environment, an application in the secure operating environment;
  
  receiving, by the secure operating environment, from the application, a request for a security service to manage security of memory for the application;
  
  determining, by the secure operating environment, a security policy for managing security of the memory for the application;
  
  based on the security policy, selecting, by the secure operating environment, an action to perform for managing security of the memory; and
  
  performing, by the secure operating environment, the selected action.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24)
- - 16. The method of claim 15 wherein the security policy indicates a plurality of actions to implement trusted security for managing the memory, and wherein the trusted security is implemented for payment processing functions performed by the application.
  - 17. The method of claim 16 further comprising:
    - determining a level of security of information stored in the memory for the application; and
      
      based on the level of security, selecting the action from the plurality of actions.
  - 18. The method of claim 16 wherein the plurality of actions are performed upon completion of a function executed by the application, and wherein the plurality of actions include scrubbing the memory, isolating the memory, de-fragmenting the memory, de-allocating the memory, or a combination thereof.
  - 19. The method of claim 15 further comprising:
    - determining a security capability of the mobile computing device to provide the security service;
      
      determining a security capability of the secure operating environment to provide the security service; and
      
      wherein the action is selected based from one or both of the security capability of the mobile computing device or the security capability of the secure operating environment.
  - 20. The method of claim 15 further comprising:
    - detecting a change in a state of the memory; and
      
      wherein the selected action is performed upon detecting the change in the state of the memory.
  - 21. The method of claim 15 wherein the security policy includes a time period, and wherein the selected action is performed periodically based on the time period.
  - 22. The method of claim 15 further comprising:
    - detecting an event related to use of sensitive data stored in the memory for the application; and
      
      wherein the action is selected based on the security policy and in response to detecting the event.
  - 23. The method of claim 15 further comprising:
    - detecting a change in a state of the memory for the application;
      
      based on the security policy, selecting a security service to perform for the memory in response to the detected change;
      
      wherein the action is selected based on the selected security service and in response to the detected event.
  - 24. The method of claim 15, wherein the action for managing security of the memory includes a scrubbing the memory, performing memory de-fragmentation of the memory, performing memory isolation for the memory, or a combination thereof.

25. A mobile communication device comprising:
- one or more processors;
  
  one or more first memory devices coupled to the one or more processors, the one more first memory devices configured to be used by the one or more processors to execute a secure operating environment; and
  
  one or more second memory devices coupled to the one or more processors, the one or more second memory devices including instructions which when executed on the one or more processors, cause the one or more processor to;
  
  execute a host operating environment; and
  
  execute the secure operating environment, wherein upon execution of the secure operating environment, the secure operating environment performs a method comprising;
  
  executing an application in the secure operating environment;
  
  receiving, from the application, a request for a security service to manage security of memory for the application;
  
  determining a security policy for managing security of the memory for the application;
  
  based on the security policy, selecting an action to perform for managing security of the memory; and
  
  performing the selected action.
- View Dependent Claims (26, 27)
- - 26. The mobile communication device of claim 25, wherein the method further comprises:
    - detecting an event related to use of sensitive data stored in the memory for the application; and
      
      wherein the action is selected based on the security policy and in response to detecting the event.
  - 27. The mobile communication device of claim 25, wherein security information for the application is stored in the memory for the application, wherein the selected action is performed periodically based on a time period, and wherein the selected action includes modifying storage of the security information in the memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Selim Aissi
Inventors
Kgil, Taeho, AISSI, SELIM, Prakash, Gyan

Granted Patent

US 9,424,421 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/1
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 21/57   Certifying or maintaining t...

G06F 21/604   Tools and structures for ma...

G06F 21/6218   to a system of files or obj...

G06F 2221/2113   Multi-level security, e.g. ...

SECURITY ENGINE FOR A SECURE OPERATING ENVIRONMENT

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

78 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

SECURITY ENGINE FOR A SECURE OPERATING ENVIRONMENT

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

78 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links