Secure mobile wireless device
First Claim
Patent Images
1. An apparatus comprising at least one processor and a memory storing installed native executable code, the apparatus further comprising:
- a plurality of protected resources stored on said apparatus;
a plurality of servers; and
a trusted computing base having a kernel;
whereinaccess to each said protected resource is provided by a corresponding server;
the native executable code is assigned a set of capabilities which define the protected resource(s) on the apparatus which the native executable code can access;
said corresponding servers are configured, with the at least one processor, to police access to said protected resource(s) on the basis of the capabilities assigned to the native executable code;
the capabilities are stored in a location in the memory that is only accessible to the trusted computing base, wherein prior to install time, the executable code already contains the capabilities it has been granted, and wherein a loader is configured to refuse to load executables not permanently stored in the location in the memory which is only accessible to the trusted computing base; and
the kernel is configured, for each client-server communication, to pass the client capabilities to said servers.
3 Assignments
0 Petitions
Accused Products
Abstract
A secure mobile wireless device in which executable code to be installed on the device is assigned a set of capabilities which define the protected resource(s) on the device which it can access. Hence, the present invention takes the idea of capabilities (known in the context of defining the capabilities or access privileges of different users in a multi-user system) and applies it to defining the capabilities or access privileges of different native executable code for secure, single-user mobile wireless devices.
48 Citations
18 Claims
-
1. An apparatus comprising at least one processor and a memory storing installed native executable code, the apparatus further comprising:
-
a plurality of protected resources stored on said apparatus; a plurality of servers; and a trusted computing base having a kernel;
whereinaccess to each said protected resource is provided by a corresponding server; the native executable code is assigned a set of capabilities which define the protected resource(s) on the apparatus which the native executable code can access; said corresponding servers are configured, with the at least one processor, to police access to said protected resource(s) on the basis of the capabilities assigned to the native executable code; the capabilities are stored in a location in the memory that is only accessible to the trusted computing base, wherein prior to install time, the executable code already contains the capabilities it has been granted, and wherein a loader is configured to refuse to load executables not permanently stored in the location in the memory which is only accessible to the trusted computing base; and the kernel is configured, for each client-server communication, to pass the client capabilities to said servers. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
providing access to each of a plurality of protected resources stored on a device by a corresponding server, the corresponding server being one of a plurality of servers of the device; assigning native executable code a set of capabilities which define the protected resource(s) on the device which the native executable code can access; causing storage of the capabilities in a location that is only accessible to a trusted computing base having a kernel, wherein prior to install time, the executable code already contains the capabilities it has been granted, and wherein a loader is configured to refuse to load executables not permanently stored in the location which is only accessible to the trusted computing base; and policing, by a processor, access to said protected resources at said corresponding servers on the basis of the capabilities assigned to the native executable code; wherein for each client-server communication, the kernel passes the client capabilities to said server. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
Specification