Mobile security system and method
First Claim
Patent Images
1. A mobile device comprising:
- a plurality of components including a debug module, a secure file system, and a layered memory scheme;
plurality of modules including;
a memory protection module for protecting the layered memory scheme;
a secure debug module for ensuring security of the debug module;
a secure file system module for protecting the secure file system, the secure file system module including a mobile device-specific hardware key; and
an on-chip, non-volatile memory for storing the mobile device-specific hardware key;
a trusted time source module for protecting at least one component in the plurality of components; and
a security mode control module.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing a secure environment for mobile telephones and other devices are disclosed. The system and method may utilize trust zoning, layered memory, and a secure matrix model having, for example, a memory protection module for protecting memory; a secure debug module for ensuring security of the debug module; a secure file system module for protecting the secure file system; and a trusted time source module for protecting components. Embodiments of the present invention may protect against security attacks on a variety of hardware and software components while permitting suitable levels of accessibility for developmental and maintenance purposes.
96 Citations
5 Claims
-
1. A mobile device comprising:
- a plurality of components including a debug module, a secure file system, and a layered memory scheme;
plurality of modules including;a memory protection module for protecting the layered memory scheme; a secure debug module for ensuring security of the debug module; a secure file system module for protecting the secure file system, the secure file system module including a mobile device-specific hardware key; and
an on-chip, non-volatile memory for storing the mobile device-specific hardware key;a trusted time source module for protecting at least one component in the plurality of components; and a security mode control module.
- a plurality of components including a debug module, a secure file system, and a layered memory scheme;
-
2. A security method for a mobile device having components including layered memory, a debug module, and a secure file system, the method comprising:
-
correlating at least one trust zone to a portion of the layered memory;
protecting the layered memory via a memory protection module;
ensuring the security of the debug module via a secure debug module;
protecting the secure file system via a secure file system module, the protecting the secure file system via the secure file system module including storing a mobile device-specific hardware key in an on-chip, non-volatile memory;protecting the mobile device via a trusted time source module; and aggregating logic and signals for secure boot mode and secure debug mode via a security mode control module. - View Dependent Claims (3)
-
-
4. A security system for a mobile device having components including layered memory, a debug module, and a secure file system, the security system comprising:
-
means for correlating at least one trust zone to a portion of the layered memory; means for protecting the layered memory via a memory protection module; means for ensuring the security of the debug module via a secure debug module; means for protecting the secure file system via a secure file system module, the means for protecting the secure file system via the secure file system module including a mobile device-specific hardware key; and an on-chip, non-volatile memory for storing the mobile device-specific hardware key; means for protecting the mobile device via a trusted time source module; and means for aggregating logic and signals for secure boot mode and secure debug mode via a security mode control module. - View Dependent Claims (5)
-
Specification