Cross domain notification

US 8,270,963 B1
Filed: 10/01/2010
Issued: 09/18/2012
Est. Priority Date: 10/01/2010
Status: Active Grant

First Claim

Patent Images

1. A method for a mobile communication device to indicate activity across operating domains of the mobile communication device, the method comprising:

establishing a plurality of operating domains for the mobile communication device each operating as an independent virtual machine, wherein at least one of the operating domains is a high-side domain and at least another of the operating domains is a low-side domain;

establishing a plurality of isolated regions of memory within a memory of the mobile communication device;

assigning each of the plurality of operating domains to one of the plurality of isolated regions of memory;

implementing a communication control module within the mobile communication device to enforce communication restrictions between software associated with each of the operating domains and user interface hardware of the mobile communication device;

providing a trusted indicator on the mobile communication device for indicating activity in the high-side domain, the activity including at least one of an incoming call, an incoming text, or a new email, the trusted indicator configured to activate a user notification to indicate the activity, wherein the trusted indicator is under exclusive control of software associated with the high-side domain;

providing an input on the mobile communication device for switching from the low-side domain to the high-side domain, the input configured as an input only device that is activated by user input; and

providing a trusted element for the mobile communication device that is independent of either the high-side domain or the low-side domain, the trusted element configured to;

receive a signal from the input for switching from the low-side domain to the high-side domain; and

perform user authentication for switching from the low-side domain to the high-side domain, the user authentication including providing output authentication information from the trusted element to an output device of the mobile communication device and receiving input authentication information at the trusted element from an input device of the mobile communication device.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A commercial off-the-shelf smartphone is adapted, through software modifications only, to provide multiple operating domains or domains that provide differing levels of security and reliability. Each operating domain is isolated from the others. Detection of unauthorized modification is provided. Cross domain activity notification is provided.

Citations

14 Claims

1. A method for a mobile communication device to indicate activity across operating domains of the mobile communication device, the method comprising:
- establishing a plurality of operating domains for the mobile communication device each operating as an independent virtual machine, wherein at least one of the operating domains is a high-side domain and at least another of the operating domains is a low-side domain;
  
  establishing a plurality of isolated regions of memory within a memory of the mobile communication device;
  
  assigning each of the plurality of operating domains to one of the plurality of isolated regions of memory;
  
  implementing a communication control module within the mobile communication device to enforce communication restrictions between software associated with each of the operating domains and user interface hardware of the mobile communication device;
  
  providing a trusted indicator on the mobile communication device for indicating activity in the high-side domain, the activity including at least one of an incoming call, an incoming text, or a new email, the trusted indicator configured to activate a user notification to indicate the activity, wherein the trusted indicator is under exclusive control of software associated with the high-side domain;
  
  providing an input on the mobile communication device for switching from the low-side domain to the high-side domain, the input configured as an input only device that is activated by user input; and
  
  providing a trusted element for the mobile communication device that is independent of either the high-side domain or the low-side domain, the trusted element configured to;
  
  receive a signal from the input for switching from the low-side domain to the high-side domain; and
  
  perform user authentication for switching from the low-side domain to the high-side domain, the user authentication including providing output authentication information from the trusted element to an output device of the mobile communication device and receiving input authentication information at the trusted element from an input device of the mobile communication device.
- View Dependent Claims (2, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the user notification activated by the trusted indicator is a light emitting diode (LED) on the mobile communication device.
  - 11. The method of claim 1, wherein the user input to activate the input for switching between the low-side domain and the high-side domain includes a hard-key press.
  - 12. The method of claim 1, wherein the trusted element controls a keypad and display of the mobile communication device during user authentication.
  - 13. The method of claim 1, wherein the output authentication information is provided from the trusted element to a display of the mobile communication device.
  - 14. The method of claim 1, wherein the input authentication information is received at the trusted element from a keypad of the mobile communication device.

3. A mobile communication device configured to operate in multiple domains, the mobile communication device comprising:
- a plurality of isolated regions of memory;
  
  a processing module configured to run in a plurality of operating domains, in the plurality of isolated regions of memory, each operating domain configured as an independent virtual machine, wherein at least one of the operating domains is a high-side domain and at least another of the operating domains is a low-side domain;
  
  wherein the processing module is configured to instantiate a communication control module to enforce communication restrictions between software associated with each of the operating domains and user interface hardware of the mobile communication device;
  
  a trusted indicator to provide an indication of activity in the high-side domain, the activity including at least one of an incoming call, and incoming text message, or a new email message, the trusted indicator configured to activate a user notification to indicate the activity, wherein the trusted indicator is under exclusive control of software associated with the high-side domain;
  
  an input for switching between the low-side domain and the high-side domain, the input configured as an input only device that is activated by user input; and
  
  a trusted element that is independent of either the high-side domain or the low-side domain, the trusted element configured to;
  
  receive a signal from the input for switching between the low-side domain and the high-side domain; and
  
  perform user authentication for switching from the low-side domain to the high-side domain, the user authentication including providing output authentication information from the trusted element to an output device of the mobile communication device and receiving input authentication information at the trusted element from an input device of the mobile communication device.
- View Dependent Claims (4)
- - 4. The mobile communication device of claim 3, wherein the user notification activated by the trusted indicator is an LED on the mobile communication device.

5. A method for switching between domains of a mobile communication device that has a plurality of operating domains, the method comprising:
- providing a mobile communication device having a plurality of operating domains each operating as an independent virtual machine, wherein at least one of the operating domains is a high-side domain and at least one of the operating domains is a low-side domain;
  
  providing a memory having a plurality of isolated regions within the memory, wherein each of the plurality of operating domains is associated with a different one of the plurality of isolated regions within the memory;
  
  providing a communication control module within the mobile communication device to enforce communication restrictions between software associated with each of the plurality of operating domains and user interface hardware of the mobile communication device;
  
  providing a trusted indicator on the mobile communication to indicate activity in the high-side domain, the trusted indicator indicating at least one of an incoming call, an incoming text, or a new email directed to the high-side domain, the activity indicated by activating a user notification, wherein the trusted indicator is under exclusive control of software associated with the high-side domain;
  
  providing an input on the mobile communication device for switching from the low-side domain to the high-side domain, the input configured as an input only device that is activated by user input;
  
  providing a trusted element within the mobile communication device that is independent of either the high-side domain or the low-side domain, the trusted element configured to;
  
  receive a signal from the input for switching from the low-side domain to the high-side domain; and
  
  perform user authentication for switching from the low-side domain to the high-side domain, the user authentication including providing output authentication information from the trusted element to an output device of the mobile communication device and receiving input authentication information at the trusted element from an input device of the mobile communication device.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The method of claim 5, wherein user notification activated by the trusted indicator is a light emitting diode (LED) on the mobile communication device.
  - 7. The method of claim 5, wherein the user input to activate the input for switching between the low-side domain and the high-side domain includes a hard-key press.
  - 8. The method of claim 5, wherein the trusted element controls a keypad and display of the mobile communication device during user authentication.
  - 9. The method of claim 5, wherein the output authentication information is provided from the trusted element to a display of the mobile communication device.
  - 10. The method of claim 5, wherein the input authentication information is received at the trusted element from a keypad of the mobile communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ViaSat Incorporated
Original Assignee
ViaSat Incorporated
Inventors
Hart, Steven R., Lindteigen, Ty, Mar, Phil, Wren, Christopher Paul
Primary Examiner(s)
Gelin, Jean
Assistant Examiner(s)
Patel, Mahendra

Application Number

US12/896,794
Time in Patent Office

718 Days
Field of Search

455/418, 365/80, 365/189.14, 365/158, 713/187, 713/190, 717/109, 717/104, 717/113, 375/219, 375/324, 375/120.2, 709/224, 711/E12.102, 711/E12.068
US Class Current

455/418
CPC Class Codes

G06F 21/53   by executing in a restricte...

G06F 8/65   Updates security arrangemen...

H04M 1/724   User interfaces specially a...

H04W 12/02   Protecting privacy or anony...

H04W 12/086   using security domains

Cross domain notification

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Cross domain notification

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links