Secure smartphone
First Claim
Patent Images
1. A method for modifying an existing mobile communication device to operate in multiple domains, the method comprising:
- installing a plurality of operating systems, one for each of a plurality of operating domains, each of the plurality of operating domains occupying an isolated region of memory, wherein at least one of the operating domains is a secure domain configured to communicate with another communication device by wirelessly transmitting and receiving encrypted communications and at least another of the operating domains is an unsecure domain configured to communicate with another communication device by wirelessly transmitting and receiving unencrypted communications;
installing a plurality of device drivers in another isolated region of memory separate from the isolated region of memory occupied by each of the operating domains, at least one of the device drivers assigned exclusively to the secure domain, at least one of the device drivers assigned exclusively to the unsecure domain, at least one of the device drivers shared concurrently between the secure domain and the unsecure domain, and at least one of the device drivers switched between exclusive assignment to the secure domain and exclusive assignment to the unsecure domain;
implementing a communication control module to enforce communication restrictions between each of the operating systems, the device drivers and device hardware;
implementing an authentication procedure to switch from the unsecure domain to the secure domain; and
providing a trusted indicator that the mobile communication device is operating in the secure domain, wherein the trusted indicator is under exclusive control of software associated with the secure domain.
5 Assignments
0 Petitions
Accused Products
Abstract
A commercial off-the-shelf smartphone is adapted, through software modifications only, to provide multiple operating domains or domains that provide differing levels of security and reliability. Each operating domain is isolated from the others. Detection of unauthorized modification is provided. Cross domain activity notification is provided.
58 Citations
15 Claims
-
1. A method for modifying an existing mobile communication device to operate in multiple domains, the method comprising:
-
installing a plurality of operating systems, one for each of a plurality of operating domains, each of the plurality of operating domains occupying an isolated region of memory, wherein at least one of the operating domains is a secure domain configured to communicate with another communication device by wirelessly transmitting and receiving encrypted communications and at least another of the operating domains is an unsecure domain configured to communicate with another communication device by wirelessly transmitting and receiving unencrypted communications; installing a plurality of device drivers in another isolated region of memory separate from the isolated region of memory occupied by each of the operating domains, at least one of the device drivers assigned exclusively to the secure domain, at least one of the device drivers assigned exclusively to the unsecure domain, at least one of the device drivers shared concurrently between the secure domain and the unsecure domain, and at least one of the device drivers switched between exclusive assignment to the secure domain and exclusive assignment to the unsecure domain; implementing a communication control module to enforce communication restrictions between each of the operating systems, the device drivers and device hardware; implementing an authentication procedure to switch from the unsecure domain to the secure domain; and providing a trusted indicator that the mobile communication device is operating in the secure domain, wherein the trusted indicator is under exclusive control of software associated with the secure domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A mobile communication device configured to operate in multiple domains, the device comprising:
-
a plurality of isolated regions of memory; a processing module to run a plurality of operating systems, one for each of a plurality of operating domains, each of the plurality of operating domains occupying one of the isolated regions of memory, wherein at least one of the operating domains is a secure domain configured to communicate with another communication device by wirelessly transmitting and receiving encrypted communications and at least another of the operating domains is an unsecure domain configured to communicate with another communication device by wirelessly transmitting and receiving unencrypted communications; a device driver module in another one of the isolated regions of memory separate from the isolated regions of memory occupied by the operating domains, the device driver module including a plurality of device drivers, at least one of the device drivers assigned exclusively to the secure domain, at least one of the device drivers assigned exclusively to the unsecure domain, at least one of the device drivers shared concurrently between the secure domain and the unsecure domain, and at least one of the device drivers switched between exclusive assignment to the secure domain and exclusive assignment to the unsecure domain; wherein the processing module is configured to instantiate a communication control module to enforce communication restrictions between each of the operating systems, the plurality of device drivers and device hardware; wherein the processing module is configured to instantiate an authentication module to implement an authentication procedure to switch from the unsecure domain to the secure domain; and a trusted indicator to provide an indication that the mobile communication device is operating in the secure domain, wherein the trusted indicator is under exclusive control of software associated with the secure domain. - View Dependent Claims (12, 13, 14, 15)
-
Specification