Secure smartphone

US 8,458,800 B1
Filed: 10/01/2010
Issued: 06/04/2013
Est. Priority Date: 10/01/2010
Status: Active Grant

First Claim

Patent Images

1. A method for modifying an existing mobile communication device to operate in multiple domains, the method comprising:

installing a plurality of operating systems, one for each of a plurality of operating domains, each of the plurality of operating domains occupying an isolated region of memory, wherein at least one of the operating domains is a secure domain configured to communicate with another communication device by wirelessly transmitting and receiving encrypted communications and at least another of the operating domains is an unsecure domain configured to communicate with another communication device by wirelessly transmitting and receiving unencrypted communications;

installing a plurality of device drivers in another isolated region of memory separate from the isolated region of memory occupied by each of the operating domains, at least one of the device drivers assigned exclusively to the secure domain, at least one of the device drivers assigned exclusively to the unsecure domain, at least one of the device drivers shared concurrently between the secure domain and the unsecure domain, and at least one of the device drivers switched between exclusive assignment to the secure domain and exclusive assignment to the unsecure domain;

implementing a communication control module to enforce communication restrictions between each of the operating systems, the device drivers and device hardware;

implementing an authentication procedure to switch from the unsecure domain to the secure domain; and

providing a trusted indicator that the mobile communication device is operating in the secure domain, wherein the trusted indicator is under exclusive control of software associated with the secure domain.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A commercial off-the-shelf smartphone is adapted, through software modifications only, to provide multiple operating domains or domains that provide differing levels of security and reliability. Each operating domain is isolated from the others. Detection of unauthorized modification is provided. Cross domain activity notification is provided.

58 Citations

View as Search Results

15 Claims

1. A method for modifying an existing mobile communication device to operate in multiple domains, the method comprising:
- installing a plurality of operating systems, one for each of a plurality of operating domains, each of the plurality of operating domains occupying an isolated region of memory, wherein at least one of the operating domains is a secure domain configured to communicate with another communication device by wirelessly transmitting and receiving encrypted communications and at least another of the operating domains is an unsecure domain configured to communicate with another communication device by wirelessly transmitting and receiving unencrypted communications;
  
  installing a plurality of device drivers in another isolated region of memory separate from the isolated region of memory occupied by each of the operating domains, at least one of the device drivers assigned exclusively to the secure domain, at least one of the device drivers assigned exclusively to the unsecure domain, at least one of the device drivers shared concurrently between the secure domain and the unsecure domain, and at least one of the device drivers switched between exclusive assignment to the secure domain and exclusive assignment to the unsecure domain;
  
  implementing a communication control module to enforce communication restrictions between each of the operating systems, the device drivers and device hardware;
  
  implementing an authentication procedure to switch from the unsecure domain to the secure domain; and
  
  providing a trusted indicator that the mobile communication device is operating in the secure domain, wherein the trusted indicator is under exclusive control of software associated with the secure domain.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the authentication procedure further comprises:
    - establishing an expected response phrase to be supplied in response to an authentication challenge;
      
      encrypting the expected response phrase;
      
      receiving a trial response phrase supplied in response to the authentication challenge;
      
      encrypting the trial response phrase; and
      
      confirming authentication when the encrypted expected response phrase matches the encrypted trial response phrase.
  - 3. The method of claim 1, wherein the providing a trusted indicator further comprises:
    - setting the state of a light emitting diode (LED) on the mobile communication device.
  - 4. The method of claim 1, wherein the encrypted communications are transmitted through a virtual private network (VPN).
  - 5. The method of claim 1, further comprising:
    - providing encryption for data associated with the secure domain.
  - 6. The method of claim 1, further comprising:
    - providing a device erasure capability, wherein one or more of the isolated regions of memory are erased; and
      
      providing a trusted indicator to indicate that the device erasure has been accomplished.
  - 7. The method of claim 6, wherein the device erasure is initiated by the press of a button on the mobile communication device.
  - 8. The method of claim 6, wherein the device erasure is initiated by a secure communication reception.
  - 9. The method of claim 1, further comprising:
    - restricting software download to the mobile communication device for use in the secure domain, subject to validation of a trusted signature in the software to be downloaded.
  - 10. The method of claim 1, further comprising:
    - clearing existing software from the mobile communication device prior to installing the plurality of operating systems.

11. A mobile communication device configured to operate in multiple domains, the device comprising:
- a plurality of isolated regions of memory;
  
  a processing module to run a plurality of operating systems, one for each of a plurality of operating domains, each of the plurality of operating domains occupying one of the isolated regions of memory, wherein at least one of the operating domains is a secure domain configured to communicate with another communication device by wirelessly transmitting and receiving encrypted communications and at least another of the operating domains is an unsecure domain configured to communicate with another communication device by wirelessly transmitting and receiving unencrypted communications;
  
  a device driver module in another one of the isolated regions of memory separate from the isolated regions of memory occupied by the operating domains, the device driver module including a plurality of device drivers, at least one of the device drivers assigned exclusively to the secure domain, at least one of the device drivers assigned exclusively to the unsecure domain, at least one of the device drivers shared concurrently between the secure domain and the unsecure domain, and at least one of the device drivers switched between exclusive assignment to the secure domain and exclusive assignment to the unsecure domain;
  
  wherein the processing module is configured to instantiate a communication control module to enforce communication restrictions between each of the operating systems, the plurality of device drivers and device hardware;
  
  wherein the processing module is configured to instantiate an authentication module to implement an authentication procedure to switch from the unsecure domain to the secure domain; and
  
  a trusted indicator to provide an indication that the mobile communication device is operating in the secure domain, wherein the trusted indicator is under exclusive control of software associated with the secure domain.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The mobile communication device of claim 11, wherein the authentication module further comprises:
    - an input module to receive an expected response phrase in response to an authentication challenge, and to receive a trial response phrase in response to the authentication challenge;
      
      an encryption module to encrypt the expected response phrase, and to encrypt the trial response phrase; and
      
      a confirmation module to match the encrypted expected response phrase to the encrypted trial response phrase, and confirm authentication based on the match.
  - 13. The mobile communication device of claim 11, wherein the trusted indicator is an LED on the mobile communication device.
  - 14. The mobile communication device of claim 11, further comprising:
    - a transceiver to provide the encrypted communications between the mobile communication device and a secure server while the mobile communication device is operating in the secure domain.
  - 15. The mobile communication device of claim 14, wherein the secure domain is configured to transmit the encrypted communications through a virtual private network (VPN).

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ViaSat Incorporated
Original Assignee
ViaSat Incorporated
Inventors
Van Voorhees, Franklin David, Mar, Phil, Hart, Steven R., Lindteigen, Ty, Wren, Paul
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
Durham, Imhotep

Application Number

US12/896,748
Time in Patent Office

977 Days
Field of Search

380/270, 380/255, 726/16, 726/26, 713/164, 713/166, 713/189, 713/150
US Class Current

726/26
CPC Class Codes

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 63/0272   Virtual private networks

H04L 63/083   using passwords cryptograph...

H04L 63/105   Multiple levels of security

H04L 9/0863   involving passwords or one-...

H04W 12/02   Protecting privacy or anony...

H04W 12/06   Authentication

H04W 12/086   using security domains

H04W 88/02   Terminal devices

Secure smartphone

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Secure smartphone

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links