Alternative hardware and software configuration for near field communication
First Claim
1. A system on a mobile phone for configuring a secure partition in a trusted security zone, comprising:
- a processor that executes virtualization software and comprises a first virtual processor and a second virtual processor, wherein the second virtual processor comprises the trusted security zone;
a plurality of secure partitions residing in the trusted security zone, wherein the trusted security zone executes a dedicated operation system;
a first application stored in the first virtual processor, wherein the first application selects the secure partition from the plurality of secure partitions in the trusted security zone for performing a transaction associated with the first application and sends the selection to a second application stored in the trusted security zone;
a near field communication transceiver;
the second application stored in the trusted security zone, wherein the second application receives the selection from the first application and in response to receiving the selection, couples the near field communication transceiver to the secure partition residing in the trusted security zone via direct connection to a hardware port associated with the trusted security zone on the processor prior to beginning the transaction, and wherein the second application enables run-time execution in the trusted security zone based on receiving a signal from the near field communication transceiver; and
the secure partition residing in the trusted security zone, wherein the secure partition is not directly accessible from the first application.
6 Assignments
0 Petitions
Accused Products
Abstract
A system on a mobile phone for configuring a secure partition in a trusted security zone is provided. The system comprises a processor and a near field communication transceiver. The processor executes virtualization software and comprises a first virtual processor and a second virtual processor, where the second virtual processor comprises the trusted security zone and the secure partition resides in the trusted security zone. The first virtual processor comprises an application which utilizes the secure partition in the trusted security zone. The second virtual processor comprises an application stored in the trusted security zone, where the application couples the near field communication transceiver to the secure partition residing in the trusted security zone and where the application enables run-time execution in the trusted security zone based on the receiving a signal from the near field communication transceiver.
89 Citations
19 Claims
-
1. A system on a mobile phone for configuring a secure partition in a trusted security zone, comprising:
-
a processor that executes virtualization software and comprises a first virtual processor and a second virtual processor, wherein the second virtual processor comprises the trusted security zone; a plurality of secure partitions residing in the trusted security zone, wherein the trusted security zone executes a dedicated operation system; a first application stored in the first virtual processor, wherein the first application selects the secure partition from the plurality of secure partitions in the trusted security zone for performing a transaction associated with the first application and sends the selection to a second application stored in the trusted security zone; a near field communication transceiver; the second application stored in the trusted security zone, wherein the second application receives the selection from the first application and in response to receiving the selection, couples the near field communication transceiver to the secure partition residing in the trusted security zone via direct connection to a hardware port associated with the trusted security zone on the processor prior to beginning the transaction, and wherein the second application enables run-time execution in the trusted security zone based on receiving a signal from the near field communication transceiver; and the secure partition residing in the trusted security zone, wherein the secure partition is not directly accessible from the first application. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of secure partition configuration in a trusted security zone on a mobile device, comprising:
-
selecting in a first application on a mobile device a secure partition from a plurality of secure partitions concurrently residing in the trusted security zone on the mobile device for performing a transaction associated with the first application and sends the selection to a second application stored in the trusted security zone; sending the selection of the secure partition from the first application to a second application, wherein the second application is stored in the trusted security zone on the mobile device, and wherein the trusted security zone executes a dedicated operating system; in response to receiving the selection from the first application, coupling, by the second application, a near field communication transceiver in the mobile device to the selected secure partition prior to performing the transaction, wherein the secure partition hardware and software reside on a processor of the mobile device in the trusted security zone, wherein the secure partition is not directly accessible from the first application, and wherein the coupling is via direct connection to a hardware port associated with the trusted security zone on the processor; and establishing a wireless link between the near field communication transceiver in the mobile device and an external near field communication device, wherein the wireless link enables communication between the selected secure partition and the external near field communication device. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system on a mobile phone for configuring a secure partition in a trusted security zone, comprising:
-
a processor that executes virtualization software and comprises a plurality of processing cores, a first virtual processor, and a second virtual processor, wherein the second virtual processor comprises the trusted security zone; a plurality of secure partitions residing in the trusted security zone, wherein the trusted security zone executes a dedicated operation system; an application stored in the first virtual processor, wherein the application selects the secure partition from the plurality of secure partitions in the trusted security zone for performing a transaction associated with the application and sends the selection to a second application stored in the trusted security zone; a near field communication transceiver; and the second application stored in the trusted security zone, wherein the second application receives the selection from the first application and in response to receiving the selection, is coupled to the near field communication transceiver via a first processing core of the plurality of processing cores via direct connection to a hardware port associated with the trusted security zone on the processor prior to beginning the transaction. - View Dependent Claims (16, 17, 18, 19)
-
Specification