Appliqué providing a secure deployment environment (SDE) for a wireless communications device
First Claim
1. A secure system, comprising:
- a wireless communications device;
a security appliqué
to provide a secure deployment environment (SDE) to manage security operations including a hardware sleeve including the communications device situated therein;
the sleeve including;
an interface for connecting to the communications device;
a hardware processor, coupled to the interface, the processor to determine an operating system of the communications device, to execute the same operating system as the operating system of the communications device, and to provide a secure deployment environment (SDE) to manage security operations for the communications device without implementing modifications to the communications device;
a programmable crypto application device, coupled to the processor, to implement the security operations managed by the processor;
a secure sandbox to implement a secure environment for running an application, the secure sandbox including a virtual network computing (VNC) to present an application running on the VNC server for display on the wireless communications device and to allow a user to interact with the application using a touchscreen or keypad of the wireless communications device;
a network router, communicatively connected between the secure sandbox and the interface, the network router for providing the data from the VNC server to the interface for routing to the communications device; and
a hardware trust anchor (HTA) to protect a virtual environment provided by the wireless communications device from threats by firmly grounding the virtual environment to the programmable crypto application device, wherein the HTA further provides a mechanism for asserting fidelity of the underlying platform provided by the programmable crypto application device and informs the user of the current trust-state;
the communications device coupled to the sleeve via the connection interface, the wireless communication device including a thin client application for interfacing with the security appliqué
, the thin client including a VNC client and an intrusion detection module, the VNC client operable to provide access to the application through the VNC server and present a remote desktop on the communications device, the intrusion detection module to protect the thin client form malware;
wherein the security appliqué
provides the SDE for the wireless communications device without implementing modifications to the wireless communications device, wherein the security appliqué
communicates with the wireless communications device using the standard connection interface, wherein the security appliqué
includes a processor to determine an operating system of the communications device and to execute the same operating system as the operating system of the communications device on the security appliqué
.
1 Assignment
0 Petitions
Accused Products
Abstract
A security appliqué provides a secure deployment environment (SDE) for a wireless communications device. The Security appliqué isolates the security features, requirements, and information security boundaries such that no hardware modifications are required to a wireless communications device. Rather, a security module thin client is provided to the wireless communications device to provide the Secure Deployment Environment (SDE). The wireless communications device is coupled to the security appliqué via the standard connection interface. Through the standard connection interface, the security appliqué provides the SDE for the wireless communications device without implementing modifications to the wireless communications device.
20 Citations
8 Claims
-
1. A secure system, comprising:
-
a wireless communications device; a security appliqué
to provide a secure deployment environment (SDE) to manage security operations including a hardware sleeve including the communications device situated therein;the sleeve including; an interface for connecting to the communications device; a hardware processor, coupled to the interface, the processor to determine an operating system of the communications device, to execute the same operating system as the operating system of the communications device, and to provide a secure deployment environment (SDE) to manage security operations for the communications device without implementing modifications to the communications device; a programmable crypto application device, coupled to the processor, to implement the security operations managed by the processor; a secure sandbox to implement a secure environment for running an application, the secure sandbox including a virtual network computing (VNC) to present an application running on the VNC server for display on the wireless communications device and to allow a user to interact with the application using a touchscreen or keypad of the wireless communications device; a network router, communicatively connected between the secure sandbox and the interface, the network router for providing the data from the VNC server to the interface for routing to the communications device; and a hardware trust anchor (HTA) to protect a virtual environment provided by the wireless communications device from threats by firmly grounding the virtual environment to the programmable crypto application device, wherein the HTA further provides a mechanism for asserting fidelity of the underlying platform provided by the programmable crypto application device and informs the user of the current trust-state; the communications device coupled to the sleeve via the connection interface, the wireless communication device including a thin client application for interfacing with the security appliqué
, the thin client including a VNC client and an intrusion detection module, the VNC client operable to provide access to the application through the VNC server and present a remote desktop on the communications device, the intrusion detection module to protect the thin client form malware;wherein the security appliqué
provides the SDE for the wireless communications device without implementing modifications to the wireless communications device, wherein the security appliqué
communicates with the wireless communications device using the standard connection interface, wherein the security appliqué
includes a processor to determine an operating system of the communications device and to execute the same operating system as the operating system of the communications device on the security appliqué
. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for providing security operations to a wireless communications device, comprising:
-
situating the communication device in a hardware sleeve; implementing, using the sleeve, a secure deployment environment (SDE) on a security appliqué
for the wireless communications device;providing, by the sleeve, a standard interface to the security appliqué
for communicating with the communications device;determining, using a hardware processor of the sleeve, an operating system of the communications device and executing a same operating system as the determined operating system on the security appliqué
;managing, by the sleeve, security operations for the communications device through the linking of the SDE on the security appliqué
to the communications device without implementing modifications to the communications device including;implementing a secure sandbox on the security appliqué
to provide a secure environment for running security applications for the security appliqué
;providing a virtual network computing (VNC) server running in the secure sandbox to present applications running on the VNC server for display on the communications device; providing a network router for providing data from the VNC server to a standard communications interface for routing to the communications device for presenting the applications running on the VNC server on the communications device; and providing, by the sleeve, a hardware trust anchor (HTA) to protect a virtual environment provided by the wireless communications device from threats by firmly grounding the virtual environment to the programmable crypto application device, wherein the HTA further provides a mechanism for asserting fidelity of the underlying platform provided by the programmable crypto application device and informs the user of the current trust-state.
-
Specification