Integration of untrusted framework components with a secure operating system environment
First Claim
1. A media processing device having software and hardware resources for performing media delivery operations, comprising:
- processing circuitry;
a secure operating system environment, the secure operating system environment executed by the processing circuitry;
a software framework, the software framework providing application programming interface functionality to support compatible applications; and
a secure access interface configured to regulate communications between the secure operating system environment and the software framework, and to provide restricted access to at least a portion of the software and hardware resources for performing media delivery operations, the secure access interface comprising;
a secure access server incorporated in the secure operating system environment, the secure access server configured to provide access to the secure operating system environment; and
a plurality of secure access clients configured to interface with the secure access server, each secure access client having respective access rights to the secure operating system environment via the secure access server, first access rights providing full access to the secure operating system environment for a first application and second access rights providing limited access, relative to the first access rights, to the secure operating system environment for a second application.
7 Assignments
0 Petitions
Accused Products
Abstract
A set top box or like device incorporating an untrusted software framework as a client of a secure operating system kernel. The software framework may comprise, for example, an Android framework supported by an underlying Linux operating system environment having a secure kernel. The software framework can be executed using a variety of process isolation techniques depending on performance and isolation requirements. A secure access client/server interface may also be provided to support interactions between the untrusted software framework (and applications utilizing the untrusted software framework) and secure or trusted portions of the device. The secure access interface can be configured to perform operations such as handle validation, heap pointer validation, non-pointer parameter validation, heap isolation, and resource release relating to terminated processes. In further embodiments, a software framework aggregator is used to support a plurality of additional software frameworks for use in the set top box.
-
Citations
20 Claims
-
1. A media processing device having software and hardware resources for performing media delivery operations, comprising:
-
processing circuitry; a secure operating system environment, the secure operating system environment executed by the processing circuitry; a software framework, the software framework providing application programming interface functionality to support compatible applications; and a secure access interface configured to regulate communications between the secure operating system environment and the software framework, and to provide restricted access to at least a portion of the software and hardware resources for performing media delivery operations, the secure access interface comprising; a secure access server incorporated in the secure operating system environment, the secure access server configured to provide access to the secure operating system environment; and a plurality of secure access clients configured to interface with the secure access server, each secure access client having respective access rights to the secure operating system environment via the secure access server, first access rights providing full access to the secure operating system environment for a first application and second access rights providing limited access, relative to the first access rights, to the secure operating system environment for a second application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method used in a media delivery device having a secure operating system kernel environment including a secure access server configured to provide access to services provided by the secure operating system kernel environment, and an untrusted software framework providing application programming interface functionality, comprising:
-
establishing a privileged operating system environment to perform secure media processing operations supported by the secure operating system kernel environment; establishing a restricted operating system environment to support the untrusted software framework, the restricted operating system environment utilizing process isolation and including at least one of a plurality of secure access clients configured to interface with the secure access server, each of the plurality of secure access clients having respective access rights to the secure operating system kernel environment via the secure access server, first access rights providing access to the secure operating system kernel environment for a first application and second access rights providing limited access, relative to the first access rights, to the secure operating system kernel environment for a second application; and executing at least a portion of the untrusted software framework in the restricted operating system environment in accordance with the second access rights. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A media processing device comprising:
-
processing circuitry; a software framework to support software applications; and an operating system executed by the processing circuitry in a secure operating system environment, the operating system configured to establish; a privileged operating system environment to perform trusted media processing operations; at least one restricted operating system environment that utilizes process isolation, the software framework executed in the at least one restricted operating system environment; and a secure access interface configured to regulate interaction between the secure operating system environment, the privileged operating system environment and the software framework, the secure access interface comprising; a secure access server executed in the secure operating system environment; a first secure access client configured to interface with the secure access server, the secure access server configured to provide access to the secure operating system environment by the first secure access client in accordance with first access rights applicable to the trusted media processing operations; and a second secure access client configured to interface with the secure access server, the secure access server configured to provide access to the secure operating system environment by the second secure access client in accordance with second access rights applicable to the software framework. - View Dependent Claims (18, 19, 20)
-
Specification