Mobile device with multiple security domains
First Claim
Patent Images
1. An apparatus comprising:
- at least one user interface element;
a first isolated computational entity;
a second isolated computational entity;
a switching arrangement configured to;
in a first mode, connect said first isolated computational entity to said at least one user interface element; and
in a second mode, connect said second isolated computational entity to said at least one user interface element; and
a shared housing for said at least one user interface element, said first isolated computational entity, said second isolated computational entity, and said switching arrangement;
wherein;
said first isolated computational entity comprises an enterprise computing system including an enterprise memory, and an enterprise system processor coupled to said enterprise memory;
said second isolated computational entity comprises a non-enterprise computing system including a non-enterprise memory isolated from and physically separate from said enterprise memory, and a non-enterprise system processor coupled to said non-enterprise memory and isolated from said enterprise processor; and
said enterprise memory and said enterprise system processor are used only for said enterprise computing system;
said non-enterprise memory and said non-enterprise system processor are used only for said non-enterprise computing system.
1 Assignment
0 Petitions
Accused Products
Abstract
Included within a shared housing are at least one user interface element; a first isolated computational entity; a second isolated computational entity; and a switching arrangement. The switching arrangement is configured to, in a first mode, connect the first isolated computational entity to the at least one user interface element; and, in a second mode, connect the second isolated computational entity to the at least one user interface element.
46 Citations
5 Claims
-
1. An apparatus comprising:
-
at least one user interface element; a first isolated computational entity; a second isolated computational entity; a switching arrangement configured to; in a first mode, connect said first isolated computational entity to said at least one user interface element; and in a second mode, connect said second isolated computational entity to said at least one user interface element; and a shared housing for said at least one user interface element, said first isolated computational entity, said second isolated computational entity, and said switching arrangement; wherein; said first isolated computational entity comprises an enterprise computing system including an enterprise memory, and an enterprise system processor coupled to said enterprise memory; said second isolated computational entity comprises a non-enterprise computing system including a non-enterprise memory isolated from and physically separate from said enterprise memory, and a non-enterprise system processor coupled to said non-enterprise memory and isolated from said enterprise processor; and said enterprise memory and said enterprise system processor are used only for said enterprise computing system; said non-enterprise memory and said non-enterprise system processor are used only for said non-enterprise computing system.
-
-
2. A method comprising:
-
providing an apparatus comprising; at least one user interface element; a first isolated computational entity; a second isolated computational entity; a switching arrangement configured to; in a first mode, connect said first isolated computational entity to said at least one user interface element; and in a second mode, connect said second isolated computational entity to said at least one user interface element; and a shared housing for said at least one user interface element, said first isolated computational entity, said second isolated computational entity, and said switching arrangement; wherein; said first isolated computational entity comprises an enterprise computing system including an enterprise memory, and an enterprise system processor coupled to said enterprise memory; said second isolated computational entity comprises a non-enterprise computing system including a non-enterprise memory isolated from and physically separate from said enterprise memory, and a non-enterprise system processor coupled to said non-enterprise memory and isolated from said enterprise processor; and said enterprise memory and said enterprise system processor are used only for said enterprise computing system; said non-enterprise memory and said non-enterprise system processor are used only for said non-enterprise computing system; operating said apparatus in said first mode; and switching said apparatus from said first mode to said second mode.
-
-
3. An apparatus comprising:
-
a user interface element; at least one processor coupled to said user interface element and operative in one of; a first personality with first personality data and one or more first personality programs associated therewith; and a second personality with second personality data and one or more second personality programs associated therewith; and a switching arrangement, associated with said at least one processor, which causes said apparatus to switch between said first personality and said second personality; wherein; when said at least one processor is operative in said first personality, a user of said apparatus is unable to observe or affect operation of said one or more second personality programs and said second personality data; and when said at least one processor is operative in said second personality, a user of said apparatus is unable to observe or affect operation of said one or more first personality programs and said first personality data.
-
-
4. A kit of parts for assembly into a mobile device having a housing, a first processor, and at least one user interface element, said kit of parts comprising:
-
a second processor; an input/output controller configured to determine user intent to access one of an enterprise personality of said mobile device and a non-enterprise personality of said mobile device; and a switching arrangement configured to, responsive to said input/output controller; in a first mode, corresponding to one of said enterprise personality and said non-enterprise personality, connect the first processor to the at least one user interface element; and in a second mode, corresponding to another one of said enterprise personality and said non-enterprise personality, connect said second processor to the at least one user interface element.
-
-
5. A method of providing a service, comprising:
providing to a mobile device manufacturer a kit of parts for assembly into a mobile device having a housing, a first processor, and at least one user interface element, said kit of parts comprising; a second processor; an input/output controller configured to determine user intent to access one of an enterprise personality of said mobile device and a non-enterprise personality of said mobile device; and a switching arrangement configured to, responsive to said input/output controller; in a first mode, corresponding to one of said enterprise personality and said non-enterprise personality, connect the first processor to the at least one user interface element; and in a second mode, corresponding to another one of said enterprise personality and said non-enterprise personality, connect said second processor to the at least one user interface element; and providing support for said another one of said enterprise personality and said non-enterprise personality, once assembled into said mobile device, to a user of said mobile device.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsCohn, David L., Hunt, Guerney D. H., Moulic, James Randal, Pendarakis, Dimitrios
-
Primary Examiner(s)Luu, Le H
-
Application NumberUS14/874,441Publication NumberTime in Patent Office800 DaysField of SearchUS Class CurrentCPC Class CodesG06F 11/20 using active fault-masking,...G06F 11/2005 using redundant communicati...G06F 11/201 between storage system comp...G06F 11/2033 switching over of hardware ...G06F 11/2089 Redundant storage control f...G06F 15/173 using an interconnection ne...G06F 15/7871 Reconfiguration support, e....G06F 21/53 by executing in a restricte...G06F 2221/034 Test or assess a computer o...G06F 3/01 Input arrangements or combi...G06F 3/0484 for the control of specific...G06F 9/468 Specific access rights for ...H04W 12/08 Access securityH04W 12/086 using security domains
