Patent Application
20100162240
Conceptually, a computing system (e.g., a computing device, a personal computer, a laptop, a Smartphone, a mobile phone) can accept information (content or data) and manipulate it to obtain or determine a result based on a sequence of instructions (or a computer program) that effectively describes how to process the information. Typically, the information is stored in a computer readable medium in a binary form. More complex computing systems can store content including the computer program itself. A computer program may be invariable and/or built into, for example a computer (or computing) device as logic circuitry provided on microprocessors or computer chips. Today, general purpose computers can have both kinds of programming. A computing system can also have a support system which, among other things, manages various resources (e.g., memory, peripheral devices) and services (e.g., basic functions such as opening files) and allows the resources to be shared among multiple programs. One such support system is generally known as an Operating System (OS) which provides programmers with an interface used to access these resources and services.
Today, numerous types of computing devices are available. These computing devices widely range with respect to size, cost, amount of storage and processing power. The computing devices that are available today include: expensive and powerful servers, relatively cheaper Personal Computers (PC's) and laptops and yet less expensive microprocessors (or computer chips) provided in storage devices, automobiles, and household electronic appliances.
In recent years, computing systems have become more portable and mobile. As a result, various mobile and handheld devices have been made available. By way of example, wireless phones, media players, Personal Digital Assistants (PDA's) are widely used today. Generally, a mobile or a handheld device (also known as handheld computer or simply handheld) can be a pocket-sized computing device, typically utilizing a small visual display screen for user output and a miniaturized keyboard for user input. In the case of a Personal Digital Assistant (PDA), the input and output can be combined into a touch-screen interface.
In particular, mobile communication devices (e.g., mobile phones) have become extremely popular. Some mobile communication devices (e.g., Smartphones) offer computing environments that are similar to that provided by a Personal Computer (PC). As such, a Smartphone can effectively provide a complete Operating System as a standardized interface and platform for application developers. Given the popularity of mobile communication devices, telecommunication is discussed in greater detail below.
Generally, telecommunication refers to assisted transmission of signals over a distance for the purpose of communication. In earlier times, this may have involved the use of smoke signals, drums, semaphore or heliograph. In modern times, telecommunication typically involves the use of electronic transmitters such as the telephone, television, radio or computer. Early inventors in the field of telecommunication include Alexander Graham Bell, Guglielmo Marconi and John Logie Baird. Telecommunication is an important part of the world economy and the telecommunication industry's revenue is placed at just under 3 percent of the gross world product.
Conventional telephones have been in use for many years. The first telephones had no network but were in private use, wired together in pairs. Users who wanted to talk to different people had as many telephones as necessary for the purpose. Typically, a person who wished to speak, whistled into the transmitter until the other party heard. Shortly thereafter, a bell was added for signaling, and then a switch hook, and telephones took advantage of the exchange principle already employed in telegraph networks. Each telephone was wired to a local telephone exchange, and the exchanges were wired together with trunks. Networks were connected together in a hierarchical manner until they spanned cities, countries, continents and oceans. This can be considered the beginning of the public switched telephone network (PSTN) though the term was unknown for many decades.
Public switched telephone network (PSTN) is the network of the world's public circuit-switched telephone networks, in much the same way that the Internet is the network of the world's public IP-based packet-switched networks. Originally a network of fixed-line analog telephone systems, the PSTN is now almost entirely digital, and now includes mobile as well as fixed telephones. The PSTN is largely governed by technical standards created by the ITU-T, and uses E.163/E.164 addresses (known more commonly as telephone numbers) for addressing.
More recently, wireless networks have been developed. While the term wireless network may technically be used to refer to any type of network that is wireless, the term is often commonly used to refer to a telecommunications network whose interconnections between nodes is implemented without the use of wires, such as a computer network (which is a type of communications network). Wireless telecommunications networks can, for example, be implemented with some type of remote information transmission system that uses electromagnetic waves, such as radio waves, for the carrier and this implementation usually takes place at the physical level or “layer” of the network (e.g., the Physical Layer of the OSI Model). One type of wireless network is a WLAN or Wireless Local Area Network. Similar to other wireless devices, it uses radio instead of wires to transmit data back and forth between computers on the same network. Wi-Fi is a commonly used wireless network in computer systems which enable connection to the internet or other machines that have Wi-Fi functionalities. Wi-Fi networks broadcast radio waves that can be picked up by Wi-Fi receivers that are attached to different computers or mobile phones. Fixed wireless data is a type of wireless data network that can be used to connect two or more buildings together in order to extend or share the network bandwidth without physically wiring the buildings together. Wireless MAN is another type of wireless network that connects several Wireless LANs.
Today, several mobile networks are in use. One example is the Global System for Mobile Communications (GSM) which is divided into three major systems which are the switching system, the base station system, and the operation and support system (Global System for Mobile Communication (GSM)). A cell phone can connect to the base system station which then connects to the operation and support station; it can then connect to the switching station where the call is transferred where it needs to go (Global System for Mobile Communication (GSM)). This is used for cellular phones and common standard for a majority of cellular providers. Personal Communications Service (PCS): PCS is a radio band that can be used by mobile phones in North America. Sprint happened to be the first service to set up a PCS. Digital Advanced Mobile Phone Service (D-AMPS) is an upgraded version of AMPS but it may be phased out as the newer GSM networks are replacing the older system.
Yet another example is the General Packet Radio Service (GPRS) which is a Mobile Data Service available to users of Global System for Mobile Communications (GSM) and IS-136 mobile phones. GPRS data transfer is typically charged per kilobyte of transferred data, while data communication via traditional circuit switching is billed per minute of connection time, independent of whether the user has actually transferred data or has been in an idle state. GPRS can be used for services such as Wireless Application Protocol (WAP) access, Short Message Service (SMS), Multimedia Messaging Service (MMS), and for Internet communication services such as email and World Wide Web access. 2G cellular systems combined with GPRS is often described as “2.5G”, that is, a technology between the second (2G) and third (3G) generations of mobile telephony. It provides moderate speed data transfer, by using unused Time Division Multiple Access (TDMA) channels in, for example, the GSM system. Originally there was some thought to extend GPRS to cover other standards, but instead those networks are being converted to use the GSM standard, so that GSM is the only kind of network where GPRS is in use. GPRS is integrated into GSM Release 97 and newer releases. It was originally standardized by European Telecommunications Standards Institute (ETSI), but now by the 3rd Generation Partnership Project (3GPP). W-CDMA (Wideband Code Division Multiple Access) is a type of 3G cellular network. W-CDMA is the higher speed transmission protocol used in the Japanese FOMA system and in the UMTS system, a third generation follow-on to the 2G GSM networks deployed worldwide. More technically, W-CDMA is a wideband spread-spectrum mobile air interface that utilizes the direct sequence Code Division Multiple Access signaling method (or CDMA) to achieve higher speeds and support more users compared to the implementation of time division multiplexing (TDMA) used by 2G GSM networks. It should be noted that SMS can be supported by GSM and MMS can be supported by 2.5G/3G networks.
Generally, a mobile phone or cell phone can be a long-range, portable electronic device used for mobile communication. In addition to the standard voice function of a telephone, current mobile phones can support many additional services such as SMS for text messaging, email, packet switching for access to the Internet, and MMS for sending and receiving photos and video. Most current mobile phones connect to a cellular network of base stations (cell sites), which is in turn interconnected to the public switched telephone network (PSTN) (one exception is satellite phones).
The Short Message Service (SMS), often called text messaging, is a means of sending short messages to and from mobile phones. SMS was originally defined as part of the GSM series of standards in 1985 as a means of sending messages of up to 160 characters, to and from Global System for Mobile communications (GSM) mobile handsets. Since then, support for the service has expanded to include alternative mobile standards such as ANSI CDMA networks and Digital AMPS, satellite and landline networks. Most SMS messages are mobile-to-mobile text messages, though the standard supports other types of broadcast messaging as well. The term SMS is frequently used in a non-technical sense to refer to the text messages themselves, particularly in non-English-speaking European countries where the GSM system is well-established.
Multimedia Messaging Service (MMS) is a relatively more modern standard for telephony messaging systems that allows sending messages that include multimedia objects (images, audio, video, rich text) and not just text as in Short Message Service (SMS). It can be deployed in cellular networks along with other messaging systems like SMS, Mobile Instant Messaging and Mobile E-mal. Its main standardization effort is done by 3GPP, 3GPP2 and Ope Mobile Alliance (OMA).
The popularity of computing systems, especially mobile communication devices, is evidenced by their ever increasing use in everyday life. As such, further enhancement to computing systems would be useful.
The invention relates to computing environments and computing systems. More particularly, the invention pertains to techniques for enforcing security in computing environments and computing systems.
In accordance with one aspect of the invention, consistent security criteria can be provided for enforcement of security with respect to multiple computing environments. In one embodiment, one or more consistent security criteria are generated, based on input security criterion, in a computer readable and storable form and stored in a computer readable storage medium, thereby allowing the consistent security criterion to be effectively provided to a computing system for enforcement of the input security criterion in a consistent manner with respect to (a) a first executable computer code effectively supported by an Operating System (OS), and (b) a second computer code effectively supported by the Virtual Computing Environment (VCE).
It will be appreciated that a safe component (e.g., a Trusted Agent) can effectively provide one or more consistent security criteria in accordance with another aspect of the invention. In one embodiment, a Trusted Component (TC) can effectively provide a consistent security criterion to an Operating System (OS) and a Virtual Computing Environment (VCE). It will be appreciated that a component (e.g., a tool) can be operable to provide the consistent security criterion as a part and/or form that is suitable for each of the Operating System (OS) and a Virtual Computing Environment (VCE). By way of example, a Trusted Security Agent (TSC) can provide a consistent security criterion in a first form or as first part for a Virtual Machine (VM) and as a second form or second part for an Operating System (OS). The Trusted Security Agent (TSC) may also provide a security label mapping that can be effectively used to map security labels between an Operating System and a Virtual Machine (VM) as will be appreciated by those skilled in the art. In general, a component (e.g., a tool) can be operable to perform various functions including verifying consistency of security criteria, generation and deployment of consistent security criteria, and transformation of security criteria to parts and/or forms suitable for various computing environments.
In accordance with a related aspect of the invention, a consistent security criterion can be enforced by an Operating System (OS) and a Virtual Computing Environment (VCE). In one embodiment, a consistent security criterion for enforcement of a security criterion in a consistent manner with respect to a first executable computer code and second computer code effectively supported by a Virtual Computing Environment (VCE) is obtained. Security in the computing system can be enforced in accordance with the consistent security criterion, thereby enforcing security in a consistent manner with respect to the first executable computer code and second computer code.
In accordance with a yet another aspect of the invention, a Virtual Computing Environment (VCE) can obtain one or more security criteria that can be enforced by an Operating System (OS). Typically, the one or more security criteria are stored and/or maintained by the Operating System (OS). In one embodiment, a Virtual Computing Environment (VCE) is operable to obtain from an Operating System (OS) at least one of a set of security criteria and enforce it with respect to computer code effectively supported by that the Virtual Computing Environment (VCE). It will be appreciated that the one or more security criteria can be consistent security criteria provided in accordance with the invention. In addition, the Virtual Computing Environment (VCE) can be operable in a Trusted Computing Environment (TCE) and as such interface with a Trusted Operating System (OS). It will be appreciated that the Operating System (OS) can be a secure OS that effectively enforces Mandatory Access Control (MAC), thereby allowing the Virtual Computing Environment (VCE) to leverage the security provided by the OS. In one embodiment, the OS is a Security-Enhanced Linux (SELinux) Operating System (OS) operating as a Trusted Component in a Trusted Environment that includes a Trusted Security Agent (TSA) operable to deploy consistent security criteria.
The invention can be implemented in numerous ways, including, for example, a method, an apparatus, a computer readable (and/or storable) medium, and a computing system (e.g., a computing device). A computer readable medium can, for example, include at least executable computer program code stored in a tangible form. Several embodiments of the invention are discussed below.
Other aspects and advantages of the invention will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, illustrating by way of example the principles of the invention.
The present invention will be readily understood by the following detailed description in conjunction with the accompanying drawings, wherein like reference numerals designate like structural elements, and in which:
As noted in the background section, mobile devices are becoming increasingly more popular. Today, wireless networks and mobile communication devices (e.g., Smartphones, cell phones, Personal Digital Assistants) are especially popular. Unfortunately, however, partly because of this popularity, more and more malicious attacks are being directed to wireless networks and mobile communication devices. In addition, recent developments, including relatively new services (e.g., email, file transfer and messaging), and use of common software platforms (e.g., Symbian, Embedded Linux, and Windows CE Operating Systems) has made mobile communication devices relatively more exposed to malicious attacks. The exposure to malicious attacks could worsen as the wireless networks and mobile communication devices continue to evolve rapidly. Today, wireless and/or portable communication devices (e.g., cell phones, Smartphones) can offer similar functionality as that more traditionally offered by Personal Computers (PCs). As a result, wireless and/or portable communication devices are likely to face similar security problems (e.g., worms, viruses) as those encountered in more traditional computing environments.
Examples of the most notorious threats to cell phones include the Skull, Cabir, and Mabir worms which have targeted the Symbian Operating Systems. Generally, an MMS-based worm can start attacking initial targets (hit-list) from the network. Each infected phone can scan its contact list and randomly pick up members to deliver a malicious attack in the form of a message. A person can trust an incoming message due to its attractive title or seemingly familiar source and activate the attached file and unwittingly get a phone infected. The infected phone can in turn get other phones infected, and so on. In contrast, a Blue-tooth based worm can take control of a victim phone's Blue-tooth interface and continuously scan for other Blue-tooth-enabled phones within its range. Once a new target has been detected, the worm can effectively connect to other devices and transfers a malicious message to them, and so on.
Taking the cell phone as an example, an active cell phone typically has two security states: susceptible and infected. A susceptible cell phone is not completely protected against worms and may get infected when exposed to a specific worm (e.g., CommWarrior). An infected cell phone can return back to the susceptible state when the user launches a protection (e.g., the CommWarrior patch from F-Secure or Symantec) partly because the cell phone is susceptible to other worm threats. Malware has many other undesirable affects including compromising the privacy of the users.
Generally, security of the computing systems (e.g., computing devices) is a major concern today, yet it is also desirable to support executable code (e.g., application programs) provided by various entities. Modern computing system can effectively provide a Virtual Computing Environment (VCE) (e.g., a virtual machine) supporting platform independent application programs that may not be directly supported by the Operating System (OS) (e.g., Applets for mobile computing environments) and native applications that can be directly supported by Operating System (OS) (e.g., applications that are designed for a particular Operating System (OS)).
However, security criteria (e.g., security policies, security rules, security conditions) may not be provided in a consistent manner with respect to virtual and native computing environments and consequently result in compromising the overall security of the computing system. Another problem may be the redundancy of different sets of security criteria typically defined by different entities (e.g., various stakeholders such as, for example, device manufactures, service providers, application providers of a mobile phone).
In view of the foregoing, techniques that can improve the security of computing systems would be very useful.
The invention relates to computing environments and computing systems. More particularly, the invention pertains to techniques for enforcing security in computing environments and computing systems.
In accordance with one aspect of the invention, consistent security criteria can be provided for enforcement of security with respect to multiple computing environments. In one embodiment, one or more consistent security criteria are generated, based on input security criterion, in a computer readable and storable form and stored in a computer readable storage medium, thereby allowing the consistent security criterion to be effectively provided to a computing system for enforcement of the input security criterion in a consistent manner with respect to (a) a first executable computer code effectively supported by an Operating System (OS), and (b) a second computer code effectively supported by the Virtual Computing Environment (VCE).
It will be appreciated that a safe component (e.g., a Trusted Agent) can effectively provide one or more consistent security criteria in accordance with another aspect of the invention. In one embodiment, a Trusted Component (TC) can effectively provide a consistent security criterion to an Operating System (OS) and a Virtual Computing Environment (VCE). It will be appreciated that a component (e.g., a tool) can be operable to provide the consistent security criterion as a part and/or form that is suitable for each of the Operating System (OS) and a Virtual Computing Environment (VCE). By way of example, a Trusted Security Agent (TSC) can provide a consistent security criterion in a first form or as first part for a Virtual Machine (VM) and as a second form or second part for an Operating System (OS). The Trusted Security Agent (TSC) may also provide a security label mapping that can be effectively used to map security labels between an Operating System and a Virtual Machine (VM) as will be appreciated by those skilled in the art. In general, a component (e.g., a tool) can be operable to perform various functions including verifying consistency of security criteria, generation and deployment of consistent security criteria, and transformation of security criteria to parts and/or forms suitable for various computing environments.
In accordance with a related aspect of the invention, a consistent security criterion can be enforced by an Operating System (OS) and a Virtual Computing Environment (VCE). In one embodiment, a consistent security criterion for enforcement of a security criterion in a consistent manner with respect to a first executable computer code and second computer code effectively supported by a Virtual Computing Environment (VCE) is obtained. Security in the computing system can be enforced in accordance with the consistent security criterion, thereby enforcing security in a consistent manner with respect to the first executable computer code and second computer code.
In accordance with a yet another aspect of the invention, a Virtual Computing Environment (VCE) can obtain one or more security criteria that can be enforced by an Operating System (OS). Typically, the one or more security criteria are stored and/or maintained by the Operating System (OS). In one embodiment, a Virtual Computing Environment (VCE) is operable to obtain from an Operating System (OS) at least one of a set of security criteria and enforce it with respect to computer code effectively supported by that the Virtual Computing Environment (VCE). It will be appreciated that the one or more security criteria can be consistent security criteria provided in accordance with the invention. In addition, the Virtual Computing Environment (VCE) can be operable in a Trusted Computing Environment (TCE) and as such interface with a Trusted Operating System (OS). It will be appreciated that the Operating System (OS) can be a secure OS that effectively enforces Mandatory Access Control (MAC), thereby allowing the Virtual Computing Environment (VCE) to leverage the security provided by the OS. In one embodiment, the OS is a Security-Enhanced Linux (SELinux) Operating System (OS) operating as a Trusted Component in a Trusted Environment that includes a Trusted Security Agent (TSA) operable to deploy consistent security criteria.
Embodiments of these aspects of the invention are discussed below with reference to
Those skilled in the art will appreciate that the consistent security criterion 108 can be stored in a computer readable storage medium 110 in a form that can be accessed by a computing system, thereby allowing it to be provided to the computing system for enforcement of security in a consistent manner. Referring to
To further elaborate,
The computing system 120 can be operable to obtain the consistent security criterion 108 and store it in the Virtual Computing Environment (VCE) 126 and the Operating System (OS) 128. The consistent security criterion 108 can, for example, be generated and/or provided by the security criteria generator 102 depicted in
Moreover, a Virtual Computing Environment (VCE) (e.g., the Virtual Computing Environment (VCE) 126) can be operable to effectively interface with an Operating System (OS) (e.g., the Operating System (OS) 128) in order to obtain security criteria including a consistent security criterion (e.g., the consistent security criteria 108) stored and or effectively maintained by the Operating System (OS).
Referring to
In addition, security-criteria mapping 204b can effectively allow mapping of a security criterion 204 of the Operating System (OS) 206 to a security criteria that can be effectively understood and enforced by the Operating System-aware security component 202 in the Virtual Computing Environment (VCE) 208. As will be appreciated by those skilled in the art, the security-criteria mapping 204b can, for example, include mapping data that can be effectively used to map a security label that is originally provided and/or intended for the Operating System (OS) 206 to a security label of the Virtual Computing Environment (VCE) 208.
It will be appreciated that the set of security criteria 204 stored and/or maintained, the Operating System (OS) 209 can include one or more consistent security criteria provided for enforcement of security in a consistent manner with respect to computer code B (124) associated with the Virtual Computing Environment (VCE) 208 and executable computer code A (122) directly supported by the Operating System (OS) 206. It should be noted that a security criteria generator 102 (also shown in
Referring back to
In addition, the Virtual Computing Environment (VCE) represented as the Virtual Machine (VM) 312 (e.g., a KVM provided as a VM for a mobile device as generally known in the art) can be operable to access the security criteria 309 via operating-system Libraries and/or Interfaces 314 (e.g., “SELinux.lib” of a SELinux Operating System). In other words, the Virtual Machine (VM) 312 can include an operating-system security system or component (e.g., operating-system security component 202 depicted in Figure). The operating-system Libraries and/or Interfaces 314 effectively allow the Virtual Machine (VM) 312 to obtain the security criteria 309 and enforce them with respect to various applications 312a and 312b that can, for example, be developed and/or provided by various entities (e.g., a user MiDlet developed by an application developer and a service provider MiDlet developed by a service provider).
The various aspects, features, embodiments or implementations of the invention described above can be used alone or in various combinations. The many features and advantages of the present invention are apparent from the written description and, thus, it is intended by the appended claims to cover all such features and advantages of the invention. Further, since numerous modifications and changes will readily occur to those skilled in the art, the invention should not be limited to the exact construction and operation as illustrated and described. Hence, all suitable modifications and equivalents may be resorted to as falling within the scope of the invention.
