System and method of establishing trusted operability between networks in a network functions virtualization environment
US-9749294-B1 · Aug 29, 2017 · US
Operating environment partitioning for securing group communication device resources
US10887290B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10887290-B2 |
| Application number | US-201816120048-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 31, 2018 |
| Priority date | Sep 1, 2017 |
| Publication date | Jan 5, 2021 |
| Grant date | Jan 5, 2021 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure is directed to systems, methods and devices for securing communication resources of group communication devices. Secure resources of a group communication computing device may be maintained in a secure operating environment of the group communication computing device, which is separate from a normal operating environment of the group communication computing device, via a trust partition comprising one or both of an SoC trust partition and a hypervisor. The secure operating environment may comprise input resources including a microphone, a camera, audio encoding and decoding engines, audio encryption and decryption engines, and a secure operating system. The normal operating environment may comprise resources including LTE and WiFi communication resources, transport layer security layer resources, and an operating system.
First claim
Opening claim text (preview).
The invention claimed is: 1. A method for securing communication resources of a computing device, comprising: maintaining, by the computing device, a first operating environment that monitors a first set of resources of the computing device; maintaining, by the computing device, a second operating environment that monitors a set of secure resources of the computing device comprising a communication interface between a voice messaging application, a speaker, and a microphone, wherein the first operating environment comprises a first virtual machine and the second operating environment comprises a second virtual machine, and wherein a system-on-chip (SoC) manages switches between the first operating environment and the second operating environment; receiving, by the first operating environment, an LTE wireless communication comprising an audio messaging packet; sending the audio messaging packet from the first operating environment to the second operating environment; decoding, by the voice messaging application, the audio messaging packet; and playing, by the speaker, the decoded audio messaging packet. 2. The method of claim 1 , wherein the first and second operating environments are partitioned by the SoC having a secure monitor. 3. The method of claim 2 , wherein the secure monitor allows the first operating environment to access the second operating environment upon one or more operations comprising: an interrupt, an external abort, and an explicit call via a secure monitor call instruction. 4. The method of claim 3 , wherein the secure monitor allows the second operating environment to access the first operating environment upon one or more operations comprising: an interrupt, an external abort, an explicit call via a secure monitor call instruction, and a direct write to a current program status register of the computing device. 5. The method of claim 1 , wherein the computing device further comprises a hypervisor. 6. The method of claim 1 , wherein the second operating environment comprises an audio key hashing engine and an audio decompression engine that are partitioned by a hypervisor. 7. The method of claim 1 , wherein the first operating environment maintains a rich operating system and an LTE communication interface. 8. A method for securing communication resources of a computing device, comprising: maintaining, by the computing device, a first operating environment that monitors a first set of resources of the computing device; maintaining, by the computing device, a second operating environment that monitors a set of secure resources of the computing device comprising a communication interface between a voice messaging application, a speaker, and a microphone, wherein the first operating environment comprises a first virtual machine and the second operating environment comprises a second virtual machine, and wherein a system-on-chip (SoC) manages switches between the first operating environment and the second operating environment; receiving, by the second operating environment, an audio input via the microphone; parsing, by the voice messaging application, the audio input into one or more audio messaging packets; sending the one or more audio messaging packets to the first operating environment; encoding, by the first operating environment, the one or more audio messaging packets; and sending, from the first operating environment, an LTE wireless communication comprising the one or more audio messaging packets to a remote management platform. 9. The method of claim 8 , further comprising encoding, by the first operating environment, the one or more audio messaging packets with an identification key for identifying one or more additional computing devices associated with a common communication group. 10. The method of claim 9 , wherein the computing device, and each of the one or more additional computing devices associated with a common communication group, comprise a push-to-talk audio transmission attribute. 11. The method of claim 8 , wherein sending the one or more audio messaging packets to the remote management platform comprises generating, by the first operating environment, one or more HTTP chunks comprised of portions of the audio messaging packet. 12. The method of claim 8 , wherein the computing device further comprises a hypervisor. 13. The method of claim 8 , wherein the first operating environment comprises an audio key hashing engine and an audio decompression engine that are partitioned by a hypervisor. 14. The method of claim 8 , wherein the one or more audio messaging packets are Opus audio codec packets and wherein each Opus audio packet includes N audio data packet fragments. 15. A computer-readable storage device comprising executable instructions, that when executed by one or more processors, assist with securing communication resources of a computing device, the computer-readable storage device including instructions executable by the one or more processors for: maintaining, by the computing device, a first operating environment that monitors a first set of resources of the computing device; maintaining, by the computing device, a second operating environment that monitors a set of secure resources of the computing device comprising a communication interface between a voice messaging application, a speaker, and a microphone, wherein the first operating environment comprises a first virtual machine and the second operating environment comprises a second virtual machine, and wherein a system-on-chip (SoC) manages switches between the first operating environment and the second operating environment; receiving, by the first operating environment, an LTE wireless communication comprising an audio messaging packet; sending the audio messaging packet from the first operating environment to the second operating environment; decoding, by the voice messaging application, the audio messaging packet; and playing, by the speaker, the decoded audio messaging packet. 16. The computer-readable storage device of claim 15 , wherein the first and second operating environments are partitioned by the SoC having a secure monitor. 17. The computer-readable storage device of claim 15 , wherein the computing device further comprises a hypervisor. 18. The computer-readable storage device of claim 15 , wherein the audio messaging packet is encoded with an identification key that identifies the computing device as being a member of a communication group comprising a plurality of computing devices. 19. The computer-readable storage device of claim 15 , wherein the first operating environment comprises an audio key hashing engine and an audio decompression engine that are partitioned by a hypervisor. 20. The computer-readable storage device of claim 15 , wherein the first operating environment further comprises a rich operating system, and the second operating environment further comprises a secure operating system and one or more secure applications.
Assignees
Inventors
Classifications
- G06F9/45558Primary
Hypervisor-specific management and integration aspects · CPC title
Public Land Mobile systems, e.g. cellular systems · CPC title
Source integrity · CPC title
Dual mode as a secondary aspect · CPC title
involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10887290B2 cover?
- The present disclosure is directed to systems, methods and devices for securing communication resources of group communication devices. Secure resources of a group communication computing device may be maintained in a secure operating environment of the group communication computing device, which is separate from a normal operating environment of the group communication computing device, via a …
- Who is the assignee on this patent?
- Orion Labs
- What technology area does this patent fall under?
- Primary CPC classification G06F9/45558. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Jan 05 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).