System of multiple domains and domain ownership

What is claimed: 1. A system comprising: a device comprising a plurality of domains supported by at least one platform, each domain comprising a configuration of computing resources executing on the at least one platform and each domain being configured to perform functions for an owner of the domain that may be located locally or remotely from the domain, wherein each domain may have a different owner, and wherein each owner may specify policies for operation of its domain, and the domains are isolated from each other such that their respective computing resources cannot be accessed by the other domains without authorization by the respective domain owner; and a system-wide domain manager resident on one of the domains, the system-wide domain manager configured to: enforce the policies of the domain on which it is resident, coordinate the enforcement of respective policies of the other domains in relation to the domain in which the system-wide domain manager resides, coordinate the interaction among the other domains in accordance with their respective policies and the policies of the domain in which the system-wide domain manager resides, make a request that the other domains produce a respective integrity attestation, wherein the request comprises authorization data, such that the other domains can verify, using the authorization data, that the system-wide domain manager has authority to make the request for the integrity attestation; evaluate whether the computing resources are sufficient to load a new domain that is isolated from the other domains on the device, and if the computing resources are sufficient, determine to load the new domain based on one or more policies of at least one of the domains, wherein the computing resources comprise memory and virtual machine threads. 2. The system of claim 1 , wherein the system-wide domain manager provides information to a domain owner to enable the owner to determine whether its policies are being complied with. 3. The system of claim 1 , wherein an owner of one of said domains comprises a manufacturer of the device in which that domain resides. 4. The system of claim 1 , wherein an owner of one of said domains comprises a service provider. 5. The system of claim 4 , wherein the domain owned by the service provider performs a subscriber identity module (SIM) function to authenticate to the service provider the subscription to the service as supported by the device on which the domain resides whereby such authentication of subscription with the service provider enables communications between the device and the service provider. 6. The system of claim 1 , wherein at least one of the domains performs subscription authentication. 7. The system of claim 1 , wherein at least one of the domains performs device authentication. 8. The system of claim 1 , wherein said one or more devices comprises one or more of a wireless transmit/receive unit, a user equipment, a mobile station, a fixed or mobile subscriber unit, a pager, a cellular telephone, a personal digital assistant, a computing device, a machine-to-machine device, a SIM card, a Universal Integrated Circuit Card (UICC), a geo-tracking device, or a billing device. 9. The system of claim 1 , wherein said at least one platform comprises at least one processor. 10. The system of claim 9 , wherein said at least one platform further comprises at least one memory. 11. The system of claim 9 , wherein said at least one platform further comprises at least one operating system and at least one piece of low-level firmware or software. 12. The system of claim 1 , wherein the system-wide domain manager accesses information providing a list of resources available for use by said one or more domains. 13. The system of claim 1 , wherein the system-wide domain manager supervises the loading and maintenance of domains owned by remote owners. 14. The system of claim 13 , wherein the system-wide domain manager considers the policies of one or more existing domains when evaluating whether to load a new domain. 15. The system of claim 14 , wherein a policy of a given domain owned by a remote owner may specify that the given domain be rendered inactive when a certain type of other domain becomes active. 16. The system of claim 14 , wherein a policy of a given domain owned by a remote owner may specify that the given domain be rendered inactive when another domain owned by a certain other remote owner becomes active. 17. The system of claim 14 , wherein a policy of a given domain owned by a remote owner may specify that operation of the given domain be limited when a certain type of other domain becomes active. 18. The system of claim 14 , wherein a policy of a given domain owned by a remote owner may specify that operation of the given domain be limited when another domain owned by a certain other remote owner becomes active. 19. The system of claim 1 , wherein at least one domain may be established in a state in which it is not owned by any owner, and wherein the system-wide domain manager coordinates the establishment of ownership of the domain by a remote owner. 20. The system of claim 19 , wherein the remote owner and the domain in the system may authenticate each other. 21. The system of claim 19 , wherein the remote owner and the domain in the system may communicate with each other via a secure channel set up between them. 22. The system of claim 19 , wherein the system-wide domain manager transmits information to a remote owner that the remote owner may consider in determining whether to establish ownership of the domain. 23. The system of claim 22 , wherein the information comprises at least one of (i) information attesting to an integrity of the domain for which ownership is sought; and (ii) information attesting to an integrity of at least one other domain of the system. 24. The system of claim 22 , wherein the information comprises at least one of (i) information attesting to an integrity of the platform using whose resources the domain for which the ownership is sought for operates; and (ii) information attesting to an integrity of the platform using whose resources at least one other domain of the system operates. 25. The system of claim 22 , wherein the information comprises information concerning a current environment of the device. 26. The system of claim 25 , wherein the information comprises at least one of: (i) a value indicating a number of other domains in the system; (ii) information providing a summary nature of other domains in the system; and (iii) information specifying resources of the platform available for use by the domain for which ownership is attempting to be established. 27. The system of claim 22 , wherein the degree to which information is provided to the remote owner about other domains of the system is conditioned on the respective policies of those other domains. 28. The system of claim 19 , wherein after a remote owner establishes ownership of the domain, the domain receives from the remote owner at least one of cryptographic keys, configuration information, parameters and executable code to increase the functionality of the domain. 29. The system of claim 19 , wherein after a remote owner establishes ownership of the domain, the domain receives its policy from the remote owner. 30. The system of claim 1 ,