HK1047378B - Method for permitting debugging and testing of software on a mobile communication device in a secure environment - Google Patents
Method for permitting debugging and testing of software on a mobile communication device in a secure environment Download PDFInfo
- Publication number
- HK1047378B HK1047378B HK02109004.3A HK02109004A HK1047378B HK 1047378 B HK1047378 B HK 1047378B HK 02109004 A HK02109004 A HK 02109004A HK 1047378 B HK1047378 B HK 1047378B
- Authority
- HK
- Hong Kong
- Prior art keywords
- development
- software
- mobile communication
- certification
- communication device
- Prior art date
Links
Description
Technical Field
The present invention relates generally to software authentication of mobile communication devices, and more particularly, to debugging and testing of application software code in a secure environment.
Background
Mobile communication devices have found widespread use, particularly in large cities. These devices are commonly used for voice communications, but as computing power increases, these devices continue to evolve. These mobile communication devices are now able to browse information on the internet using a "mini-browser". Content providers and web site operators can also specifically provide content services for these devices in a format readable by a micro-browser. In addition, micro browsers are becoming more complex and capable of executing portable code, such as JAVA applets. As a result, parties other than the mobile communication device manufacturer can develop software executable by the mobile communication device themselves. This may cause problems.
With the proliferation of traditional desktop or personal computer platforms, mobile communication devices are suspected of having poorly designed code, or worse yet, some code designed to perform some malicious purpose. To prevent the problems associated with these codes, security schemes similar to those in personal computers have been employed on mobile communication devices. The mobile communication device is provided with a root key which may be, for example, a public key of a trust authority as part of a public key infrastructure. There are companies that specialize in providing this service and are able to perform various authentication services, enabling developers to publish their software in such a way that the person who downloads the software can be assured: the code is reliable and unmodified. It is desirable that such security capabilities always remain effective, but this can cause problems for developers who frequently test many versions of code during development and must obtain certification for each added version, which can hinder the efficiency of the development process.
There are currently two conventional solutions to this problem. One is for the developer to invoke specialized software for the mobile communication device where the security features are turned off. But this is undesirable because the device will not be representative of the actual user device. It is desirable to adapt the environment on behalf of the target device for debugging and development. Another solution is to allow the safety feature to be turned off. This may require a special sequence of buttons to turn the security feature on or off. However, this would provide the opportunity for anyone to know how to turn off the security feature. Because mobile communication devices use shared resources, defective or maliciously designed application software will affect many other users. Therefore, there is a need for a security scheme that can both remain effective at all times and also allow developers more flexibility without hiding their development efforts.
Disclosure of Invention
To solve the problems in the prior art and to achieve the object of the present invention, the present invention provides a method for testing software in a portable device having a secure software environment, the portable device having a device identifier and a root key of a public certificate authority, the method comprising: issuing a development certification request containing a device identifier and signed with a developer certification including therein a developer identifier to a public certification authority, the request transmission work being performed by a software developer; receiving, by a software developer, a development certificate specifying an identifier of the developer, development parameters, and a device identifier; signing the application software to be tested in the portable device with the above development certification, thereby providing a signed application software; loading the signed application software into the portable device, the loading being performed over a wireless interface between the portable device and the wireless communication system; authenticating, by the portable device, the development certification of the public certification authority; the application software is executed only when the development-certified device identifier matches the device identifier of the portable device and the development parameters are valid.
The present invention also provides a method of allowing software to be debugged and tested in a mobile communication device having a secure software environment, the mobile communication device having a device identifier, the method comprising: generating a development certificate for the mobile communication device, the development certificate including a device identifier and a development parameter, the generating of the development certificate being performed by a common certificate authority; signing the application software to be tested in the mobile communication device with the development certificate, thereby providing signed application software; invoking the signed application software into the portable device, the invoking being performed over a wireless interface between the portable device and the wireless communication system; authenticating, by the mobile communication device, the development certification of the public certification authority; and executing the application software only when the development-authenticated device identifier matches the device identifier of the portable device and the development parameter is valid.
Drawings
Fig. 1 is a block diagram of a wireless communication system connected to the internet in accordance with the present invention;
FIG. 2 is a block diagram of a mobile communication device and its associated software security architecture;
FIG. 3 is a flow chart for downloading an application software signed with a debug authentication in accordance with the present invention.
Detailed Description
While the specification concludes with claims defining the features of the invention that are regarded as novel, it is believed that the invention will be better understood from a consideration of the following description in conjunction with the drawing figures. In the drawings, like reference numerals are carried forward. A brief description of the prior art is also considered useful.
The present invention solves the problem of testing and debugging code in a mobile communication device operating in a real-time system and having a secure environment by eliminating the need to establish a new certificate for each version or code to be tested for it. The present invention provides a method of generating a multipurpose certificate with which a code developer can sign different versions or build code and have them properly certified without having to build a new certificate for each new version or code to be tested for. The present invention does this by using a new class of authentication, called development authentication. The development certification specifies a machine to be used with a mobile communication device by, for example, specifying an international mobile device identifier for the mobile communication device, and specifies development parameters. The development parameters may specify a time period of use, a number of uses, and the like. With the newly developed authentication types, a developer can specify a particular mobile communication device on which to test code, obtain development authentication from a public key infrastructure provider (e.g., certification authority), and test multiple versions of code being developed on a real-time system with devices that have the same secure environment as the device when entering the sales channel.
Referring to fig. 1, there is shown a block diagram 100 of a wireless communication system for connecting to the internet in accordance with the present invention. A developer's software development studio 102, which desires to develop application software or other code for use in a mobile communication device 104, includes the mobile communication device 104, a server 106, and preferably a local computer 108. The mobile communication device 104 is, for example, a mobile radiotelephone or a cellular telephone that can communicate with the mobile or wireless infrastructure device 110. The mobile communication device contains certain computer resources such as scratch pad memory (random access), non-volatile memory, operating system software, other application processing code, means for transmitting and receiving wireless signals, power supply means, a user interface, an ergonomic software layer, display means and keyboard means for displaying and inputting information, respectively, and other computer resources. A device identifier, such as the International Mobile Equipment Identifier (IMEI), which is well known in the art, and a root key for authenticating codes developed by third parties are stored in non-volatile memory. The mobile communication device also includes wireless network interface means (e.g., an interface for establishing and maintaining packet data communications) and content browsing means (e.g., a mini-browser for browsing content on the internet). A security device is included in the software of the browsing device to prevent unauthorized access to protect computing resources (e.g., Java or virtual machine software execution environments).
The wireless infrastructure 110 includes a base station 112 and typically contains a plurality of such base stations for establishing service units within the vicinity of each base station, as is well known. Each base station is coupled to a Mobile Switching Center (MSC)114 and other switching devices included therein. The MSC may be connected to telephone internet calls and to a Public Switched Telephone Network (PSTN) 115. The MSC or related device is also connected to a wide area public network, such as the internet 116. The link between the mobile infrastructure and the wide area public network is typically a standard transmission link and typically uses, for example, TCP/IP as the public protocol, and it also uses gateways located in the MSC, as is also well known. Various device architectures exist for coupling wireless infrastructure with networks to facilitate the use of these networks by mobile communication devices.
To simplify secure operations in the mobile communication device 104, the public key infrastructure service provider has an internet-connected machine or server 118, which enables other internet-connected machines to interact with the server 118. These service providers typically provide encryption techniques such as public key and authentication services, which include digital encryption authentication and code signing services used by software and code developers. These products and services are used by the target device to authenticate the authenticity of software and code acquired over the public network. These services are currently widely used and are provided by companies such as: verisign corporation, which is found on the internet via a web address with Uniform Resource Locator (URL) www.verisign.com. The public key infrastructure service provider preferably owns the certificate authority server 120 and the code signing server 122. They may also both be interconnected to other machines via a public network.
A secure timeserver 124 may also be provided that is connected to the public network. Other machines may interact with the secure timeserver to obtain a real time stamp or reading, or both. In other words, when a machine connected to the public network needs to check the current time, it may send a request to the secure timeserver to obtain the current time (which may include the current date). The timeserver then responds to send an encrypted time reading back to the requesting machine. The requesting machine then decrypts the time reading using the time server's public key that was previously provided to the requesting machine. In some cases, the secure timeserver may be controlled by a public key infrastructure service provider and connected with the server 118. In this case, the public key of the timeserver may be the same as the public key of the public key infrastructure service provider. Such time servers are also well known.
Fig. 2 is a block diagram of a related software security architecture 200 for a mobile communication device. Only one mobile communication device is considered for use by a code sender to test and debug software and code developed by a developer. The software or code package 202 is acquired by the mobile communication device and installed in the mobile communication device. The software package includes: executable code 204, descriptor files 206, and development certifications 208. According to the present invention, the development certificate contains a device identifier (unique to a particular mobile communication device) for a particular mobile communication device and a development parameter. The development parameter is a parameter selected by the developer and used to specify under what conditions the development certification is valid. For example, the development parameters may be a limited time period, a preselected number of code instances to be tested, a number of versions that can be tested under development certification, and the like. It is also specifically contemplated that the development test may also contain a download counter or count value that controls the number of downloads of the application software and the number of installations in the machine. In development, multiple slightly different versions may be tested. Development certification may then be established according to the methods of the present invention described below. The mobile communication device has a software execution environment 210 that includes: security hypervisor, security domains, and resources 216, resources 216 including physical, software, and data resources. A security manager is a software layer that assigns licensing rights to code installed in a mobile communication device and is able to either grant or deny the installed code access to resources. If a code segment or application does not have the correct authentication, the security manager will refuse to use all resources to prevent the destruction of resources or the execution of code. A security domain is a set of resources that can be accessed by a particular piece of code or application. Thus, the security domain may vary from application to application depending on the resources the application needs to access and whether the application is properly authenticated, e.g., by public key encryption. A security domain capable of properly executing the application is provided within the software code package 202 in accordance with the security policies specified in the specification file 206. Once the software package is authenticated, the security manager can properly set the rights according to the security policy.
The software package 202 shown in fig. 2 is generated, invoked, authenticated and installed according to the process shown in fig. 3. fig. 3 shows a process 300 for downloading an application software signed with a debug authentication according to the present invention. Four main components are included in fig. 3: a developer 302, a Public Key Infrastructure (PKI) server 304, a mobile communication device 306 and optionally a time server 308. The processes described below include both methods for testing software on portable devices and methods that allow for debugging and testing of software on mobile communication devices.
The process is initiated by developer 302, which generates code to be tested or debugged (310). The code is typically developed on a general purpose computer or workstation, such as local computer 108 shown in FIG. 1. When the developer is ready to call code (which may be an application or some other software component), the developer will send or transmit a request for development authentication to the PKI server 304 (312). The PKI servers are operated and controlled by a common certification authority. The request includes a device identifier, which is a unique identifier of the particular portable device or mobile communication device on which the code is to be invoked and tested, and a developer identifier, which allows for authentication of the developer. The request also includes a development parameter and a digital identity of the developer. Development parameters are introduced to limit the effectiveness of developer authentication. The PKI server verifies the request (314), for example, by authenticating the developer's digital signature. Upon successful verification of the developer's request, the PKI server will establish a development certification. This development certification includes a device identifier and a development parameter. These data items are secured by appropriate encryption techniques, such as one-way hash functions.
Once the development certificate is generated, the public certification authority's PKI server will send or transmit it to the developer, who will receive it at his studio (318). The developer then signs the code or application to be tested with the development certificate, thereby providing a signed application. The software will typically be in a documentation format, such as a Java documentation or JAR file, while the application itself is bytecode for portability across multiple platforms. The signed application software is then invoked 322 into a server, such as the developer's server 106 shown in FIG. 1. At this point, the mobile communication device is ready to invoke the software. This may be accomplished in one of two ways, either using a cable between computers on which the signed application resides, or by a wireless link. The invocation of the signature application software (324) may be initiated by the target mobile communication device or developer, if desired. Once the mobile communication device receives the signed application software, it will decrypt the certificate (326) and begin authenticating the developer's signature (328, 330), including verifying the device identifier. If the device identifier does not match the device identifier of the mobile communication device, the software package will be discarded. Authentication is accomplished through a wireless interface that utilizes the network connections and gateways of the wireless system infrastructure 110. If the development parameters specify a valid time period, the mobile communication device will request a signed time reading from a trusted time server (332), which will return a signed or marked time reading (334). The mobile communication device then verifies this time reading (336). The mobile communication device can also create and save a random encoding of development parameters (338) for use with subsequently invoked software versions. This random code is stored in non-volatile memory. The security rights are then set according to the specification file 206, and the application software may then be installed. The development parameter used is the number of times the code can be executed, and each time the code is called it adds 1 to the count of the number of calls, keeps the count in a cryptographically secure format in the non-volatile memory of the mobile communication device, and checks it each time the software is called to determine if it can still be used. The same approach can be used for other development parameters that can be used (e.g., time of validity). For example, each time the software is called, the development parameters are checked under their current condition checks to determine if the development certification is still valid. If invalid, execution of the software will be immediately revoked. Thus, only when the development-certified device identifier matches the device identifier of the portable device or mobile communication device, execution of the software begins and the development parameters are valid. The present invention also provides a method for testing application software in a mobile communication device by generating a development certification. The method comprises the following steps: a request is received from a developer at a public certification authority to perform development certification. The request will contain a device identifier and a development parameter and will be signed with, for example, the developer's public key. The public certification authority then generates a development certificate and includes the device identifier and development parameters therein.
Thus, by using development certifications that can be reused by multiple versions required by a developer over a period of time, or within a predetermined number of instances of code in an executable environment of a portable device or mobile communication device, or within a combination of multiple such parameters, the problem of a developer having to apply for certification for each incremental version of a software project for testing and/or debugging can be addressed. The developer may reuse the same development certification for different versions of the software to be tested, and the certification may be installed and executed by the target device within the expiration date of the device identifier and development parameters. This can promote rapid development while ensuring security measures for the secure environment in the portable device. The process uses one or more development parameters while specifying a unique portable device identifier and uses encryption techniques for authenticating and monitoring the use of software by the portable device. The portable device itself retains certain variables to keep track of software usage and installation and can determine if further execution is allowed, if desired. Although the embodiments of the present invention have been illustrated above, it is apparent that the present invention is not limited thereto. Various modifications, changes, variations, substitutions and equivalents will occur to those skilled in the art without departing from the spirit and scope of the present invention as defined by the appended claims.
Claims (8)
1. A method for testing software in a portable device having a secure software environment, the portable device having a device identifier and a root key of a public certificate authority, the method comprising:
issuing a development certification request containing a device identifier and signed with a developer certification including therein a developer identifier to a public certification authority, the request transmission work being performed by a software developer;
receiving, by a software developer, a development certificate specifying an identifier of the developer, development parameters, and a device identifier;
signing the application software to be tested in the portable device with the above development certification, thereby providing a signed application software;
loading the signed application software into the portable device, the loading being performed over a wireless interface between the portable device and the wireless communication system;
authenticating, by the portable device, the development certification of the public certification authority;
the application software is executed only when the development-certified device identifier matches the device identifier of the portable device and the development parameters are valid.
2. The method of claim 1 wherein the development parameters include a validity period and the authentication includes authentication of the validity period.
3. The method of claim 1 wherein the development parameters include a download counter and the authenticating step includes the step of determining whether the download counter has been exceeded.
4. A method for allowing debugging and testing of software in a mobile communication device having a secure software environment, the mobile communication device having a device identifier, the method comprising:
generating a development certificate for the mobile communication device, the development certificate including a device identifier and a development parameter, the generating of the development certificate being performed by a common certificate authority;
signing the application software to be tested in the mobile communication device with the development certificate, thereby providing signed application software;
invoking the signed application software into the portable device, the invoking being performed over a wireless interface between the portable device and the wireless communication system;
authenticating, by the mobile communication device, the development certification of the public certification authority; and
the application software is executed only when the development-certified device identifier matches the device identifier of the portable device and the development parameters are valid.
5. The method of claim 4, wherein the generated development parameters include a validity period for developing the certification, and the authentication includes authentication of the validity period.
6. The method of claim 4, wherein the generated development parameters include a time of day for developing the certification, and the authentication task includes an authentication step for the time of day.
7. The method of claim 4, wherein the generated development parameters include a download counter for developing the authentication, and the authentication includes the step of determining whether the download counter has been exceeded.
8. The method of claim 4, wherein the generating step comprises the step of generating the development certificate when the device identifier is an international mobile device identifier for the mobile communication device.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US09/745,061 | 2000-12-20 | ||
| US09/745,061 US20020078380A1 (en) | 2000-12-20 | 2000-12-20 | Method for permitting debugging and testing of software on a mobile communication device in a secure environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| HK1047378A1 HK1047378A1 (en) | 2003-02-14 |
| HK1047378B true HK1047378B (en) | 2005-05-06 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1165189C (en) | Method for debugging and testing mobile communication device software in a secure environment | |
| US6766353B1 (en) | Method for authenticating a JAVA archive (JAR) for portable devices | |
| US9100403B2 (en) | Apparatus and methods for providing authorized device access | |
| US7360097B2 (en) | System providing methodology for securing interfaces of executable files | |
| US7565533B2 (en) | Systems and methods for providing object integrity and dynamic permission grants | |
| US9900161B2 (en) | Method for certifying android client application by local service unit | |
| JP4673364B2 (en) | Method for verifying first ID and second ID of entity | |
| EP1776799B1 (en) | Enhanced security using service provider authentication | |
| US8788808B2 (en) | Authenticating digitally encoded products without private key sharing | |
| US20050015340A1 (en) | Method and apparatus for supporting service enablers via service request handholding | |
| CN101567893A (en) | Method and system for uploading files in WEB application | |
| CN102571693A (en) | Capability safety calling method, device and system | |
| CN111556029A (en) | Identity authentication method and device based on Secure Element (SE) | |
| JP3593979B2 (en) | Server and client with usage right control, service providing method and usage right certifying method | |
| US7558963B2 (en) | Communication device and program | |
| US20230229752A1 (en) | Attestation of application identity for inter-app communications | |
| Board | Jade security guide | |
| CN112312392B (en) | Data acquisition method, system and storage medium suitable for mobile equipment | |
| HK1047378B (en) | Method for permitting debugging and testing of software on a mobile communication device in a secure environment | |
| KR20020083551A (en) | Development and Operation Method of Multiagent Based Multipass User Authentication Systems | |
| CN108270741A (en) | Mobile terminal authentication method and system | |
| Gallery | Authorisation issues for mobile code in mobile systems | |
| Feng et al. | Mobile application protection solution based on 3G security architecture and OpenID | |
| CN113836560A (en) | An information processing method, device, equipment and storage medium | |
| Fries | Security Analysis of Real-Life OpenID Connect Implementations |