[go: up one dir, main page]

WO2025230456A1 - Client-server model with trusted client application - Google Patents

Client-server model with trusted client application

Info

Publication number
WO2025230456A1
WO2025230456A1 PCT/SE2025/050409 SE2025050409W WO2025230456A1 WO 2025230456 A1 WO2025230456 A1 WO 2025230456A1 SE 2025050409 W SE2025050409 W SE 2025050409W WO 2025230456 A1 WO2025230456 A1 WO 2025230456A1
Authority
WO
WIPO (PCT)
Prior art keywords
client
client application
data
trusted
tca
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/SE2025/050409
Other languages
French (fr)
Inventor
Joachim Samuelsson
Paul CRONHOLM
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Crunchfish AB
Original Assignee
Crunchfish AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Crunchfish AB filed Critical Crunchfish AB
Publication of WO2025230456A1 publication Critical patent/WO2025230456A1/en
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/42Security arrangements using identity modules using virtual identity modules
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/66Trust-dependent, e.g. using trust scores or trust relationships

Definitions

  • the present invention generally relates to client-server systems. More particularly, the present invention relates to technical improvements for providing trust in clients for such client-server systems. Even more particularly, the present invention relates to a method in a client-server system that provides and uses a trusted client application, a non-transitory computer readable storage medium and a computer program comprising computer program code for performing the functionality of the trusted client application, and an associated client host device.
  • Digital communication is typically enabled between one or more mobile communication devices over wide-area networks, WAN, for instance via cellular radio systems like 5G, UMTS or GSM, or over wireless local area networks, WLAN.
  • digital communication may be enabled over various short-range wireless data communication standards, such as Bluetooth or WiFi.
  • the term “communication device” includes a mobile communication device, a mobile phone, a smart phone, a tablet computer, a personal digital assistant, a portable computer, smart glasses, a smart wearable (e.g.
  • a smart watch or smart bracelet a smart card
  • a payment terminal a service terminal, a point-of-sales terminal, a checkout counter, a delivery pickup point, a vending machine, a ticket machine, a dispensing machine and an access control system, without limitation.
  • the present invention creates a client-server model with a trusted client application that is secure and device-agnostic at the same time. Any client-server
  • W116080072 system may benefit from this, especially when assets are handled offline in the client.
  • a trusted client application improves the overall security in the system.
  • the server can rely on the client to perform certain security checks and validations locally before sending data to the server. This reduces the attack surface and vulnerabilities that malicious actors could exploit. It is also possible to offload security checks and processing from the server, leading to improved performance and scalability of the system.
  • Authentication and encryption can be seamlessly integrated within the client application, enhancing the user experience without compromising security. Trust in clients facilitates also secure end-to-end encryption between the client and server, ensuring confidentiality and data integrity.
  • Offline capabilities provide application resilience, faster response times and enables novel use cases and commercial benefits in diverse markets segments such as generative Al, mobile gaming, media consumption, and identification.
  • Application security for client-server systems is conventionally implemented in the server. With the present invention, however, it is possible to complement such server security with having trust in the client applications as well. Trust in applications is based on the ability to handle data securely 1) during execution, 2) when stored, and 3) in transit. The execution is vulnerable because data must be decrypted to be processed. This requires a secure element on the mobile device. To avoid limiting the user base to certain mobile devices, the secure element should not be hardware dependent, but instead software-based in an app-integrated virtual secure element. Data is stored on the mobile phone in encrypted files. For data integrity, it is necessary to be able to detect if files have been tampered with. The security protocol of the application makes the encrypted communication secure while data is in transit.
  • a first inventive aspect is a method in a client-server system, i.e. a computerized method.
  • the method comprises: providing a trusted client application solely executing within a secure virtual machine that is embedded within a client application, the secure virtual machine having a virtualized operating system and providing an isolated runtime for the trusted client application to securely handle client resources for the client application, said client resources comprising executable client logic, client assets data and optionally one or more of the following: a client digital certificate, and client subscription data.
  • the trusted client application :
  • W116080072 receives an execution request from the client application; validates one or more of the client assets data, client digital certificate and client subscription data; and upon successful validation, executes at least some of the client logic and updates the client assets data.
  • a second inventive aspect is a non-transitory computer readable storage medium having stored thereon a computer program comprising computer program code for performing the functionality of the trusted client application solely executing within the secure virtual machine that is embedded within the client application in the method according to the first inventive aspect, including any or all of its embodiments, when the computer program code is executed by a processing device, such as a central processing unit, CPU, of a client host device, such as a mobile device.
  • a processing device such as a central processing unit, CPU
  • a client host device such as a mobile device.
  • a third inventive aspect is a computer program product comprising computer program code for performing the functionality of the trusted client application solely executing within the secure virtual machine that is embedded within the client application in the method according to the first inventive aspect, including any or all of its embodiments, when the computer program code is executed by a processing device, such as a central processing unit, CPU, of the client host device, e.g. mobile device.
  • a processing device such as a central processing unit, CPU, of the client host device, e.g. mobile device.
  • a fourth inventive aspect is a client host device, such as a mobile device, comprising: a processing device, such as a central processing unit, CPU; an operating system run by the processing device; a client application executable in the operating system and embedding a secure virtual machine having a virtualized operating system; and a trusted client application solely executable within an isolated runtime provided by the secure virtual machine, wherein the trusted client application is configured for performing the functionality of the trusted client application in the method according to the first inventive aspect, including any or all of its embodiments,
  • Expressions like “[entity] is configured for. . . [performing activity]” or “[entity] is configured to . . . [perform activity]” will include typical cases where a computerized entity (having one or more controllers, processing units, programmable circuitry, etc.) executes software or firmware installed in the computerized entity, wherein the execution occurs in order to perform the activity in question.
  • FIGS 1 and 2 are flowchart diagrams that illustrate embodiments of the inventive aspects.
  • Figure 3 illustrates one implementation architecture for these inventive aspects.
  • Figure 4 is a schematic illustration of a computer-readable medium in an exemplary embodiment, capable of storing a computer program product.
  • FIG. 1 illustrates an embodiment of a method in a client-server system.
  • the client-server system comprises a client host device 300 and a server 390.
  • An embodiment of the client host device 300 is illustrated in Figure 3.
  • the client host device 300 executes a client application 340.
  • the client host device 300 may typically be a mobile device, wherein the client application 340 is executed in a normal or rich execution environment of an operating system 350 of the mobile device 300.
  • the mobile device 300 may, for instance, be a mobile communication device, such as a mobile phone, smart phone, tablet computer, personal digital assistant, laptop computer, smart glasses, smart watch, smart card or smart wearable (e.g. smart bracelet), or any combination thereof.
  • the operating system 350 may, for instance, be Google Android or Apple iOS.
  • a trusted client application TCA; 310 executes solely within a secure virtual machine 320 that is embedded within the client application 340.
  • the secure virtual machine 320 has a virtualized operating system 330 and provides an isolated runtime for the trusted client application TCA; 310 to securely handle client resources 112; client data for the client application 340.
  • the client resources 112; client data comprises executable client logic client logic, client assets data client assets and optionally one or more of the following: a client digital certificate client certificate, and client subscription data client subscription.
  • the secure virtual machine 320 may comprise a protection mechanism 332 with respect to the operating system 350, as is commonplace as such.
  • the method involves a client- controlled execution block 140 in which the trusted client application TCA; 310 receives 144 an execution request 142 from the client application 340, and validates 146 one or more of the client assets data client assets, client digital certificate client certificate and client subscription data client subscription. Upon successful validation, at 148 the trusted client application TCA; 310 executes at least some of the client logic client logic, and updates the client assets data client assets.
  • the client host device is seen at 300.
  • the trusted client application is seen at 310.
  • the secure virtual machine is seen at 320 and may, for instance, be based on a Virtual Secure Element (VSE) as provided by V-Key Inc. Further reference in this regard is made, for instance, to European patent EP 2 795 829 Bl.
  • VSE Virtual Secure Element
  • the virtualized operating system is seen at 330 and may, for instance, be based on a V-OS as provided by V-Key Inc.
  • the client application is seen at 340. The operating
  • W116080072 system of the client host device 300 is seen at 350.
  • a file system of the client host device 300 is seen at 360.
  • the trusted client application TCA; 310 upon executing at least some of the client logic client logic and updating the client assets data client assets at 148 in Figure 1, the trusted client application TCA; 310 sends an execution response 150 to the client application 340, whereupon the client application 340 may execute 152 further clientside functionality.
  • This allows flexibility and resource efficiency, since only client-side functionality for which security is critical will have to be executed by the trusted client application TCA; 310, whereas other (non-critical) client-side functionality may be executed by the client application 340 in the normal or rich execution environment of the operating system 350.
  • the client application 340 is operably associated with a server function provided by the server 390.
  • the method of the disclosed embodiment further involves a client initialization block 110 with initial steps of generating 118 the client resources 112; client data by the server function upon request 116 by the client application 340.
  • the generated client resources 112; client data are delivered 120 by the server function to the client application 340.
  • the client resources 112; client data are forwarded 122 by the client application 340 to the trusted client application TCA; 310, and stored by the trusted client application TCA; 310 at 124.
  • Such data encryption and decryption may, for instance, be based on asymmetric (private/public) keys pairs, with a first private cryptographic key client _private key securely kept by the trusted client application TCA; 310 and a second private cryptographic key server _private key securely kept by the server.
  • a TLS Transport Layer Security
  • the server function stores 118 the generated client resources 112; client data in or at the server 390 upon the generation thereof at the completion of the client initialization block 110.
  • the trusted client application TCA; 310 may deliver 176, 178 updated client resources 112; client data to the server function via the client application 340 in a server update block 170, and the server function stores 180 the updated client resources 112; client data in or at the server 390 upon the receipt thereof.
  • the server function stores 118 the generated client resources 112; client data in or at the server 390 upon the generation thereof at the completion of the client initialization block 110.
  • the trusted client application TCA; 310 may deliver 176, 178 updated client resources 112; client data to the server function via the client application 340 in a server update block 170, and the server function stores 180 the updated client resources 112; client data in or at the server 390 upon the receipt thereof.
  • the server function stores 118 the generated client resources 112; client data in or at the server 390 upon the generation thereof at the completion of the client
  • W116080072 the delivery 176, 178 of updated client resources 112; client data to the server function via the client application 340 may take place over a secure link as described above, i.e. for instance over a TLS link.
  • client initialization block 110 and the server update block 170 involve communication between the client hos device 300 and the server 390, this is however not the case for the client-controlled execution block 140. No communication is required with the server 390 in this block 140.
  • the functionality of the client-controlled execution block 140 i.e. the client logic client logic, executed by the trusted client application TCA; 310 and the updating of the client assets data client assets in the trusted client application TCA; 310 at 148, as well as the further client-side functionality executed by the client application 340 at 152, therefore lends itself very well to offline digital services.
  • the client resources 112; client data may advantageously be stored securely (cf. step 124 in Figure 1) by the secure virtual machine 320 in a storage space 364 provided by the operating system 350 of the mobile device 300.
  • the stored client resources 112; client data may be encrypted using a private cryptographic key (for instance the aforementioned first private cryptographic key client private key) which is kept secure by the trusted client application TCA; 310.
  • the securely stored client resources 112; client data are retrievable 362 (cf. step 146 in Figure 1) in encrypted form by the trusted client application TCA, 310 from the storage space 364 via system calls 352 and/or 354 in the normal or rich execution environment of the operating system 350.
  • Decryption will be available only to the trusted client application TCA, 310, since this will require use of the private cryptographic key being kept solely within the trusted client application TCA, 310.
  • the trusted client application TCA, 310 may operate on them (cf. step 148 in Figure 1) solely within the isolated runtime provided by the secure virtual machine 320, without access from or communication with the normal or rich execution environment of the operating system 350 of the mobile device 300.
  • the storage space 364 may be a dedicated area of the file system 360 of the mobile device 300.
  • the file system 360 may be hosted by secondary storage such as a disk drive, solid state drive (SSD), flash memory, EEPROM, etc.
  • the client application 340 with the embedded secure virtual machine 320 and the trusted client application TCA, 310 executable therein, may have been compiled into a set of binary code, distributable by a digital marketplace, such as for instance Google
  • W116080072 Play or Apple App Store, and downloadable from the digital marketplace to the client host device 300 by a user.
  • the secure virtual machine 320 with the trusted client application TCA, 310 and the virtualized operating system 330 may be delivered as a Software Development Kit (SDK) 322 to a developer/provider for integration with the client application 340.
  • SDK Software Development Kit
  • the client resources client data may pertain to a digital service, and the client logic client logic may define client-side functionality of the digital service.
  • the digital service may, for instance, be a generative Al service, a digital content streaming service, a gaming service, or an identification service.
  • An embodiment illustrated in Figure 2 involves client-side-requested performance of server-side functionality of the digital service. Accordingly, such an embodiment of the method may involve the following:
  • the first execution request triggering the trusted client application TCA, 310 to validate 264 one or more of the client assets data client assets, client digital certificate client certificate and client subscription data
  • the trusted client application upon successful validation, sending 266 a first execution response to the client application 340.
  • W116080072 execution” 240 in Figure 2 see steps 242-248.
  • the nature of the trusted client application TCA; 310 may provide sufficient trust for a provider of the digital service to allow client-side execution of the digital service, wholly or partly, rather than only server-side.
  • the client-side functionality performed upon execution by the trusted client application TCA; 310 can be seen as a kind of on-the-edge computing.
  • the client digital certificate client certificate as referred to above may define one or more of a certificate issuing date, a certificate expiry date, and a signature by a certificate authority.
  • the trusted client application TCA; 310 validates 146 with respect to one or more of the parameters of the client digital certificate client certificate .
  • the client assets data client assets as referred to above may define one or more of client credentials, cryptographic client key data, counters or functions for prevention of fraudulent replay/roll-back usage of any part of the client resources 112; client data, media content, secure time/clock data, transaction logs, and transaction risk limits.
  • the trusted client application TCA; 310 validates 146 with respect to one or more of these parameters of the client assets data client assets, prior to making the update 148 thereof.
  • the client subscription data client subscription as referred to above may define one or more of a start date, an end date, a volume limit on a number of permitted accesses to the digital service, and a temporal limit on usage of the digital service.
  • the trusted client application TCA; 310 validates 146 with respect to one or more of these parameters of the client subscription data client subscription.
  • the validation 146 by the trusted client application TCA; 310 may in some embodiment be based on a combination of two or more of the types of parameters referred to above.
  • Communication between the client host device 300 and server 390 may generally use any commonly available means of long-range or broadband communication.
  • the communication is based on wide area network communication, including cellular radio communication like W-CDMA, GSM, UTRAN, HSPA, LTE, LTE Advanced or 5G, possibly communicated as TCP/IP traffic, or via a WLAN (WiFi) access point, without limitation.
  • cellular radio communication like W-CDMA, GSM, UTRAN, HSPA, LTE, LTE Advanced or 5G, possibly communicated as TCP/IP traffic, or via a WLAN (WiFi) access point, without limitation.
  • WiFi WiFi
  • the communication between the client host device 300 and server 390 may be based on short-range data communication, including any form of proximity-based device-to-device communication.
  • W116080072 Bluetooth Low Energy
  • RFID Wireless Local Area Network
  • WLAN Wireless Local Area Network
  • WiFi Wireless Local Area Network
  • mesh communication wireless LTE Direct
  • non-radio-based short-range wireless data communication such as, for instance, magnetic communication (such as NFC), audio communication, ultrasound communication, or optical communication (such as IrDA).
  • FIG. 4 is a schematic illustration of a computer-readable medium 400 in one exemplary embodiment, capable of storing a computer program product 410.
  • the computer-readable medium 400 in the disclosed embodiment is a portable memory device, such as a Universal Serial Bus (USB) stick.
  • the computer-readable medium 400 may however be embodied in various other ways instead, as is well-known per se to the skilled person.
  • the portable memory device 400 comprises a housing 430 having an interface, such as a connector 440, and a memory chip 420.
  • the memory chip 420 is a flash memory, i.e. a non-volatile data storage that can be electrically erased and re-programmed.
  • the memory chip 420 stores the computer program product 410 which is programmed with computer program code (instructions) that when loaded into a processing device, such as a CPU, will perform any of the functionalities listed in the next paragraph.
  • the portable memory device 300 is arranged to be connected to and read by a reading device for loading the instructions into the processing device.
  • a computer-readable medium can also be other media such as compact discs, digital video discs, hard drives or other memory technologies commonly used.
  • the computer program code (instructions) can also be downloaded from the computer-readable medium via a wireless interface to be loaded into the processing device.
  • the computer-readable medium 400/computer program product 410 may comprise computer program code for performing the functionality of the trusted client application TCA; 310 solely executing within the secure virtual machine 320 that is embedded within the client application 340 in the method as referred to above for Figures 1-3, when the computer program code is executed by the processing device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

A method in a client-server system involves providing a trusted client application (TCA; 310) solely executing within a secure virtual machine (320) that is embedded within a client application (340). The secure virtual machine has a virtualized operating system (330) and provides an isolated runtime for the trusted client application (TCA; 310) to securely handle client resources (112; client data) for the client application (340). The client resources (112; client data) comprises executable client logic (client_logic), client assets data (client_assets), and optionally one or more of a client digital certificate (client_certificate) and client subscription data (client_subscription). The trusted client application (TCA; 310) receives (144) an execution request (142) from the client application (340) and validates (146) one or more of the client assets data (client_assets), client digital certificate (client_certificate) and client subscription data (client_subscription). Upon successful validation (148), the trusted client application (TCA; 310) executes at least some of the client logic (client_logic) and updates the client assets data (client_assets).

Description

CLIENT-SERVER MODEL WITH TRUSTED CLIENT APPLICATION
TECHNICAL FIELD
The present invention generally relates to client-server systems. More particularly, the present invention relates to technical improvements for providing trust in clients for such client-server systems. Even more particularly, the present invention relates to a method in a client-server system that provides and uses a trusted client application, a non-transitory computer readable storage medium and a computer program comprising computer program code for performing the functionality of the trusted client application, and an associated client host device.
BACKGROUND
The technical field of digital communication has seen an overwhelming market penetration during the last decades. Digital communication is typically enabled between one or more mobile communication devices over wide-area networks, WAN, for instance via cellular radio systems like 5G, UMTS or GSM, or over wireless local area networks, WLAN. Alternatively or additionally, digital communication may be enabled over various short-range wireless data communication standards, such as Bluetooth or WiFi. As used in this document, the term “communication device” includes a mobile communication device, a mobile phone, a smart phone, a tablet computer, a personal digital assistant, a portable computer, smart glasses, a smart wearable (e.g. smart watch or smart bracelet), a smart card, a payment terminal, a service terminal, a point-of-sales terminal, a checkout counter, a delivery pickup point, a vending machine, a ticket machine, a dispensing machine and an access control system, without limitation.
Many applications based on digital communication are based on a client-server approach, with the server performing functionality of, for instance, a digital service, to a user of a client device.
SUMMARY
The present inventors have made valuable technical insights These insights will be presented as inventive aspects below as well as in the detailed description section, the claims and the drawings. The list of inventive aspects is not to be seen as exhaustive but rather a summary of particularly beneficial inventive aspects.
In a nutshell, the present invention creates a client-server model with a trusted client application that is secure and device-agnostic at the same time. Any client-server
W116080072 system may benefit from this, especially when assets are handled offline in the client. In addition to enabling offline use cases, a trusted client application improves the overall security in the system. The server can rely on the client to perform certain security checks and validations locally before sending data to the server. This reduces the attack surface and vulnerabilities that malicious actors could exploit. It is also possible to offload security checks and processing from the server, leading to improved performance and scalability of the system. Authentication and encryption can be seamlessly integrated within the client application, enhancing the user experience without compromising security. Trust in clients facilitates also secure end-to-end encryption between the client and server, ensuring confidentiality and data integrity.
There are multiple market segments where device-agnostic trusted client applications for offline use cases are of importance. Offline capabilities provide application resilience, faster response times and enables novel use cases and commercial benefits in diverse markets segments such as generative Al, mobile gaming, media consumption, and identification.
Application security for client-server systems is conventionally implemented in the server. With the present invention, however, it is possible to complement such server security with having trust in the client applications as well. Trust in applications is based on the ability to handle data securely 1) during execution, 2) when stored, and 3) in transit. The execution is vulnerable because data must be decrypted to be processed. This requires a secure element on the mobile device. To avoid limiting the user base to certain mobile devices, the secure element should not be hardware dependent, but instead software-based in an app-integrated virtual secure element. Data is stored on the mobile phone in encrypted files. For data integrity, it is necessary to be able to detect if files have been tampered with. The security protocol of the application makes the encrypted communication secure while data is in transit.
In view of the above, a first inventive aspect is a method in a client-server system, i.e. a computerized method. The method comprises: providing a trusted client application solely executing within a secure virtual machine that is embedded within a client application, the secure virtual machine having a virtualized operating system and providing an isolated runtime for the trusted client application to securely handle client resources for the client application, said client resources comprising executable client logic, client assets data and optionally one or more of the following: a client digital certificate, and client subscription data.
In this method, the trusted client application:
W116080072 receives an execution request from the client application; validates one or more of the client assets data, client digital certificate and client subscription data; and upon successful validation, executes at least some of the client logic and updates the client assets data.
A second inventive aspect is a non-transitory computer readable storage medium having stored thereon a computer program comprising computer program code for performing the functionality of the trusted client application solely executing within the secure virtual machine that is embedded within the client application in the method according to the first inventive aspect, including any or all of its embodiments, when the computer program code is executed by a processing device, such as a central processing unit, CPU, of a client host device, such as a mobile device.
A third inventive aspect is a computer program product comprising computer program code for performing the functionality of the trusted client application solely executing within the secure virtual machine that is embedded within the client application in the method according to the first inventive aspect, including any or all of its embodiments, when the computer program code is executed by a processing device, such as a central processing unit, CPU, of the client host device, e.g. mobile device.
A fourth inventive aspect is a client host device, such as a mobile device, comprising: a processing device, such as a central processing unit, CPU; an operating system run by the processing device; a client application executable in the operating system and embedding a secure virtual machine having a virtualized operating system; and a trusted client application solely executable within an isolated runtime provided by the secure virtual machine, wherein the trusted client application is configured for performing the functionality of the trusted client application in the method according to the first inventive aspect, including any or all of its embodiments,
Other aspects, objectives, features and advantages of the inventive aspects will appear from the following detailed disclosure as well as from the claims and the drawings. Generally, all terms used herein are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein.
It should be emphasized that the term “comprises/comprising” when used in this specification is taken to specify the presence of stated features, integers, steps, or
W116080072 components, but does not preclude the presence or addition of one or more other features, integers, steps, components, or groups thereof. All terms used herein are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the [element, device, component, means, step, etc.]" are to be interpreted openly as referring to at least one instance of the element, device, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
Expressions like “[entity] is configured for. . . [performing activity]” or “[entity] is configured to . . . [perform activity]” will include typical cases where a computerized entity (having one or more controllers, processing units, programmable circuitry, etc.) executes software or firmware installed in the computerized entity, wherein the execution occurs in order to perform the activity in question.
All references to "a/an/the [element, device, component, means, step, etc.]" are to be interpreted openly as referring to at least one instance of the element, device, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
BRIEF DESCRIPTION OF THE DRAWINGS
Figures 1 and 2 are flowchart diagrams that illustrate embodiments of the inventive aspects.
Figure 3 illustrates one implementation architecture for these inventive aspects. Figure 4 is a schematic illustration of a computer-readable medium in an exemplary embodiment, capable of storing a computer program product.
DETAILED DESCRIPTION OF EMBODIMENTS
Embodiments of the invention will now be described with reference to the accompanying drawings. The invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. The terminology used in the detailed description of the particular embodiments illustrated in the accompanying drawings is not intended to be limiting of the invention. In the drawings, like reference signs refer to like elements.
W116080072 Figure 1 illustrates an embodiment of a method in a client-server system. The client-server system comprises a client host device 300 and a server 390. An embodiment of the client host device 300 is illustrated in Figure 3. The client host device 300 executes a client application 340. The client host device 300 may typically be a mobile device, wherein the client application 340 is executed in a normal or rich execution environment of an operating system 350 of the mobile device 300. The mobile device 300 may, for instance, be a mobile communication device, such as a mobile phone, smart phone, tablet computer, personal digital assistant, laptop computer, smart glasses, smart watch, smart card or smart wearable (e.g. smart bracelet), or any combination thereof. The operating system 350 may, for instance, be Google Android or Apple iOS.
According to the method of the present invention, a trusted client application TCA; 310 is provided that executes solely within a secure virtual machine 320 that is embedded within the client application 340. The secure virtual machine 320 has a virtualized operating system 330 and provides an isolated runtime for the trusted client application TCA; 310 to securely handle client resources 112; client data for the client application 340. The client resources 112; client data comprises executable client logic client logic, client assets data client assets and optionally one or more of the following: a client digital certificate client certificate, and client subscription data client subscription. To this end, the secure virtual machine 320 may comprise a protection mechanism 332 with respect to the operating system 350, as is commonplace as such.
As can be seen for the embodiment in Figure 1, the method involves a client- controlled execution block 140 in which the trusted client application TCA; 310 receives 144 an execution request 142 from the client application 340, and validates 146 one or more of the client assets data client assets, client digital certificate client certificate and client subscription data client subscription. Upon successful validation, at 148 the trusted client application TCA; 310 executes at least some of the client logic client logic, and updates the client assets data client assets.
Referring briefly to Figure 3, the client host device is seen at 300. The trusted client application is seen at 310. The secure virtual machine is seen at 320 and may, for instance, be based on a Virtual Secure Element (VSE) as provided by V-Key Inc. Further reference in this regard is made, for instance, to European patent EP 2 795 829 Bl. The virtualized operating system is seen at 330 and may, for instance, be based on a V-OS as provided by V-Key Inc. The client application is seen at 340. The operating
W116080072 system of the client host device 300 is seen at 350. A file system of the client host device 300 is seen at 360.
In the disclosed embodiment, upon executing at least some of the client logic client logic and updating the client assets data client assets at 148 in Figure 1, the trusted client application TCA; 310 sends an execution response 150 to the client application 340, whereupon the client application 340 may execute 152 further clientside functionality. This allows flexibility and resource efficiency, since only client-side functionality for which security is critical will have to be executed by the trusted client application TCA; 310, whereas other (non-critical) client-side functionality may be executed by the client application 340 in the normal or rich execution environment of the operating system 350.
Advantageously, as can be seen for the disclosed embodiment, the client application 340 is operably associated with a server function provided by the server 390. The method of the disclosed embodiment further involves a client initialization block 110 with initial steps of generating 118 the client resources 112; client data by the server function upon request 116 by the client application 340. The generated client resources 112; client data are delivered 120 by the server function to the client application 340. In turn, the client resources 112; client data are forwarded 122 by the client application 340 to the trusted client application TCA; 310, and stored by the trusted client application TCA; 310 at 124.
This may occur upon initialization of the client application 340 with the trusted client application TCA; 310 and take place via a link secured by data encryption end-to- end (with the trusted client application TCA; 310 being one end and the server function being the other end). Such data encryption and decryption may, for instance, be based on asymmetric (private/public) keys pairs, with a first private cryptographic key client _private key securely kept by the trusted client application TCA; 310 and a second private cryptographic key server _private key securely kept by the server. A TLS (Transport Layer Security) is one example of such a link.
Advantageously, the server function stores 118 the generated client resources 112; client data in or at the server 390 upon the generation thereof at the completion of the client initialization block 110. Subsequently, after the client-controlled execution block 140, the trusted client application TCA; 310 may deliver 176, 178 updated client resources 112; client data to the server function via the client application 340 in a server update block 170, and the server function stores 180 the updated client resources 112; client data in or at the server 390 upon the receipt thereof. As seen at 178 in Figure 1,
W116080072 the delivery 176, 178 of updated client resources 112; client data to the server function via the client application 340 may take place over a secure link as described above, i.e. for instance over a TLS link.
Note that while the client initialization block 110 and the server update block 170 involve communication between the client hos device 300 and the server 390, this is however not the case for the client-controlled execution block 140. No communication is required with the server 390 in this block 140. The functionality of the client- controlled execution block 140, i.e. the client logic client logic, executed by the trusted client application TCA; 310 and the updating of the client assets data client assets in the trusted client application TCA; 310 at 148, as well as the further client-side functionality executed by the client application 340 at 152, therefore lends itself very well to offline digital services.
With reference to Figure 3, the client resources 112; client data may advantageously be stored securely (cf. step 124 in Figure 1) by the secure virtual machine 320 in a storage space 364 provided by the operating system 350 of the mobile device 300. To this end, the stored client resources 112; client data may be encrypted using a private cryptographic key (for instance the aforementioned first private cryptographic key client private key) which is kept secure by the trusted client application TCA; 310. The securely stored client resources 112; client data are retrievable 362 (cf. step 146 in Figure 1) in encrypted form by the trusted client application TCA, 310 from the storage space 364 via system calls 352 and/or 354 in the normal or rich execution environment of the operating system 350. Decryption will be available only to the trusted client application TCA, 310, since this will require use of the private cryptographic key being kept solely within the trusted client application TCA, 310. Once the client resources 112; client data have been retrieved and decrypted, the trusted client application TCA, 310 may operate on them (cf. step 148 in Figure 1) solely within the isolated runtime provided by the secure virtual machine 320, without access from or communication with the normal or rich execution environment of the operating system 350 of the mobile device 300.
The storage space 364 may be a dedicated area of the file system 360 of the mobile device 300. The file system 360 may be hosted by secondary storage such as a disk drive, solid state drive (SSD), flash memory, EEPROM, etc.
The client application 340, with the embedded secure virtual machine 320 and the trusted client application TCA, 310 executable therein, may have been compiled into a set of binary code, distributable by a digital marketplace, such as for instance Google
W116080072 Play or Apple App Store, and downloadable from the digital marketplace to the client host device 300 by a user. In this regard, the secure virtual machine 320 with the trusted client application TCA, 310 and the virtualized operating system 330 may be delivered as a Software Development Kit (SDK) 322 to a developer/provider for integration with the client application 340. This represents a convenient and yet secure approach to software development and deployment.
The client resources client data may pertain to a digital service, and the client logic client logic may define client-side functionality of the digital service. The digital service may, for instance, be a generative Al service, a digital content streaming service, a gaming service, or an identification service.
An embodiment illustrated in Figure 2 involves client-side-requested performance of server-side functionality of the digital service. Accordingly, such an embodiment of the method may involve the following:
• The client application 340 sending 262 a first execution request to the trusted client application TCA, 310.
• The first execution request triggering the trusted client application TCA, 310 to validate 264 one or more of the client assets data client assets, client digital certificate client certificate and client subscription data
(client subscription) .
• The trusted client application (TCA, 310), upon successful validation, sending 266 a first execution response to the client application 340.
• Upon receipt of the first execution response, the client application 340 sending 268 a second execution request to the server function of the server 390.
• Upon receipt of the second execution request, the server function executing 270 the server-side functionality of the digital service.
• Upon completion of the execution of the server-side functionality of the digital service, the server function sending 272 a second execution response to the client application 340.
• Finally, upon receipt of the second execution response, the client application 340 executing 274 the client-side functionality of the digital service.
This approach, illustrated as “server-controlled execution from TCA” 260 in Figure 2, is an attractive and novel alternative to conventional performance of digital services exclusively by server-side functionality on client resources kept only by the server. For comparison, such a conventional approach is illustrated as “server-controlled
W116080072 execution” 240 in Figure 2, see steps 242-248. The nature of the trusted client application TCA; 310 may provide sufficient trust for a provider of the digital service to allow client-side execution of the digital service, wholly or partly, rather than only server-side. In this regard, the client-side functionality performed upon execution by the trusted client application TCA; 310 can be seen as a kind of on-the-edge computing.
The client digital certificate client certificate as referred to above may define one or more of a certificate issuing date, a certificate expiry date, and a signature by a certificate authority. In some embodiments, the trusted client application TCA; 310 validates 146 with respect to one or more of the parameters of the client digital certificate client certificate .
The client assets data client assets as referred to above may define one or more of client credentials, cryptographic client key data, counters or functions for prevention of fraudulent replay/roll-back usage of any part of the client resources 112; client data, media content, secure time/clock data, transaction logs, and transaction risk limits. In some embodiments, the trusted client application TCA; 310 validates 146 with respect to one or more of these parameters of the client assets data client assets, prior to making the update 148 thereof.
The client subscription data client subscription as referred to above may define one or more of a start date, an end date, a volume limit on a number of permitted accesses to the digital service, and a temporal limit on usage of the digital service. In some embodiments, the trusted client application TCA; 310 validates 146 with respect to one or more of these parameters of the client subscription data client subscription.
The validation 146 by the trusted client application TCA; 310 may in some embodiment be based on a combination of two or more of the types of parameters referred to above.
Communication between the client host device 300 and server 390 may generally use any commonly available means of long-range or broadband communication. Preferably, the communication is based on wide area network communication, including cellular radio communication like W-CDMA, GSM, UTRAN, HSPA, LTE, LTE Advanced or 5G, possibly communicated as TCP/IP traffic, or via a WLAN (WiFi) access point, without limitation.
Alternatively or additionally, the communication between the client host device 300 and server 390 may be based on short-range data communication, including any form of proximity-based device-to-device communication. This includes radio-based short-range wireless data communication such as, for instance, Bluetooth, BLE
W116080072 (Bluetooth Low Energy), RFID, WLAN, WiFi, mesh communication or LTE Direct, without limitation. It also includes non-radio-based short-range wireless data communication such as, for instance, magnetic communication (such as NFC), audio communication, ultrasound communication, or optical communication (such as IrDA).
Figure 4 is a schematic illustration of a computer-readable medium 400 in one exemplary embodiment, capable of storing a computer program product 410. The computer-readable medium 400 in the disclosed embodiment is a portable memory device, such as a Universal Serial Bus (USB) stick. The computer-readable medium 400 may however be embodied in various other ways instead, as is well-known per se to the skilled person. The portable memory device 400 comprises a housing 430 having an interface, such as a connector 440, and a memory chip 420. In the disclosed embodiment, the memory chip 420 is a flash memory, i.e. a non-volatile data storage that can be electrically erased and re-programmed. The memory chip 420 stores the computer program product 410 which is programmed with computer program code (instructions) that when loaded into a processing device, such as a CPU, will perform any of the functionalities listed in the next paragraph. The portable memory device 300 is arranged to be connected to and read by a reading device for loading the instructions into the processing device. It should be noted that a computer-readable medium can also be other media such as compact discs, digital video discs, hard drives or other memory technologies commonly used. The computer program code (instructions) can also be downloaded from the computer-readable medium via a wireless interface to be loaded into the processing device.
The computer-readable medium 400/computer program product 410 may comprise computer program code for performing the functionality of the trusted client application TCA; 310 solely executing within the secure virtual machine 320 that is embedded within the client application 340 in the method as referred to above for Figures 1-3, when the computer program code is executed by the processing device.
The invention has mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the invention, as defined by the appended patent claims.
W116080072

Claims

1. A method in a client-server system, the method comprising: providing a trusted client application (TCA; 310) solely executing within a secure virtual machine (320) that is embedded within a client application (340), the secure virtual machine having a virtualized operating system (330) and providing an isolated runtime for the trusted client application (TCA; 310) to securely handle client resources (112; client data) for the client application (340), said client resources (112; client data) comprising executable client logic (client logic), client assets data (client assets) and optionally one or more of the following: a client digital certificate (client certificate), and client subscription data (client subscription), wherein the trusted client application (TCA; 310): receives (144) an execution request (142) from the client application (340); validates (146) one or more of the client assets data (client assets), client digital certificate (client certificate) and client subscription data (client subscription),' and upon successful validation (148), executes at least some of the client logic (client logic) and updates the client assets data (client assets).
2. The method as defined in claim 1, the client application (340) being operably associated with a server function provided by a server (390), the method further involving initial steps of: generating (118) the client resources (112; client data) by the server function upon request (116) by the client application (340); delivering (120) the generated client resources (112; client data) by the server function to the client application (340); and forwarding (122) the client resources (112; client data) by the client application (340) to the trusted client application (TCA; 310).
3. The method as defined in claim 2, wherein: the server function stores (118) the generated client resources (112; client data) in or at the server (390) upon generation thereof; the trusted client application (TCA; 310) subsequently delivers (176, 178) updated client resources (112; client data) to the server function via the client application (340); and
W116080072 the server function stores (180) the updated client resources (112; client data) in or at the server (390) upon receipt thereof.
4. The method as defined in any preceding claim, wherein: upon executing at least some of the client logic (client logic) and updating the client assets data (client assets), the trusted client application (TCA; 310) sends an execution response (150) to the client application (340), whereupon the client application (340) executes (152) further client-side functionality.
5. The method as defined in any preceding claim, wherein the client application (340) is executed on a client host device (300).
6. The method as defined in claim 5, wherein the client host device (300) is a mobile device, and wherein the client application (340) is executed in a normal or rich execution environment of an operating system (350) of the mobile device (300).
7. The method as defined in claim 6, wherein the client resources (112; client data) are securely stored by the secure virtual machine (320) in a storage space (364) provided by the operating system (350) of the mobile device (300).
8. The method as defined in claim 7, wherein: the stored client resources (112; client data) are encrypted using a private cryptographic key which is kept secure by the trusted client application (TCA; 310), and the securely stored client resources (112; client data) are retrievable (362) in encrypted form by the trusted client application (TCA, 310) from the storage space (364) via system calls (352, 354) in the normal or rich execution environment of the operating system (350), decryption being available only to the trusted client application (TCA, 310) because of the private cryptographic key being solely kept within the trusted client application (TCA, 310), such that once retrieved and decrypted, the trusted client application (TCA, 310) may operate on the client resources (112; client data) solely within the isolated runtime provided by the secure virtual machine (320), without access from or communication with the normal or rich execution environment of the operating system (350) of the mobile device (300).
W116080072
9. The method as defined in claim 7 or 8, wherein the storage space (364) is a dedicated area of a file system (360) of the mobile device (300).
10. The method as defined in any preceding claim, wherein the client application (340) with the embedded secure virtual machine (320) and the trusted client application (TCA, 310) executable therein have been compiled into a set of binary code, distributable by a digital marketplace and downloadable from the digital marketplace to the client host device (300) by a user.
11. The method as defined in any preceding claim, wherein the client resources (client data) pertain to a digital service, and the client logic (client logic) define clientside functionality of the digital service.
12. The method as defined in claim 11, further involving client-side-requested performance of server-side functionality of said digital service by: the client application (340) sending (262) a first execution request to the trusted client application (TCA, 310); the first execution request triggering the trusted client application (TCA, 310) to validate (264) one or more of the client assets data (client assets), client digital certificate (client certificate) and client subscription data (client subscription),' the trusted client application (TCA, 310), upon successful validation, sending (266) a first execution response to the client application (340); upon receipt of the first execution response, the client application (340) sending (268) a second execution request to the server function of said server (390); upon receipt of the second execution request, the server function executing (270) said server-side functionality of said digital service; upon completion of the execution of said server-side functionality of said digital service, the server function sending (272) a second execution response to the client application (340); and upon receipt of the second execution response, the client application (340) executing (274) said client-side functionality of said digital service.
13. The method as defined in claim 11 or 12, wherein the digital service is any of a generative Al service, a digital content streaming service, a gaming service, and an identification service.
W116080072
14. The method as defined in any preceding claim, wherein the client digital certificate (client certificate defines one or more of a certificate issuing date, a certificate expiry date, and a signature by a certificate authority.
15. The method as defined in any preceding claim, wherein the client assets data (client assets) defines one or more of client credentials, cryptographic client key data, counters or functions for prevention of fraudulent replay/roll-back usage of any part of the client resources (112; client data), media content, secure time/clock data, transaction logs, and transaction risk limits.
16. The method as defined in any preceding claim when dependent on claim 11, wherein the client subscription data (client subscription) defines one or more of a start date, an end date, a volume limit on a number of permitted accesses to the digital service, and a temporal limit on usage of the digital service.
17. The method as defined in any of claims 14-16, wherein the validation (146) by the trusted client application (TCA; 310) is based on a combination of two or more of the types of parameters referred to in claims 14-16.
18. A non-transitory computer readable storage medium (400) having stored thereon a computer program (410) comprising computer program code for performing the functionality of the trusted client application (TCA; 310) solely executing within the secure virtual machine (320) that is embedded within the client application (340) in the method according to any of claim 1-17, when the computer program code is executed by a processing device of the client host device (300).
19. A computer program product comprising computer program code for performing the functionality of the trusted client application solely executing within the secure virtual machine that is embedded within the client application in the method according to any of claim 1-17, when the computer program code is executed by a processing device of the client host device (300).
20. A client host device (300), comprising: a processing device;
W116080072 an operating system (350) run by the processing device; a client application (340) executable in the operating system (350) and embedding a secure virtual machine having a virtualized operating system (330); and a trusted client application (TCA; 310) solely executable within an isolated runtime provided by the secure virtual machine (320), wherein the trusted client application (TCA; 310) is configured for performing the functionality of the trusted client application in the method according to any of claim 1-17.
W116080072
PCT/SE2025/050409 2024-05-02 2025-05-02 Client-server model with trusted client application Pending WO2025230456A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE2450476 2024-05-02
SE2450476-3 2024-05-02

Publications (1)

Publication Number Publication Date
WO2025230456A1 true WO2025230456A1 (en) 2025-11-06

Family

ID=97561785

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2025/050409 Pending WO2025230456A1 (en) 2024-05-02 2025-05-02 Client-server model with trusted client application

Country Status (1)

Country Link
WO (1) WO2025230456A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018162040A1 (en) * 2017-03-07 2018-09-13 Huawei Technologies Co., Ltd. Hypervisor measurement agent
US20190005229A1 (en) * 2015-12-11 2019-01-03 Gemalto Sa Mobile device having trusted execution environment
US20200143041A1 (en) * 2018-11-01 2020-05-07 Foundation Of Soongsil University-Industry Cooperation Hybrid trust execution environment based android security framework, android device equipped with the same and method of executing trust service in android device
US20200272737A1 (en) * 2018-05-25 2020-08-27 Huawei Technologies Co., Ltd. Multi-container-based trusted application processing method and related device
US20200364158A1 (en) * 2015-06-15 2020-11-19 Intel Corporation Virtualization-based platform protection technology

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200364158A1 (en) * 2015-06-15 2020-11-19 Intel Corporation Virtualization-based platform protection technology
US20190005229A1 (en) * 2015-12-11 2019-01-03 Gemalto Sa Mobile device having trusted execution environment
WO2018162040A1 (en) * 2017-03-07 2018-09-13 Huawei Technologies Co., Ltd. Hypervisor measurement agent
US20200272737A1 (en) * 2018-05-25 2020-08-27 Huawei Technologies Co., Ltd. Multi-container-based trusted application processing method and related device
US20200143041A1 (en) * 2018-11-01 2020-05-07 Foundation Of Soongsil University-Industry Cooperation Hybrid trust execution environment based android security framework, android device equipped with the same and method of executing trust service in android device

Similar Documents

Publication Publication Date Title
RU2542930C2 (en) Booting and configuring subsystem securely from non-local storage
US9270466B2 (en) System and method for temporary secure boot of an electronic device
CN107111500B (en) Wireless Reserve of Application Libraries
EP3241335B1 (en) Method and apparatus for securing a mobile application
US9916574B2 (en) Secure computing device and method
KR101533787B1 (en) Writing application data to a secure element
TWI510959B (en) Update the operating system for security devices
CN110582774B (en) System and method for software module binding
US9430650B2 (en) Method for managing memory space in a secure non-volatile memory of a secure element
CN107925572A (en) Secure binding of software application to communication device
CN113748698B (en) Secure communications when accessing the network
CN104823207A (en) Securing personal identification numbers for mobile payment applications by combining with random components
CN114491682A (en) Virtual subscriber identity module and virtual smart card
FR3002671A1 (en) METHOD FOR UPDATING THE SYSTEM FOR OPERATING A SECURE MICROCIRCUIT
US20180240113A1 (en) Determining legitimate conditions at a computing device
EP4681099A1 (en) Preventing fraudulent rollback of a trusted application
US9674272B2 (en) Information processing apparatus and method, and program
KR102026279B1 (en) How to manage your application
WO2025230456A1 (en) Client-server model with trusted client application
EP3364329B1 (en) Security architecture for device applications
CN115037495B (en) Track activity of endpoints with secure storage devices during authentication for security operations
CN115037496A (en) Endpoint customization via online firmware stores
CN115037494A (en) Cloud service login without pre-customization of endpoints
CN115037493A (en) Monitoring integrity of endpoints with secure memory devices for identity authentication
HK1240347A1 (en) Over-the-air provisioning of application library

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 25798309

Country of ref document: EP

Kind code of ref document: A1