WO2007122266A3 - Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment - Google Patents

Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment Download PDF

Info

Publication number
WO2007122266A3
WO2007122266A3 PCT/EP2007/054117 EP2007054117W WO2007122266A3 WO 2007122266 A3 WO2007122266 A3 WO 2007122266A3 EP 2007054117 W EP2007054117 W EP 2007054117W WO 2007122266 A3 WO2007122266 A3 WO 2007122266A3
Authority
WO
WIPO (PCT)
Prior art keywords
execution
execution environment
data processing
processing application
service provider
Prior art date
Application number
PCT/EP2007/054117
Other languages
German (de)
French (fr)
Other versions
WO2007122266A2 (en
Inventor
Peter Landgendoerfer
Michael Maaser
Original Assignee
Ihp Gmbh
Peter Landgendoerfer
Michael Maaser
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ihp Gmbh, Peter Landgendoerfer, Michael Maaser filed Critical Ihp Gmbh
Priority to EP07728572A priority Critical patent/EP2014048A2/en
Publication of WO2007122266A2 publication Critical patent/WO2007122266A2/en
Publication of WO2007122266A3 publication Critical patent/WO2007122266A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles

Abstract

The invention relates to an execution container for a service provider's data processing application. Said execution container comprises at least one execution environment, a communication interface that is connected to the execution environment, and a security control unit which is connected to the communication interface and is configured so as to prevent the data processing application from communicating data with any communication terminal external to the execution environment if the data communication path circumvents the execution environment. An access control unit is also provided which is connected to the communication interface and is configured so as to prevent the execution environment from communicating data with any communication terminal which is external to the execution container and is not defined as authorized through a first security agreement.
PCT/EP2007/054117 2006-04-26 2007-04-26 Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment WO2007122266A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07728572A EP2014048A2 (en) 2006-04-26 2007-04-26 Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE200610020093 DE102006020093A1 (en) 2006-04-26 2006-04-26 Protecting a data processing application of a service provider for a user by a trusted execution environment
DE102006020093.4 2006-04-26

Publications (2)

Publication Number Publication Date
WO2007122266A2 WO2007122266A2 (en) 2007-11-01
WO2007122266A3 true WO2007122266A3 (en) 2008-01-17

Family

ID=38325467

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2007/054117 WO2007122266A2 (en) 2006-04-26 2007-04-26 Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment

Country Status (3)

Country Link
EP (1) EP2014048A2 (en)
DE (1) DE102006020093A1 (en)
WO (1) WO2007122266A2 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030158960A1 (en) * 2000-05-22 2003-08-21 Engberg Stephan J. System and method for establishing a privacy communication path
US20040025016A1 (en) * 2002-06-17 2004-02-05 Digitalnet Government Solutions, Llc Trusted computer system
US20040268356A1 (en) * 1999-11-19 2004-12-30 White Peter Duncan Separation kernel with memory allocation, remote procedure call and exception handling mechanisms

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6098172A (en) * 1997-09-12 2000-08-01 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with proxy reflection
WO2002080457A1 (en) * 2001-03-29 2002-10-10 Sphere Software Corporation Layering enterprise application services using semantic firewalls
DE10253676B4 (en) * 2002-11-18 2008-03-27 Siemens Ag Method and device for the remote transmission of sensitive data
EP1569410B1 (en) * 2004-02-26 2015-07-08 BlackBerry Limited Method and system for automatically configuring access control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040268356A1 (en) * 1999-11-19 2004-12-30 White Peter Duncan Separation kernel with memory allocation, remote procedure call and exception handling mechanisms
US20030158960A1 (en) * 2000-05-22 2003-08-21 Engberg Stephan J. System and method for establishing a privacy communication path
US20040025016A1 (en) * 2002-06-17 2004-02-05 Digitalnet Government Solutions, Llc Trusted computer system

Also Published As

Publication number Publication date
EP2014048A2 (en) 2009-01-14
WO2007122266A2 (en) 2007-11-01
DE102006020093A1 (en) 2007-10-31

Similar Documents

Publication Publication Date Title
WO2009122296A3 (en) System for mitigating the unauthorized use of a device
WO2009122290A3 (en) System for mitigating the unauthorized use of a device
WO2008127430A3 (en) Secure access to restricted resource
WO2012083285A3 (en) Operating system supporting cost aware applications
WO2009122306A3 (en) Method for mitigating the unauthorized use of a device
WO2009122291A3 (en) Method for mitigating the unauthorized use of a device
WO2009122297A3 (en) System for monitoring the unauthorized use of a device
WO2009122293A3 (en) System for monitoring the unauthorized use of a device
WO2008058152A3 (en) Multiple stakeholder secure memory partitioning and access control
WO2008034252A3 (en) Method and system for triggering internet applications using messages
WO2009003446A3 (en) Apparatus for controlling a machine, and remote communication system
WO2012027701A3 (en) Parallel processing development environment and associated methods
WO2008076572A3 (en) Wireless communications control in a controlled environment facility
GB2442348B (en) Method for provisioning of credentials and software images in secure network environments
WO2007089503A3 (en) Systems and methods for multi-factor authentication
WO2011082073A3 (en) Identification and authorization of communication devices
MXPA06003297A (en) The method of safe certification service.
WO2012087582A3 (en) Secure and private location
WO2007096871A3 (en) Device, system and method of accessing a security token
WO2008129765A1 (en) Monitoring unit control system
WO2007144802A3 (en) Authentication in a multiple-access environment
WO2008065333A3 (en) Secure access to a protected network resource within a restricted area
WO2008124515A3 (en) A system and method for binding a subscription-based computing system to an internet service provider
WO2009032732A3 (en) Secure computer working environment utilizing a read-only bootable media
WO2007050797A3 (en) Secure virtual-machine monitor

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07728572

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2007728572

Country of ref document: EP