WO2007122266A3 - Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment - Google Patents
Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment Download PDFInfo
- Publication number
- WO2007122266A3 WO2007122266A3 PCT/EP2007/054117 EP2007054117W WO2007122266A3 WO 2007122266 A3 WO2007122266 A3 WO 2007122266A3 EP 2007054117 W EP2007054117 W EP 2007054117W WO 2007122266 A3 WO2007122266 A3 WO 2007122266A3
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- execution
- execution environment
- data processing
- processing application
- service provider
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogram communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
Abstract
The invention relates to an execution container for a service provider's data processing application. Said execution container comprises at least one execution environment, a communication interface that is connected to the execution environment, and a security control unit which is connected to the communication interface and is configured so as to prevent the data processing application from communicating data with any communication terminal external to the execution environment if the data communication path circumvents the execution environment. An access control unit is also provided which is connected to the communication interface and is configured so as to prevent the execution environment from communicating data with any communication terminal which is external to the execution container and is not defined as authorized through a first security agreement.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP07728572A EP2014048A2 (en) | 2006-04-26 | 2007-04-26 | Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102006020093.4 | 2006-04-26 | ||
DE200610020093 DE102006020093A1 (en) | 2006-04-26 | 2006-04-26 | Protecting a data processing application of a service provider for a user by a trusted execution environment |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2007122266A2 WO2007122266A2 (en) | 2007-11-01 |
WO2007122266A3 true WO2007122266A3 (en) | 2008-01-17 |
Family
ID=38325467
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2007/054117 WO2007122266A2 (en) | 2006-04-26 | 2007-04-26 | Protected execution of a service provider's data processing application for a user by means of a trustworthy execution environment |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2014048A2 (en) |
DE (1) | DE102006020093A1 (en) |
WO (1) | WO2007122266A2 (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030158960A1 (en) * | 2000-05-22 | 2003-08-21 | Engberg Stephan J. | System and method for establishing a privacy communication path |
US20040025016A1 (en) * | 2002-06-17 | 2004-02-05 | Digitalnet Government Solutions, Llc | Trusted computer system |
US20040268356A1 (en) * | 1999-11-19 | 2004-12-30 | White Peter Duncan | Separation kernel with memory allocation, remote procedure call and exception handling mechanisms |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6098172A (en) * | 1997-09-12 | 2000-08-01 | Lucent Technologies Inc. | Methods and apparatus for a computer network firewall with proxy reflection |
WO2002080457A1 (en) * | 2001-03-29 | 2002-10-10 | Sphere Software Corporation | Layering enterprise application services using semantic firewalls |
DE10253676B4 (en) * | 2002-11-18 | 2008-03-27 | Siemens Ag | Method and device for the remote transmission of sensitive data |
EP1569410B1 (en) * | 2004-02-26 | 2015-07-08 | BlackBerry Limited | Method and system for automatically configuring access control |
-
2006
- 2006-04-26 DE DE200610020093 patent/DE102006020093A1/en not_active Ceased
-
2007
- 2007-04-26 EP EP07728572A patent/EP2014048A2/en not_active Withdrawn
- 2007-04-26 WO PCT/EP2007/054117 patent/WO2007122266A2/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040268356A1 (en) * | 1999-11-19 | 2004-12-30 | White Peter Duncan | Separation kernel with memory allocation, remote procedure call and exception handling mechanisms |
US20030158960A1 (en) * | 2000-05-22 | 2003-08-21 | Engberg Stephan J. | System and method for establishing a privacy communication path |
US20040025016A1 (en) * | 2002-06-17 | 2004-02-05 | Digitalnet Government Solutions, Llc | Trusted computer system |
Also Published As
Publication number | Publication date |
---|---|
WO2007122266A2 (en) | 2007-11-01 |
DE102006020093A1 (en) | 2007-10-31 |
EP2014048A2 (en) | 2009-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2009122290A3 (en) | System for mitigating the unauthorized use of a device | |
WO2008127430A3 (en) | Secure access to restricted resource | |
WO2012083285A3 (en) | Operating system supporting cost aware applications | |
WO2009122306A3 (en) | Method for mitigating the unauthorized use of a device | |
WO2009122291A3 (en) | Method for mitigating the unauthorized use of a device | |
WO2009122297A3 (en) | System for monitoring the unauthorized use of a device | |
WO2009122293A3 (en) | System for monitoring the unauthorized use of a device | |
WO2008058152A3 (en) | Multiple stakeholder secure memory partitioning and access control | |
WO2008110878A3 (en) | Device-initiated security policy | |
WO2008034252A3 (en) | Method and system for triggering internet applications using messages | |
WO2009003446A3 (en) | Apparatus for controlling a machine, and remote communication system | |
WO2012027701A3 (en) | Parallel processing development environment and associated methods | |
GB2442348B (en) | Method for provisioning of credentials and software images in secure network environments | |
WO2007089503A3 (en) | Systems and methods for multi-factor authentication | |
WO2011082073A3 (en) | Identification and authorization of communication devices | |
WO2007054775A3 (en) | Portable local server with context sensing | |
WO2009031453A1 (en) | Network security monitor apparatus and network security monitor system | |
WO2007096871A3 (en) | Device, system and method of accessing a security token | |
WO2008129765A1 (en) | Monitoring unit control system | |
WO2010085394A3 (en) | Conversation rights management | |
WO2007144802A3 (en) | Authentication in a multiple-access environment | |
WO2008065333A3 (en) | Secure access to a protected network resource within a restricted area | |
WO2008124515A3 (en) | A system and method for binding a subscription-based computing system to an internet service provider | |
WO2009032732A3 (en) | Secure computer working environment utilizing a read-only bootable media | |
WO2007050797A3 (en) | Secure virtual-machine monitor |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07728572 Country of ref document: EP Kind code of ref document: A2 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007728572 Country of ref document: EP |