WO2021094890A1 - Procédé et produit logiciel pour commander le canal bluetooth - Google Patents

Procédé et produit logiciel pour commander le canal bluetooth Download PDF

Info

Publication number
WO2021094890A1
WO2021094890A1 PCT/IB2020/060511 IB2020060511W WO2021094890A1 WO 2021094890 A1 WO2021094890 A1 WO 2021094890A1 IB 2020060511 W IB2020060511 W IB 2020060511W WO 2021094890 A1 WO2021094890 A1 WO 2021094890A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
software application
communication channel
bluetooth
bluetooth communication
Prior art date
Application number
PCT/IB2020/060511
Other languages
English (en)
Inventor
Mauro Conti
Eleonora LOSIOUK
Pierre SEDON
Original Assignee
Universita' Degli Studi Di Padova
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Universita' Degli Studi Di Padova filed Critical Universita' Degli Studi Di Padova
Publication of WO2021094890A1 publication Critical patent/WO2021094890A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/088Access security using filters or firewalls
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/606Protecting data by securing the transmission between two devices or processes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/60Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/128Anti-malware arrangements, e.g. protection against SMS fraud or mobile malware
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Definitions

  • the present invention relates to the computer systems sector.
  • the invention relates to a method for controlling the communication channel according to the Bluetooth standard by a software application installed on an electronic device.
  • the Bluetooth communication standard abbreviated to 'BT', is widely used in the management of the so-called personal networks or PAN - English acronym for Personal Area Network.
  • PAN Personal Area Network
  • the Bluetooth standard permits establishing a stable, high-speed and low-energy consumption short-range communication between electronic devices.
  • the Bluetooth standard is used for the connection to a first device - such as a smartphone, tablet, personal computer, etc. - of another similar device - for example another smartphone - and/ or one or more second devices belonging to different types - such as smartwatches, fitness trackers, wireless headphones, medical devices, smartcard/ credit card readers, printers, vehicles , etc.
  • the pairing between the first device and the second device for the communication according to the Bluetooth standard occurs at the level of the entire device.
  • this can be exploited by one or more software applications installed on one of the two devices, in particular on the first device, in order to transfer information from one device to another.
  • Bluetooth Low Energy provides that multiple software applications being executed on the first device can communicate via the Bluetooth communication channel at the same time. In this case, it is even more difficult to detect a malicious software application that improperly exploits the Bluetooth communication.
  • the Applicant has determined that it is possible to design procedures which, once implemented in a first device - for example, masked by, or included in non-suspicious software applications installed by the user on the first device - unduly acquire sensitive data - for example, patient's biometric data - provided by a second device coupled via Bluetooth to the first device in a completely transparent manner to the user.
  • the defence mechanisms proposed in the aforementioned articles propose substantial modifications to the operating system - in particular, the Android operating system - executed on the first device. These expedients therefore go far beyond the skills of a generic user and require to be approved and integrated into the operating system by the body that develops and releases it - for example, Google Inc. in the case of Android.
  • US 2019/065736 describes a method for preventing malicious applications from exploiting the application services.
  • This method may include: identifying an attempt to initiate an application service by an application, where the application is executed in a sandbox environment, determining that the application poses a potential security risk, asking to a user of the computer device to remedy the potential security risk posed by the application by executing a security action and while waiting for the user to execute the recommended security action, protecting the computer device by blocking the attempt to initiate the application service by the application.
  • US 2013/104232 otherwise describes a security device which provides a 'secure deployment environment' for a wireless communication device.
  • the security device connects to the wireless communication device via a standard connection interface without requiring modifications to the wireless communication device.
  • WO 2016/032563 describes a complex system for guaranteeing the security of transactions carried out via electronic devices.
  • an emulator instantiated on a device and configured to emulate an integrated circuit having a set of instructions different from the integrated circuit of the device itself.
  • a host operating system is executed on the emulated integrated circuit. This host operating system is configured to communicate with a hosting operating system being executed on the device via an emulated network interface of the emulator.
  • a request is received on a first secure communication channel from an application being executed on the hosting operating system to authorise a transaction.
  • the user's input is obtained from an input device of the hosting device and transformed into verification data.
  • a second secure communication channel other than the first one is established with a remote system via the emulated network interface and a request on the second channel is sent to the remote system to authorize the transaction based on the verification data.
  • An authorization result is received from the remote system via the second secure communication channel and a response is sent to the application on the first secure communication channel indicating the authorization result.
  • An object of the present invention is to overcome the disadvantages of the prior art.
  • Bluetooth communication channel' or 'communication via Bluetooth' are intended to indicate the communication channel based on radio frequency signals that uses radio resources (for example, bandwidth, maximum transmissible power, etc.) in accordance with the Bluetooth® specifications defined by the Bluetooth Special Interest Group.
  • a further object of the present invention is to present a software application which is simple to use for a non-expert user, and which is at the same time capable of blocking any unauthorized attempt to connect via the Bluetooth communication channel.
  • the present invention is directed to a method for controlling communications via the Bluetooth communication channel in an electronic device, wherein the electronic device is configured to execute an operating system.
  • the method comprises the steps of: creating a virtual environment configured to execute an instance of at least one software application stored on a first electronic device; executing in the virtual environment a software application enabled to communicate via the Bluetooth communication channel; identifying an attempt to communicate via the Bluetooth communication channel by said software application with a second electronic device coupled to the first electronic device; if a communication attempt via the Bluetooth communication channel is identified, blocking the communication attempt and requesting an authorization by a user of the first electronic device, and allowing said communication via the Bluetooth communication channel in the presence of an authorization provided by said user, or preventing said communication via the Bluetooth communication channel in the absence of an authorization by said user.
  • creating a virtual environment comprises: allocating a dedicated memory area for executing a control software application; instantiating the control software application inside said dedicated memory area, and the control software application executes the virtual environment inside the dedicated memory area, said virtual environment being a replica of said operating system.
  • the virtual environment is a replica of the operating system being executed on the first device, or native operating system, in the sense that it is not a simple secure memory area or, sandbox, commonly used to execute software applications - as is the case in Android - but it is an instance of a software application that allows the execution of multiple applications, preserving the functionality thereof and ensuring access to all the services of the native operating system.
  • this solution can be implemented in a simple way with no need to alter the real operating system of the first device and/or the Bluetooth communication protocol.
  • said method can be implemented without having privileged user's permissions (referred to in the jargon as root or superuser) in the operating system, in particular Android, implemented on the first electronic device.
  • the method further comprises the steps of: identifying software applications enabled to communicate via the Bluetooth communication channel stored on the first electronic device; selecting at least one software application enabled to communicate via the Bluetooth communication channel to be executed in the virtual environment, and in which the step of executing in the virtual environment a software application, enabled to communicate via the Bluetooth communication channel, comprises identifying a command to execute at least one selected software application and creating an instance of said selected software application in the virtual environment.
  • the step of identifying an attempt to communicate via the Bluetooth communication channel by said software application with a further electronic device coupled to the first device via a Bluetooth communication channel comprises: identifying the second electronic device with which said at least one software application attempts to initiate a communication via the Bluetooth communication channel, and wherein the method further comprises the step of: providing the user with an identifying indication of the second electronic device with which said software application attempts to initiate a communication via the Bluetooth communication channel.
  • the method further comprises the step of defining the second electronic device towards which said software application is enabled to communicate via the Bluetooth communication channel.
  • the step of identifying an attempt to communicate via the Bluetooth communication channel by said software application with a further electronic device coupled to the device comprises: identifying the second electronic device with which said at least one software application attempts to initiate a communication via the Bluetooth communication channel, whereas the step of blocking the communication attempt and requesting an authorization by a user of the first electronic device comprises: verifying that the second device with which said software application attempts to initiate a communication via the Bluetooth communication channel corresponds to the second electronic device previously defined.
  • the step of allowing said communication comprises: allowing said communication via the Bluetooth communication channel if said correspondence is verified.
  • the step of preventing said communication via the Bluetooth communication channel in the absence of an authorization to proceed provided by the user of the electronic device comprises: when the second device with which the software application attempts to initiate a communication via Bluetooth does not correspond to at least one second electronic device previously defined, asking confirmation to the user whether to allow or prevent such communication via the Bluetooth communication channel.
  • control software application is configured to intercept and suspend any system call executed by the at least one software application being executed in the virtual environment and to route or to block to the operating system being executed on the first electronic device according to whether said authorization is provided or said authorization is not provided, respectively.
  • a different aspect of the present invention relates to a software product for computer configured to implement the method according to any one of the previous claims.
  • the software product is configured to be executed in a version of the Android operating system developed by Google Inc.
  • this software product can allow or block communications via Bluetooth between other software applications stored on a first electronic device and a second device coupled to the first one via a Bluetooth communication channel, without requiring special permissions and/ or altering the overall operation of the device.
  • Another aspect of the present invention relates to an electronic device, which comprises a control module, a memory module and a Bluetooth communication module.
  • the control module is configured to implement one or more software applications stored in the memory module. Furthermore, the control module is configured to implement the method according to any of the embodiments set forth above.
  • Figure 1 schematically illustrates a pair of electronic devices configured to communicate with each other via a Bluetooth communication channel in which it is possible to implement the method according to the present invention
  • Figure 2 schematically illustrates an electronic device configured to execute a software application implementing the method according to the present invention
  • Figure 3 is a flow diagram of a method according to an embodiment of the present invention.
  • Figure 4 schematically illustrates an instance of a software application for controlling Bluetooth communications implemented in the memory resources of one of the electronic devices of Figure 1 according to an embodiment
  • Figure 5 is a flow chart of a method according to an alternative embodiment of the present invention. DETAILED DESCRIPTION OF THE INVENTION
  • the first device 10 for example a smartphone, comprises a processing module 11, a memory module 13, a Bluetooth communication module - which will be indicated with the expression 'BT module' 15 below - and a user interface 17.
  • the processing module 11 is configured to manage the operation of the entire first device 10.
  • the processing module 11 can comprise one or more of a processing element - such as a processor, a microprocessor, a microcontroller, an ASIC, an FPGA, a DSP, etc. - and one or more ancillary circuits - such as a sync signal generation circuit (clock), ADC and/ or DAC converters, input/ output signal amplifiers, etc.
  • the processing module 11 is configured to implement operating procedures, stored in the memory module 13, for example, in the form of software applications or in hardware components, for example, in the form of firmware.
  • the memory module 13 preferably comprises at least one non-volatile memory unit and at least one volatile memory unit configured to permanently and temporarily store data, respectively, typically in binary format.
  • the BT module 15 comprises the elements - such as antennas, control elements, coding elements, signal compression and decompression elements, mixers, etc. - that are necessary to transmit and receive data via a communication defined by the Bluetooth (BT) and/ or Bluetooth Low Energy (BLE) standard.
  • elements - such as antennas, control elements, coding elements, signal compression and decompression elements, mixers, etc. - that are necessary to transmit and receive data via a communication defined by the Bluetooth (BT) and/ or Bluetooth Low Energy (BLE) standard.
  • BT Bluetooth
  • BLE Bluetooth Low Energy
  • the interface module 17 comprises one or more input and output elements configured to provide information and/or receive instructions from a user of the first device 10, for example, one or more of a screen, a speaker, a microphone, a vibrator, an accelerometer, a magnetometer, a camera, a touch sensor, etc.
  • the first device 10 comprises a touch screen 171.
  • the first device 10 can naturally comprise one or more additional modules (not illustrated) and ancillary circuitry for operatively connecting the various modules to each other.
  • additional modules not illustrated
  • ancillary circuitry for operatively connecting the various modules to each other.
  • a power supply module for example, in the case of a smartphone, one or more cellular communication modules (GSM, UMTS, LTE, etc.), a WiFi communication module, etc. are also generally provided.
  • GSM Global System for Mobile communications
  • UMTS Universal Mobile communications
  • LTE Long Term Evolution
  • WiFi communication module etc.
  • the processing module 11 is connected to the other modules 13, 15, 17 of the first device 10 to control the operation thereof.
  • the second device 20 comprises a processing module 21, a memory module 23 and a BT module 25 with functionalities similar to the corresponding modules 11, 13, 15 described above, with the processing module 21 connected to the remaining modules 23 and 25 to control the operation thereof.
  • the second device 20 may also comprise one or more additional modules (not illustrated) - such as an interface module, a power supply module, etc. - and the necessary ancillary circuitry.
  • the first device 10 and the second device 20 are configured to establish a communication via the Bluetooth communication channel 40 to allow an exchange of information. This is typically referred to as pairing the devices in the jargon.
  • the first device 10 is configured to establish a wireless communication channel - that is, based on transceiving electromagnetic signals - towards the second device 20, which can be exploited by several software applications and / or software services stored on one of the two devices.
  • At least the first device 10 is configured to execute an operating system or OS (acronym) referred to as 'native OS OS ⁇ ' in the following by exploiting the resources of the processing module 21 and of the memory module 23 of the first device 10 - in particular,
  • Figure 4 schematically indicates the memory resources 130 used and/or controlled by the native OS OS N -
  • the native OS OS N implements a graphic interface 31 or GUI (Graphic User Interface, schematically illustrated in Figure 2) with which a user can interact via the user interface 17 of the first device 10, preferably through the touch screen 171.
  • the executed native OS OS N is a version of the operating system called Android and developed by Google Inc.
  • the memory module 13 is configured to store and execute on demand one or more software applications A, A B and A CB - indicated with the term 'app' in the jargon. For example, a portion of non-volatile memory of the memory module 13 keeps a compressed data archive - APK (short for "Android Package") in the case of the Android OS - for each software application A, A B and A CB (represented by a solid line box in Figures 1 and 4).
  • APK short for "Android Package
  • one or more of said apps AB stored in the memory module 13 provide for the exchange of information according to the Bluetooth standard, i.e. they are enabled or configured to exchange data via a Bluetooth channel.
  • a Bluetooth control app ACB is stored in the memory module 13 adapted to implement an embodiment of the present invention, as described below.
  • the user can interact with one or more of the apps A, A B and A CB stored on the first device 10, which are typically represented by a corresponding icon 313 included in a main screen of the graphic interface 31 displayed on the touch screen 171 of the first device 10.
  • the native OS OS N is configured to allocate a volatile and/or non-volatile memory portion of the memory module 13 (represented by a dashed box in Figures 1 and 4) dedicated exclusively to the execution of the selected app A, A B and A CB by exploiting the allocated resources of the memory module 13.
  • the Bluetooth control app ACB can be executed by the user interacting with a corresponding icon 315 to implement a method 500 for managing the communication channel according to the Bluetooth protocol in accordance with an embodiment of the present invention.
  • the method 500 comprises the following steps.
  • a virtual environment VOS is created that is configured to allow the execution of one or more apps A B in its inside (block 501).
  • the virtual environment VOS is created in a transparent manner to the user once the latter commands the execution of the Bluetooth control app A CB .
  • the native OS OS N when the Bluetooth control application ACB is started, the native OS OS N below, allocates a dedicated memory area 131 - either volatile and/or non-volatile - of the resources of the memory module 13 (as schematically in Figure 1 and Figure 4), which is exclusively dedicated to the Bluetooth control app ACB from the operating system (block 5011 of the flowchart 501 illustrated in Figure 3).Inside this dedicated memory area 131, an instance of the Bluetooth control application ACB is created (block 5012). Once being executed, the Bluetooth control application ACB in turn instantiates the virtual environment VOS inside a sub-portion of the dedicated memory area 131 (block 5013).
  • the created virtual environment VOS is a replica of the native OS OS N - that is, the Android operating system in the example considered.
  • the virtual environment VOS is configured to operate at the application layer in order to execute instances of one or more apps AB, which are configured to communicate via Bluetooth, according to a procedure substantially corresponding to that implemented by the native OS, that is, in such a way as to allow the execution of multiple applications, preserving the functionality thereof and guaranteeing access to all the services of the OS native OS N , advantageously, via the Bluetooth control application A CB which manages the interaction between app A B and the native OS OS N as illustrated below.
  • the virtual environment VOS basically emulates the management of the software applications A, A B executed by the native OS OSN-
  • the apps A B which are configured to communicate via Bluetooth stored in the memory module are identified (block 503).
  • both the apps A, A B already stored in the memory module 13 of the first device 10 at the time of a first execution of the Bluetooth control app A CB and each app A, A B subsequently stored in the memory module 13 are advantageously analysed.
  • a list of the apps A B selected by the user for executing in secure mode are stored in a non-volatile memory portion of the memory module 13 allocated for executing the Bluetooth control app A CB .
  • the method 500 comprises monitoring both manual execution commands provided by the user and execution commands generated by other applications in a manner transparent to the user.
  • the Bluetooth control application A CB is configured to load the compiled code of the app A B present in the corresponding compressed data archive (APK) and execute it by means of the virtual environment VOS.
  • APIK compressed data archive
  • a generic app A B being executed in the virtual environment VOS is isolated from the native OS OS N -AS a result, the generic app A B being executed in the virtual environment VOS is unable to directly make function calls to the native OS OS N , to the other apps A stored and/ or instantiated by the native OS OS N - allocating a respective portion of memory resources to each of which, like the portion of memory resources 132 allocated for the application A in Figure 4 - is able to directly access portions of memory (not illustrated) that are external to the dedicated memory area 131 in which the virtual environment VOS is implemented.
  • each of the apps A instantiated directly from the native OS OS N is unable to interact with any of the apps A B being executed in the virtual environment VOS.
  • Each app A B instantiated by the virtual environment VOS is monitored in order to identify an attempt to communicate with the second device 20 coupled to the first device 10 via the Bluetooth channel 40 (decision block 511).
  • the Bluetooth control app A CB is configured to detect any system calls executed by the app A B instantiated in the virtual environment VOS and directed to the native OS OS N , and to identify each system call that plans to exploit a Bluetooth connection.
  • the Bluetooth control app A CB is configured to liaise - or 'proxy' - between the app A B instantiated by the virtual environment VOS and the native OS OS N -
  • the Bluetooth control app A CB is configured to intercept system calls executed by the app A B instantiated by the virtual environment VOS and respective responses provided by the native OS OS N , if necessary, appropriately adapting the parameters thereof.
  • the Bluetooth control app A CB is configured to intercept system calls that envisage the use of a Bluetooth communication channel executed by the app A B , instantiated by the virtual environment VOS, to suspend the routing of the same to the native OS OS N -
  • an interactive message is displayed on the touch screen 171 to offer the user the possibility of selecting either to allow or prevent the app A B instantiated in the virtual environment VOS from exchanging data with the second device 20.
  • the Bluetooth control app A CB is configured to generate one or more calls to the native OS N in order to present the interactive message mentioned above, when a first system call is detected that comprises the use of a Bluetooth communication channel executed by the app A B instantiated in the virtual environment VOS.
  • identification information of the second device 20 with which the app A B attempts to communicate via Bluetooth is provided - for example, it is possible to identify a model, type and/ or identification code of the second device 20 - via the interactive message.
  • the Bluetooth control app A CB is configured to route to the native OS N system calls that envisage the use of a previously blocked Bluetooth communication channel and the return to the app A B instantiated in the virtual environment VOS of the responses provided by the native OS N - i.e. by operating as a proxy as described above.
  • the Bluetooth control app A CB is configured to permanently block any system call that comprises the use of a Bluetooth communication channel executed by the app A B , instantiated in the virtual environment VOS.
  • the method 500 comprises continuing to monitor the operation of the apps A B being executed inside the virtual environment VOS as described above starting from block 511.
  • all the apps A B which are configured to communicate via Bluetooth identified on the first device 10 are automatically selected for the execution in secure mode, i.e. they are always executed inside the virtual environment VOS.
  • the alternative method 500a comprises defining, for each app AB - preferably, among those selected for the execution inside the virtual environment VOS as described in block 505 - one or more second devices 20 with which communication via a corresponding Bluetooth communication channel 40 is allowed (block 519).
  • the alternative method 500a comprises blocking the communication and verifying if the second device 20 is included between the one or more second devices 20 defined in the previous block 519 (decision block 521).
  • the user is asked whether he wishes to allow said app AB to exchange data with the second device 20 (as described above with reference to decision block 513).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Telephone Function (AREA)

Abstract

La présente invention concerne un procédé (500 ; 500a) pour commander le canal de communication Bluetooth (40) utilisé par au moins une application logicielle (AB) stockée sur un premier dispositif électronique (10) pour communiquer avec un second dispositif électronique (20), le premier dispositif électronique (10) étant configuré pour exécuter un système d'exploitation (OSN). Avantageusement, le procédé comprend les étapes suivantes : - créer (501) un environnement virtuel (VOS) configuré pour exécuter une instance d'au moins une application logicielle (AB) stockée sur le premier dispositif électronique (10) ; exécuter (509) dans l'environnement virtuel (VOS) une application logicielle (AB) autorisée à communiquer via le canal de communication Bluetooth (40) ; identifier (511) une tentative de communication via ledit canal de communication Bluetooth (AB) avec le second dispositif électronique couplé au premier dispositif électronique (10) ; si une tentative de communication via le canal de communication Bluetooth de ladite application est identifiée, bloquer la tentative de communication et demander (513 ; 521) une autorisation par un utilisateur du premier dispositif électronique (10), et - autoriser (515) ladite communication via le canal de communication Bluetooth (40) en présence d'une autorisation fournie par ledit utilisateur, ou - empêcher (517) ladite communication via le canal de communication Bluetooth (40) en l'absence d'une autorisation par ledit utilisateur, dans lequel la création (501) d'un environnement virtuel (VOS) comprend : - allouer une zone de mémoire dédiée (131) du premier dispositif pour exécuter une application logicielle de commande (ACB) ; - instancier l'application logicielle de commande (ACB) à l'intérieur de ladite zone de mémoire dédiée (131), et - l'application logicielle de commande (ACB) exécute l'environnement virtuel (VOS) à l'intérieur de la zone de mémoire dédiée (131), ledit environnement virtuel (VOS) étant une réplique dudit système d'exploitation (OSN).
PCT/IB2020/060511 2019-11-11 2020-11-09 Procédé et produit logiciel pour commander le canal bluetooth WO2021094890A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IT102019000020775 2019-11-11
IT102019000020775A IT201900020775A1 (it) 2019-11-11 2019-11-11 Metodo e prodotto software per controllare il canale bluetooth

Publications (1)

Publication Number Publication Date
WO2021094890A1 true WO2021094890A1 (fr) 2021-05-20

Family

ID=69903822

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2020/060511 WO2021094890A1 (fr) 2019-11-11 2020-11-09 Procédé et produit logiciel pour commander le canal bluetooth

Country Status (2)

Country Link
IT (1) IT201900020775A1 (fr)
WO (1) WO2021094890A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9098696B2 (en) * 2011-10-25 2015-08-04 Raytheon Company Appliqué providing a secure deployment environment (SDE) for a wireless communications device
WO2016032563A1 (fr) * 2014-08-26 2016-03-03 MagicCube, Inc. Système pour authentification de transaction
US20190065736A1 (en) * 2017-08-29 2019-02-28 Symantec Corporation Systems and methods for preventing malicious applications from exploiting application services

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9098696B2 (en) * 2011-10-25 2015-08-04 Raytheon Company Appliqué providing a secure deployment environment (SDE) for a wireless communications device
WO2016032563A1 (fr) * 2014-08-26 2016-03-03 MagicCube, Inc. Système pour authentification de transaction
US20190065736A1 (en) * 2017-08-29 2019-02-28 Symantec Corporation Systems and methods for preventing malicious applications from exploiting application services

Also Published As

Publication number Publication date
IT201900020775A1 (it) 2021-05-11

Similar Documents

Publication Publication Date Title
US10552604B2 (en) Hardware isolated secure processing system within a secure element
EP3050335B1 (fr) Systèmes et procédés de contrôle d'accès de ccp dans une architecture de ccp centrique d'élément sécurisé
US9230085B1 (en) Network based temporary trust extension to a remote or mobile device enabled via specialized cloud services
EP2859498B1 (fr) Accès de zone de sécurité de confiance à des dispositifs périphériques
CA2988332C (fr) Systeme d'exploitation independant, sous-systeme de memorisation de donnees securisee
US9613208B1 (en) Trusted security zone enhanced with trusted hardware drivers
US9351164B2 (en) Secure NFC routing
CN105814835B (zh) 保护多模无线无线电收发机的域的装置、系统和方法
KR101952226B1 (ko) 보안 인터렉션 방법 및 장치
US10091652B2 (en) Relay device
US10089248B2 (en) Hacking-resistant computer design
US11252724B2 (en) Electronic device for transmitting or receiving data in wireless communication system and method therefor
US10642983B2 (en) Method and apparatus for protecting application
AU2012327945A1 (en) Communication secured between a medical device and its remote device
EP2534600B1 (fr) Dispositif de traitement de sécurité et de validation géré en externe
CA2627635A1 (fr) Systeme de telechargement universel de jeu destine a une machine de jeux traditionnelle
US9817972B2 (en) Electronic assembly comprising a disabling module
US11582212B2 (en) Tamper resistant device for an integrated circuit card
US20180189464A1 (en) Trusted timer service
CN106549934B (zh) 网络设备安全系统
US11006323B2 (en) Electronic device and WLAN relay function control method thereof
WO2021094890A1 (fr) Procédé et produit logiciel pour commander le canal bluetooth
CN114844726B (zh) 防火墙实现方法、芯片、电子设备及计算机可读存储介质
EP2950556A1 (fr) Sélection de un élément de sécurité commandée par une application
JP7027664B2 (ja) ハッキング耐性のあるコンピュータ設計

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20820528

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20820528

Country of ref document: EP

Kind code of ref document: A1