Smart Card with Domain-Trust Evaluation and Domain Policy Management Functions
Abstract
Methods and instrumentalities are disclosed that enable one or more domains on one or more devices to be owned or controlled by one or more different local or remote owners, while providing a level of system-wide management of those domains. Each domain may have a different owner, and each owner may specify policies for operation of its domain and for operation of its domain in relation to the platform on which the domain resides, and other domains. A system-wide domain manager may be resident on one of the domains. The system-wide domain manager may enforce the policies of the domain on which it is resident, and it may coordinate the enforcement of the other domains by their respective policies in relation to the domain in which the system-wide domain manager resides. Additionally, the system-wide domain manager may coordinate interaction among the other domains in accordance with their respective policies. A domain application may be resident on one of the domains. The domain application may be ported to the platform based on a relationship between at least one domain owner and at least one other domain owner of the one or more domains.
Claims
exact text as granted — not AI-modifiedWhat is claimed:
1 . A system comprising:
a plurality of domains residing on one or more devices, wherein the plurality of domains are supported by at least one platform, each domain comprising a configuration of computing resources executing on the at least one platform and each domain configured to perform functions for an owner of the domain that may be located locally or remotely from the domain, wherein each domain may have a different owner, and wherein each owner may specify policies for operation of its domain as well as for operation of its domain in relation to the platform on which the domain resides and other domains; a security domain being one of the plurality of domains, wherein the security domain is configured to determine a level of trust between an external stakeholder and the security domain; and a system-wide domain manager being resident on another one of the plurality of domains, wherein the domain on which the system-wide domain manager resides is subsidiary to the security domain, the system-wide domain manager being configured to enforce the policies on one or more subsidiary domains of the plurality of domains based on a privilege level received from the security domain, and wherein the privilege level is based on the level of trust between the external stakeholder and the security domain.
2 . The system of claim 1 , wherein the external stakeholder is an application provider of an application on the one or more devices.
3 . The system of claim 2 , wherein the security domain is a card issuer security domain that is owned by a card issuer.
4 . The system of claim 1 , wherein the external stakeholder comprises an owner of at least one of the one or more subsidiary domains.
5 . The system of claim 1 , wherein the security domain and the system-wide domain manager reside on a global platform (GP) compliant card.
6 . The system of claim 1 , wherein the plurality of domains reside on a global platform (GP) compliant card, each domain being configured to communicate with one or more off-card entities.
7 . The system of claim 1 , wherein the privilege level comprises at least one of a delegated management privilege or an authorized management privilege.
8 . The system of claim 7 , wherein the delegated management privilege and the authorized management privilege are each configured to enable the system-wide domain manager to enforce the policies with a corresponding level of autonomy.
9 . The system of claim 8 , wherein the level of autonomy corresponding to the authorized management privilege is greater than the level of autonomy corresponding to the delegated management privilege.
10 . The system of claim 1 , wherein each domain is associated with a state, and wherein each associated state is one of an installed state, a selectable state, a personalized state, or a locked state.
11 . The system of claim 1 , the system further comprising: one or more applications loaded onto at least one of the one or more subsidiary domains of the system-wide domain manager, the one or more applications each associated with a state, wherein each associated state is one of an installed state, a selectable state, a personalized state, or a locked state.
12 . The system of claim 11 , wherein one of the one or more applications is configured to change the associated state to another state according to an indication from a controlling authority, wherein the other state and the indication from the controlling authority are based on the privilege level, and wherein the controlling authority is one of the security domain or the system-wide domain manager.
13 . The system of claim 1 , wherein, when a policy of the security domain conflicts with a policy of the domain on which the system-wide domain manager resides, the system-wide domain manager is further configured to enforce the policy of the security domain.
14 . The system of claim 1 , wherein the system-wide domain manager is further configured to: enforce the policies for operation of the domain on which it is resident; coordinate the enforcement of respective policies of the subsidiary domains in relation to the domain in which the system-wide domain manager resides; or coordinate interaction among the subsidiary domains in accordance with their respective policies and the policies of the domain on which the system-wide domain manager resides.
15 . In a system comprising a plurality of domains residing on one or more devices, wherein the plurality of the domains are supported by at least one platform, each domain comprising a configuration of computing resources executing on the at least one platform and each domain is configured to perform functions for an owner of the domain that may be located locally or remotely from the domain, wherein each domain may have a different owner, and wherein each owner may specify policies for operation of its domain as well as for operation of its domain in relation to the platform on which the domain resides and other domains, a method comprising:
determining a level of trust between an external stakeholder and a security domain, wherein the security domain is one of the plurality of domains; and enforcing, by a system-wide domain manager residing on another one of the plurality of domains that is subsidiary to the security domain, the policies on one or more subsidiary domains of the plurality of the domains based on a privilege level received from the security domain, wherein the privilege level is based on the level of trust between the external stakeholder and the security domain.
16 . The method of claim 15 , further comprising: enforcing, by the system-wide domain manager, the policies of the domain on which the system-wide domain manager is resident;
coordinating, by the system-wide domain manager, the enforcement of respective policies of the subsidiary domains in relation to the domain in which the system-wide domain manager resides; or coordinating, by the system-wide domain manager, the interaction among the subsidiary domains in accordance with their respective policies and the policies of the domain in which the system-wide domain manager resides.
17 . The method of claim 14 , further comprising: when a policy of the security domain conflicts with a policy of the domain on which the system-wide domain manager resides, enforcing, by the system-wide domain manager, the policy of the security domain.
18 . The method of claim 14 , wherein the external stakeholder is an application provider of an application on the one or more devices.
19 . The method of 14 , wherein the security domain is a card issuer security domain that is owned by a card issuer.
20 . A system comprising: a plurality of domains residing on one or more devices, wherein the plurality of domains are supported by at least one platform, each domain comprising a configuration of computing resources executing on the at least one platform and each domain configured to perform functions for an owner of the domain that may be located locally or remotely from the domain, wherein each domain may have a different owner, and wherein each owner may specify policies for operation of its domain as well as for operation of its domain in relation to the platform on which the domain resides and other domains; a card issuer security domain of a global platform (GP) compliant card being one of the plurality of domains, wherein the card issuer security domain is configured to determine a level of trust between an external stakeholder and the card issuer security domain; and a system-wide domain manager being resident on another one of the plurality of domains, wherein the domain on which the system-wide domain manager resides is subsidiary to the card issuer security domain, the system-wide domain manager being configured to enforce the policies on one or more subsidiary domains of the plurality of domains based on a privilege level received from the card issuer security domain, and wherein the privilege level is based on the level of trust between the external stakeholder and the card issuer security domain.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.