최소 단어 이상 선택하여야 합니다.
최대 10 단어까지만 선택 가능합니다.
다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
NTIS 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
DataON 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Edison 바로가기다음과 같은 기능을 한번의 로그인으로 사용 할 수 있습니다.
Kafe 바로가기국가/구분 | United States(US) Patent 등록 |
---|---|
국제특허분류(IPC7판) |
|
출원번호 | US-0247998 (2011-09-28) |
등록번호 | US-8725123 (2014-05-13) |
발명자 / 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 | 피인용 횟수 : 10 인용 특허 : 512 |
A communications device comprising one or more communication input/output (I/O) ports, at least one of the one or more communication I/O ports being a wide area network port configured to connect the communications device to a wide area network; one or more secure data path processing agents configu
A communications device comprising one or more communication input/output (I/O) ports, at least one of the one or more communication I/O ports being a wide area network port configured to connect the communications device to a wide area network; one or more secure data path processing agents configured to execute in a secure execution environment, monitor a device data communications activity through at least one of the one or more communication I/O ports, generate a device data record comprising information about the device data communications activity through at least one of the one or more communication I/O ports, and send the device data record to the network element over a trusted communication link between the one or more secure data path processing agents and the network element; and a trusted data path between the one or more secure data path processing agents and the wide area network port.
1. A communications device comprising: one or more communication input/output (I/O) ports, at least one of the one or more communication I/O ports being a wide area network port configured to connect the communications device to a wide area network;one or more secure data path processing agents conf
1. A communications device comprising: one or more communication input/output (I/O) ports, at least one of the one or more communication I/O ports being a wide area network port configured to connect the communications device to a wide area network;one or more secure data path processing agents configured to: execute in a secure execution environment,monitor communication activity through the wide area network port,generate a device data record comprising information about the communication activity through the wide area network port, andsend the device data record to a network element over a trusted communication link between the one or more secure data path processing agents and the network element; anda trusted data path between the one or more secure data path processing agents and the wide area network port. 2. The communications device recited in claim 1, further comprising memory configured to store a device communication activity policy, and wherein the information about the communication activity through the wide area network port indicates whether the communications device is properly implementing the device communication activity policy. 3. The communications device recited in claim 1, wherein the trusted communication link comprises a secure message receipt feedback loop. 4. The communications device recited in claim 3, wherein the one or more secure data path processing agents are further configured to restrict data transmission or data reception by the communications device through the wide area network or through another port of the one or more communication I/O ports based on information from the secure message receipt feedback loop. 5. The communications device recited in claim 4, wherein the network element is a first network element, and wherein the wide area network port enables the communications device to communicate with the first network element or a second network element to obtain an error handling instruction when a secure message receipt feedback loop error condition exists. 6. The communications device recited in claim 1, further comprising memory configured to store a device communication activity policy obtained from the network element. 7. The communications device recited in claim 1, wherein the information about the communication activity comprises a record of communication activity over the wide area network port. 8. The communications device recited in claim 1, further comprising memory configured to store a device communication activity policy, and wherein the device communication activity policy comprises a policy for monitoring an application. 9. The communications device recited in claim 1, further comprising memory configured to store a device communication activity policy, and wherein the device communication activity policy comprises a policy for monitoring access to a network destination, an address, or a resource. 10. The communications device recited in claim 1, wherein the secure execution environment and the one or more secure data path processing agents are located in a secure execution partition controlled by an application processor. 11. The communications device recited in claim 1, wherein the secure execution environment and the one or more secure data path processing agents are located in a secure execution partition controlled by an operating system or secure partitioning software. 12. The communications device recited in claim 1, wherein the secure execution environment and the one or more secure data path processing agents are located in a secure execution partition controlled by a modem processor. 13. The communications device recited in claim 1, wherein the secure execution environment and the one or more secure data path processing agents are located on a SIM card. 14. The communications device recited in claim 1, wherein the wide area network is a wireless network, and wherein the information about the communication activity comprises a record of service usage over the wireless network. 15. The communications device recited in claim 1, further comprising memory configured to store a device communication activity policy, and wherein the wide area network is a wireless network, and wherein the device communication activity policy comprises a policy for controlling access to the wireless network. 16. The communications device recited in claim 15, wherein the policy comprises one or more control policies for controlling one or more applications operating on or capable of operating on the communications device. 17. The communications device recited in claim 15, wherein the policy comprises one or more control policies for controlling access to one or more network destinations, addresses or resources accessible over the wireless network. 18. The communications device recited in claim 15, wherein the policy comprises a control policy for controlling communication over a roaming network. 19. The communications device recited in claim 1, further comprising memory configured to store a device communication activity policy, and wherein the wide area network is a wireless network, and wherein the device communication activity policy comprises a policy for accounting for usage of the wireless network. 20. The communications device recited in claim 19, wherein the policy comprises one or more accounting policies for accounting for usage of the wireless network associated with one or more applications operating on the communications device. 21. The communications device recited in claim 19, wherein the policy comprises one or more accounting policies for accounting for usage of the wireless network associated with access to one or more network destinations, addresses, or resources accessible over the wireless network. 22. The communications device recited in claim 19, wherein the policy comprises an accounting policy for accounting for usage of a roaming network. 23. The communications device recited in claim 22, wherein the accounting policy is configured to: request an access network service cost acknowledgement or payment indication associated with usage of the roaming network from a device user, andrestrict access to the roaming network by the communications device if the device user does not provide the service cost acknowledgement or payment indication. 24. The communications device recited in claim 1, wherein the one or more secure data path processing agents are further configured to: monitor communications sent by the network element over the trusted communication link, andrestrict access to the wide area network port or another port of the one or more communication I/O ports if, within a specified event interval after sending the device data record to the network element over the trusted communication link, the one or more secure data path processing agents have not detected a secure message receipt in the communications from the network element sent over the trusted communication link. 25. The communications device recited in claim 24, wherein the specified event interval comprises a period of time, a number of records transmitted, or a number of communications with the network element. 26. A communications device comprising: one or more communication input/output (I/O) ports, at least one of the one or more communication I/O ports being a wide area network port configured to connect the communications device to a wide area network;memory configured to store a device communication activity policy;a SIM card comprising: one or more secure data path processing agents configured to: execute in a secure execution environment,monitor communication activity through the wide area network port, andbased on the monitored communication activity, take an action to assist in enforcing the device communication activity policy; anda trusted data path between the one or more secure data path processing agents and the wide area network port. 27. The communications device recited in claim 1, further comprising one or more functions configured to verify at least a portion of the one or more secure data path processing agents. 28. The communications device recited in claim 27, wherein the one or more functions are configured to verify the at least a portion of the one or more secure data path processing agents based on one or more security elements. 29. The communications device recited in claim 1, further comprising one or more notification agents configured to present information associated with the device data record to a user of the communications device. 30. The communications device recited in claim 1, wherein at least a portion of the one or more secure data path processing agents is stored in a separate partition of a nonvolatile memory, and further comprising one or more functions configured to secure or verify the at least a portion of the one or more secure data path processing agents. 31. The communications device recited in claim 28, wherein the one or more security elements comprise a signature, one or more keys, a certificate, or a hash. 32. The communications device recited in claim 27, wherein the one or more functions are configured to verify the at least a portion of the one or more secure data path processing agents in association with a download of the at least a portion of the one or more secure data path processing agents, an installation of the at least a portion of the one or more secure data path processing agents, or a load of the at least a portion of the one or more secure data path processing agents.
Copyright KISTI. All Rights Reserved.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.