With the rapid proliferation of network enabled computing devices (the so-called Internet of Things, also referred to as IoT) along with ubiquitous mobile personal devices and conventional computing platforms, the importance of secure, reliable computing environments is paramount. Failure to properly implement security on these new network-enabled devices not only threatens the devices themselves but could be a vulnerability for entire networks and all associated users. This is a critical problem.
Secure access, management, and control of computing devices with compact or otherwise constrained processing hardware and networking hardware such as those found in the Internet of Things presents a number of challenges. Such devices may be constantly exposed to malicious attacks via the internet. These devices are usually remote and physically difficult or time-consuming to access directly by the permitted device users and administrators.
Many developers of IoT products and services do not focus on security as a priority—they understandably focus on their device or service features and capabilities. They typically acquire core computational components and component designs from a small set of candidate suppliers having the resources to produce such complex items in large numbers. Also, these devices tend to be computationally lightweight and therefore have limited resources with which to implement reliable security. Therefore, a successful solution must be compatible with any set of components for any purpose, shifting the burden of security to the present solution thus freeing product developers to focus on features and capabilities. Developers of computer code for such devices benefit from having secure computing tools and secure services present, available, and compatible so as to assist them in the development of secure computing code for the operation and control of these devices.
One key approach to defending these security-related systems and components from malicious attack is to have all or part of them reside in specially configured secure areas, partitions, or environments on the device hardware that are inaccessible to unauthorized parties, and which cannot be accessed for unauthorized purposes. The secure areas can be configured separate from the main device operating system, and represent “trusted worlds” or “secure worlds”. In some instances, the secure areas can be configured to prevent access to certain resources.
A further level of security can be provided if such secure areas or partitions are configured to be invisible and/or undetectable, to the greatest degree possible, to unauthorized parties, or under unauthorized circumstances. In such cases, the secure areas can be considered “secure worlds”, or “trusted worlds”, functionally and otherwise separate from non-trusted operations in the untrusted or “real” world. By analogy, one level of security is to lock the door, and a second level of security is to lock the door and hide it from view. The present invention is such a solution to the security problem for IoT (and IoT-like) devices.
One specification for the operation of such secure areas is provided by GlobalPlatform (2016). Furthermore, Steeves, 2015, (U.S. patent application Ser. No. 14/610,869) describes a dedicated data security service with extensive decryption capability associated with a computing cluster.
This invention discloses a system and method for securely accessing services held within such secure environments for permitted uses that are driven by requests for those services originating from outside the containing secure environments themselves.