Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secured software agent is provided for embedding within the abstraction layer forming the operating system. The secured software agent is configured to limit access to the abstraction layer by either blocking loadable kernel modules from loading, blocking writing to the system call table or blocking requests to attach debug utilities to certified applications or kernel components.

Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secure software agent is provided for embedding within the abstraction layer forming the operating system. A secure store is provided for storing security information unique to one or more instances of the application software. The secure software agent uses the security information for continuous runtime assurance of ongoing operational integrity of the operating system and application software and thus operational integrity of the device.

Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secured software agent is provided for embedding within the abstraction layer forming the operating system. The secured software agent is configured to limit access to the abstraction layer by either blocking loadable kernel modules from loading, blocking writing to the system call table or blocking requests to attach debug utilities to certified applications or kernel components.

Abstract: A technique is disclosed for remotely managing isolated domains on mobile devices. A request is received from the mobile device to instantiate a managed domain. A managed domain configuration is determined and comprises a security policy controlling access to content of the managed domain of the subscribing mobile device, a content specification identifying the content to be downloaded by the subscribing mobile device into the managed domain, and a content configuration identifying a configuration of the content on the subscribing mobile device. The managed domain configuration is sent to the subscribing mobile device to instantiate a secure, managed domain whose policy, content and content configuration is remotely controlled. The technique is useful for advertising and brand promotion on mobile devices as it simultaneously enables detailed control over the presentation of content by a curator while ensuring privacy and security protection of the other apps, accounts and data on the mobile device.

Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secured software agent is provided for embedding within the abstraction layer forming the operating system. The secured software agent is configured to limit access to the abstraction layer by either blocking loadable kernel modules from loading, blocking writing to the system call table or blocking requests to attach debug utilities to certified applications or kernel components.

Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secure software agent is provided for embedding within the abstraction layer forming the operating system. A secure store is provided for storing security information unique to one or more instances of the application plication software. The secure software agent uses the security information for continuous runtime assurance of ongoing operational integrity of the operating system and application software and thus operational integrity of the device.