Abstract: When theft protection of a computing device is initiated, credentials of the user are provided to one or more services that verify the credentials and generate a recovery key. A data value is generated based on the recovery key and an identifier of the computing device (e.g., by applying a cryptographic hash function to the recovery key and the computing device identifier), and the data value is provided to the computing device, which stores the data value at the computing device. When a user is prompted to prove his or her ownership of the device, the owner can prove his or her ownership of the device in different manners by accessing the one or more services via a network (e.g., the Internet), or by providing the recovery key (e.g., obtained using another computing device) to the computing device.

Abstract: A device boots in a secure manner that allows measurements reflecting which components are loaded during booting to be generated. Measurements of such components, as well as of a device management agent and the security state of the device, are also obtained. The device management agent accesses an attestation service for an enterprise, which is a collection of resources managed by a management service. The device management agent provides the obtained measurements to the attestation service, which evaluates the measurements and based on the evaluation determines whether the device is verified for use in the enterprise. The management service uses this verification to ensure that the device management agent is running in a secure manner, is accurately providing indications of the state of the device to the management service, and is implementing policy received from the management service.

Abstract: An inter-process messaging security management may be provided. A message comprising an operation to be performed may be sent from a process operating in a process chamber to a second process operating in another chamber. Before the message is allowed to be delivered, the validity of the operation contained in the message may be verified and a security policy may be examined to determine whether the message is permitted to be sent from the first process to the second process. If the security policy permits the second process to execute the operation requested by the first process, the message may be delivered to the second process. If the operation is not permitted, the message may not be delivered and an error message may be returned to the first process.

Abstract: Translators are provided that enable automated and remote device configurations in an efficient and abstract manner. In one aspect, a device configuration system is provided. A configuration component stores one or more remote configuration trees for various devices. A translator component maps the remote configuration trees to at least one device configuration tree associated with the respective devices to enable device configuration in an automated manner.

Abstract: A system and method is disclosed for synchronizing certain periodic activities and/or processes in a computer system or device. The synchronization allows more efficient use of the computer system's or device's processing capabilities, and may result in conservation of electrical power. In one example embodiment, a periodic scheduler is implemented to periodically verify the continued existence of critical processes operating in the computer system or device. Corrective, or other appropriate, action may be taken in the event of a failure of a critical process. A schedule list, which may be a linked list, may be used to track the periodic processes that are to occur. Upon registration of a critical process, the schedule list may be modified to synchronize the new periodic process with the existing schedule list.

Abstract: A pluggable file-based DRM (digital rights management) API (application program interface) layer for applications and engines. The invention defines a pluggable file-based DRM API layer such that mobile operators can choose to use any file-based DRM (FDRM) engine in their final product. An FDRM engine can be content agnostic (e.g., can range from an executable to a media file or ring-tone). In accordance with the invention, an application can become DRM aware by calling the novel file-based DRM APIs. Any FDRM engine can be plugged into the novel API layer such that applications can use the protected content. The API layer of the subject invention can be designed such that applications that are DRM aware by using the file-based DRM API layer can be DRM engine agnostic.

Abstract: A User Brokered Authorization (UBA) mechanism for policy decisions in a computing device is provided. The authorization mechanism interacts with an authorization layer of the computing device's operating system and enables a determination of whether an authorization decision can be made programmatically or by end user decision based on generalized device policy.

Abstract: An inter-process messaging security management may be provided. A message comprising an operation to be performed may be sent from a process operating in a process chamber to a second process operating in another chamber. Before the message is allowed to be delivered, the validity of the operation contained in the message may be verified and a security policy may be examined to determine whether the message is permitted to be sent from the first process to the second process. If the security policy permits the second process to execute the operation requested by the first process, the message may be delivered to the second process. If the operation is not permitted, the message may not be delivered and an error message may be returned to the first process.

Abstract: Described is a system and method by which a collection of software packages for installing (e.g., on an embedded computing device) are reviewed for their dependent relations, whereby it is possible to choose a maximal set of install possibilities to allow for maximal version updates for any given package in the fewest update steps possible, while honoring package dependency constraints. An update validation process organizes and validates update packages that have been downloaded to a device, and builds a graph for each group. The graph data including paths between updates are processed to validate the updates and to determine a minimal and optimal set of packages that can be applied to the existing image on the device to produce the desired update, with the least amount of weight (cost) when more than one path can be used to get to the same version.

Abstract: Described is a system and method in which software updates in the form of self-contained, secure entities are applied to an embedded device's non-volatile storage in a failsafe manner. Various types of software updates may be applied, and updates may contain executable code and/or data. Following a reboot, an initial program loader determines an update mode, and if updating, boots to a special update loader. The update loader processes update packages to apply the updates. Kernel partition, system partition and reserve section updates may be updated with entire files or binary difference files, with failure handling mechanisms are provided for each type of update. Updates may be simulated before committing them. Updates may be relocated in memory as appropriate for a device.

Abstract: Described is a system and method in which software images including updates are provided as packages. The package is self-describing, thereby facilitating the replacement of only component parts of an image. A software build process maps operating system features (comprising files, metadata, configuration information and so forth) into the packages, and executable code is processed for relocation purposes. The final package includes a device manifest file that describes the package and conveys dependency information and information about the priority of settings (shadow data).

Abstract: Described is a provisioning system for receiving configuration changes to and queries of settings on a mobile device. One implementation includes a router component and a configuration manager component. The router component is responsible for receiving messages delivered to the mobile device and parsing the messages into requests for information. The router component is also responsible for authenticating and decrypting the messages. Once properly authenticated and decrypted, the router component passes the message to the configuration manager component. The configuration manager component is responsible for determining what configuration settings are affected by the message and for processing the requests within the message. The configuration manager component may additionally compose a response document to return in the event that a response has been requested in the message.

Abstract: A system and method is disclosed for synchronizing certain periodic activities and/or processes in a computer system or device. The synchronization allows more efficient use of the computer system's or device's processing capabilities, and may result in conservation of electrical power. In one example embodiment, a periodic scheduler is implemented to periodically verify the continued existence of critical processes operating in the computer system or device. Corrective, or other appropriate, action may be taken in the event of a failure of a critical process. A schedule list, which may be a linked list, may be used to track the periodic processes that are to occur. Upon registration of a critical process, the schedule list may be modified to synchronize the new periodic process with the existing schedule list.

Abstract: Described is a provisioning system for receiving configuration changes to and queries of settings on a mobile device. One implementation includes a router component and a configuration manager component. The router component is responsible for receiving messages delivered to the mobile device and parsing the messages into requests for information. The messages may be delivered in document format, such as in the eXtensible Markup Language (XML) format. The requests may take the form of a request to respond with existing configuration settings. The configuration manager component is responsible for determining what configuration settings are affected by the message and for processing the requests within the message. For example, the configuration manager component may process a request to query a configuration setting by retrieving the requested information from a hardware register or a software registry.

Abstract: Described is a provisioning system for receiving configuration changes to and queries of settings on a mobile device. One implementation includes a router component and a configuration manager component. The router component is responsible for receiving messages delivered to the mobile device and parsing the messages into requests for information. The messages may be delivered in document format, such as in the eXtensible Markup Language (XML) format. The requests may take the form of a request to respond with existing configuration settings, or to set certain configuration settings on the mobile device. The router component is also responsible for authenticating and decrypting the messages. Once properly authenticated and decrypted, the router component passes the message to the configuration manager component. The configuration manager component is responsible for determining what configuration settings are affected by the message and for processing the requests within the message.

Abstract: A cellular telephone clock is automatically set to correlate to a timestamp contained in a Short Messaging Service (SMS) status report. Accordingly, an exemplary cell phone clock can be properly set any time the cell phone receives a status report. By setting the cell phone device time to correlate to the world time, the exemplary cell phone clock can be automatically set, without requiring any action by the user and without requiring a special time set control message. When the cell phone transmits an SMS message, the cell phone stores the device time corresponding to the time that the message was sent (DTS). When a status report is received, the exemplary cell phone stores the device time corresponding to the time that the status report was received (DTR). Additionally, the cell phone stores the world time that is included in the status report by the SMSC that handled the message (WT).

Abstract: A provisioning system for receiving configuration changes to and queries of settings on a mobile device. The provisioning system may include a router, configuration manager and one or more configuration service providers. The router component is responsible for receiving messages delivered to the mobile device and parsing the messages into requests for information. The configuration manager component is responsible for determining what configuration settings are affected by the message and for processing the requests within the message. The configuration manager component may implement one or more configuration service providers to perform the actual request processing. The configuration manager component may additionally compose a response document to return in the event that a response has been requested in the message.

Abstract: A system and method for assigning security credentials to particular components within a mobile device, and for ensuring that only configuration messages having sufficient access privilege to those components are allowed access, based on the security credentials. The security credentials or “roles” describe which settings a particular configuration message has authority to modify or query. Access is disallowed to settings for which a message does not have adequate security credentials.

Abstract: Described is a provisioning system for receiving configuration changes to and queries of settings on a mobile device. One implementation includes a router component and a configuration manager component. The router component is responsible for receiving messages delivered to the mobile device and parsing the messages into requests for information. The messages may be delivered in document format, such as in the eXtensible Markup Language (XML) format. The requests may take the form of a request to respond with existing configuration settings, or to set certain configuration settings on the mobile device. The router component is also responsible for authenticating and decrypting the messages. Once properly authenticated and decrypted, the router component passes the message to the configuration manager component. The configuration manager component is responsible for determining what configuration settings are affected by the message and for processing the requests within the message.

Abstract: Increasing the level of automation when establishing and managing network connections. A connection manager operates between system level APIs and application programs, providing a level of abstraction. When a user wishes to access a remote resource included in destination network, the user simply identifies the remote resource and the connection manager performs the underlying operations. The connection manager relieves users from having to know detailed information about the remote resource and the destination network. When the connection manager receives a request to access a remote resource, connection manager may utilize extensible decision logic to identify a most appropriate connection method for connecting to a destination network. Such decision logic may include comparing prioritized connection requests to local resources available in a local computing device, as well as, comparing connection parameters associated with connection methods.