公开(公告)号：US20200012511A1

公开(公告)日：2020-01-09

申请号：US16504075

申请日：2019-07-05

申请人： Samsung Electronics Co., Ltd.

发明人： Guruprasad Ganesh ,  Sudhi Herle ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Ivan Getta ,  Xun Chen ,  Wenbo Shen ,  Ruowen Wang ,  Haining Chen ,  Khaled Elwazeer ,  Mengmeng Li ,  Peng Ning ,  Hyungseok Yu ,  Myungsu Cha ,  Kyungsun Lee ,  Se Young Choi ,  Yurak Choe ,  Yong Shin ,  Kyoung-Joong Shin ,  Donguk Seo ,  Junyong Choi

IPC分类号： G06F9/455 ,  G06F9/48 ,  G06F9/54 ,  G06F9/445

摘要： A method for operating an electronic device, the method including spawning a name space tool (NST) as part of a boot process of a host OS, wherein the NST is a process with a plurality of root privileges of the host OS. The method further includes spawning, by the NST, a container for a guest OS, wherein the container for the guest OS is mapped to a dedicated domain in the host OS, and dropping, by the NST, a root privilege of the host OS in response to spawning the container for the guest OS.

公开(公告)号：US11947709B2

公开(公告)日：2024-04-02

申请号：US17006229

申请日：2020-08-28

申请人： Samsung Electronics Co., Ltd.

发明人： Hyungseok Yu ,  Taeho Kim ,  Kwangsik Choi ,  Seyoung Choi

IPC分类号： G06F21/62 ,  G06F9/455 ,  G06F21/57 ,  G06F21/74

CPC分类号： G06F21/629 ,  G06F9/45558 ,  G06F21/575 ,  G06F21/74 ,  G06F2009/45587 ,  G06F2221/2141

摘要： An electronic device for controlling access to a device resource, and an operation method thereof, are disclosed. The electronic device may include a memory; and a processor configured to execute at least one operating system executed in a first region allowing an operation based on a first authority; execute at least one application executed in a second region allowing an operation based on a second authority; and in response to detection of access to at least one device resource by the at least one application, determine authority of access to the at least one device resource by using an authority determination module executed in a third region allowing an operation based on a third authority.

公开(公告)号：US20200151366A1

公开(公告)日：2020-05-14

申请号：US16521388

申请日：2019-07-24

申请人： Samsung Electronics Co., Ltd.

发明人： Geng Chen ,  Jia Ma ,  Bulent Kasman ,  Na Yu ,  Xudong Jin ,  Jian Wang ,  Hyungseok Yu ,  Seunghoon Lee

IPC分类号： G06F21/72 ,  G06F1/14 ,  G06F21/57 ,  G06F21/64 ,  G06F21/78

摘要： A method for providing an anti-rollback secure timer service includes determining, at a device which includes a processor providing a trusted execution environment (TEE), a trusted memory, and a real time clock (RTC) accessible through an operating system of the device, an initial reference time value, by a secure timer application running in the TEE, the initial reference time value determined based on an initial value of the RTC obtained during booting of the device and a time delta value. The method further includes determining an updated reference time value based on the initial reference time value, a second value of the RTC, and a previously stored old reference time value, determining an updated time delta value based on the second value of the RTC and the updated reference time value, and storing the updated time delta value and the updated reference time value in the trusted memory.

公开(公告)号：US11693707B2

公开(公告)日：2023-07-04

申请号：US17734720

申请日：2022-05-02

申请人： Samsung Electronics Co., Ltd.

发明人： Hyungseok Yu ,  Donguk Seo ,  Kyungjoong Shin ,  Junyong Choi ,  Eungchan Kim ,  Kyongha Park ,  Yong Shin ,  Changsoo Shin ,  Kyungsik Yoon ,  Kyungsun Lee ,  Shinjae Lee ,  Hyungil Lee ,  Myungsu Cha ,  Kwangsik Choi ,  Seyoung Choi ,  Yurak Choe

IPC分类号： G06F9/46 ,  G06F9/50

CPC分类号： G06F9/5044

摘要： An electronic device for executing various operating systems is provided. The electronic device includes first and second hardware devices, a first operating system (OS), a second OS different from the first OS, and a processor configured to control the first hardware device to process first data from a first program executed on the first OS, obtain a command for executing the second OS, generate a container for executing the second OS based on a kernel of the first OS in response to the command for executing the second OS, execute the second OS on the generated container, execute a second program on the second OS, obtain second data regarding the second program from the second OS via socket communication by a control application installed on the first OS, and control the second hardware device to process the second data regarding the second program based on the first OS using the installed control application.

公开(公告)号：US11366934B2

公开(公告)日：2022-06-21

申请号：US16521388

申请日：2019-07-24

申请人： Samsung Electronics Co., Ltd.

发明人： Geng Chen ,  Jia Ma ,  Bulent Kasman ,  Na Yu ,  Xudong Jin ,  Jian Wang ,  Hyungseok Yu ,  Seunghoon Lee

IPC分类号： G06F21/72 ,  G06F1/14 ,  G06F21/78 ,  G06F21/64 ,  G06F21/57

摘要： A method for providing an anti-rollback secure timer service includes determining, at a device which includes a processor providing a trusted execution environment (TEE), a trusted memory, and a real time clock (RTC) accessible through an operating system of the device, an initial reference time value, by a secure timer application running in the TEE, the initial reference time value determined based on an initial value of the RTC obtained during booting of the device and a time delta value. The method further includes determining an updated reference time value based on the initial reference time value, a second value of the RTC, and a previously stored old reference time value, determining an updated time delta value based on the second value of the RTC and the updated reference time value, and storing the updated time delta value and the updated reference time value in the trusted memory.

公开(公告)号：US11327803B2

公开(公告)日：2022-05-10

申请号：US16596162

申请日：2019-10-08

申请人： Samsung Electronics Co., Ltd.

发明人： Hyungseok Yu ,  Donguk Seo ,  Kyungjoong Shin ,  Junyong Choi ,  Eungchan Kim ,  Kyongha Park ,  Yong Shin ,  Changsoo Shin ,  Kyungsik Yoon ,  Kyungsun Lee ,  Shinjae Lee ,  Hyungil Lee ,  Myungsu Cha ,  Kwangsik Choi ,  Seyoung Choi ,  Yurak Choe

IPC分类号： G06F9/46 ,  G06F9/50

摘要： An electronic device for executing various operating systems is provided. The electronic device includes first and second hardware devices, a first operating system (OS), a second OS different from the first OS, and a processor configured to control the first hardware device to process first data from a first program executed on the first OS, obtain a command for executing the second OS, generate a container for executing the second OS based on a kernel of the first OS in response to the command for executing the second OS, execute the second OS on the generated container, execute a second program on the second OS, obtain second data regarding the second program from the second OS via socket communication by a control application installed on the first OS, and control the second hardware device to process the second data regarding the second program based on the first OS using the installed control application.

公开(公告)号：US11042398B2

公开(公告)日：2021-06-22

申请号：US16504075

申请日：2019-07-05

申请人： Samsung Electronics Co., Ltd.

发明人： Guruprasad Ganesh ,  Sudhi Herle ,  Ahmed M. Azab ,  Rohan Bhutkar ,  Ivan Getta ,  Xun Chen ,  Wenbo Shen ,  Ruowen Wang ,  Haining Chen ,  Khaled Elwazeer ,  Mengmeng Li ,  Peng Ning ,  Hyungseok Yu ,  Myungsu Cha ,  Kyungsun Lee ,  Se Young Choi ,  Yurak Choe ,  Yong Shin ,  Kyoung-Joong Shin ,  Donguk Seo ,  Junyong Choi

IPC分类号： G06F9/455 ,  G06F9/48 ,  G06F9/54 ,  G06F9/445

摘要： A method for operating an electronic device, the method including spawning a name space tool (NST) as part of a boot process of a host OS, wherein the NST is a process with a plurality of root privileges of the host OS. The method further includes spawning, by the NST, a container for a guest OS, wherein the container for the guest OS is mapped to a dedicated domain in the host OS, and dropping, by the NST, a root privilege of the host OS in response to spawning the container for the guest OS.