OverviewOverview
The need for secure platform & stable system
How USVM benefits the mobile eco-system
The need for secure platform & stable system
As the mobile world is becoming more vulnerable to virus and malwares, there are various types of security solutions being launched by different industry players in recent years. Nevertheless, without a flexible and consistent way to configure the security model across devices easily, brand owners (e.g. operators, ISVs, etc.) would find it hard and costly to provide guaranteed services/applications across devices in a timely manner.
To solve this problem, Aplix developed USVM (Universal Secure Virtual Machine) to provide brand owners an interoperable system resource protection on mobile devices. Through this unique solution, all native system calls will be detected and verified on the fly, while un-trusted applications will be prohibited from accessing the system resource based on the permission configurations setting that can be modified easily.
How USVM works
USVM extends the Java “sandbox” concept into the world of native applications. With USVM, all system calls will be verified against pre-assigned policy which will depict the permission to access the system resources. At runtime, USVM scans through the application’s assembly code to trap any system calls that will require verifications, while other codes will pass through without any modification. As a result, a virtually safe execution space is achieved, where native applications can execute without knowing certain set of security policies have been put into place. Some of the unique characteristics of this solution are as follows:
- OS platform independent
Can be utilized on any OS platform supporting ARM Core architecture. - Support resource management under multi-tasking environment
The up-to-date “sandbox” solution maximizes the flexibility of utilizing the system’s resource. - No modifications required to the applications
Virtualization is established at runtime, requiring no prior modifications to the applications. - Flexible configuration
Policy configuration is applied via external file, making it highly flexible and customizable.
How USVM benefits the mobile eco-system
OS platforms that is made available in most high-end phones today provides unique security solution of its own which has its strengths, and also has its weaknesses. USVM is designed not to replace such functionality, but to complement it by having the execution done in virtual space. This will allow uniformity across most platforms made available in the market today.
Operators can take advantage of this uniformity to implement a security policy that can be applied to all of the OS platforms which are being utilized within its network.
Service and Content providers can be relieved from the burden of having to go through tedious pre-launch security testing, as the platform to which their contents/applications are to be deployed will be protected from any miss-usage that the content/application may inherently have integrated.
On the other hand, handset manufacturer’s existing applications can be assured of future usage since migration requires “no” modification in terms of adaptation. Existing applications can run as is, without knowing that any new security policy or arbitration mechanism has been put into place. Any upgrading, such as a handler to accept responses from the arbitration mechanism, if such implementation is desired in the future, can be accommodated for with minimal adaptation.
USVM Availability
Already running on Windows Mobile, USVM will soon be available on other OS platforms, such as Linux, Symbian and BREW. Please contact your local sales representative for further information.
Feel free to contact us for further details.
