English
    The SMS interceptor on the RD Mobile application will be moved under the RD Mobile Enabler
    Frank LV.1
    Introduction:The RD Mobile Enabler that will reside along with RD Adapter under system files. The SMS interceptor on the RD Mobile application will be moved under the RD Mobile Enabler. Disclosed is an apparatus and method to access privileges of Virtual Mobile Management (VMM) client in mobile device. A disclosed example method contains an assigning embedded stub to raise the access privilege of the tool on a mobile device, the embedded stub is integrated by an operating system of the mobile device with root privilege, determining via a secured key exchange algorithm that the VMM client and tools is authorized to be installed on the mobile device then, the VMM client and tools of a mobile device are authorized to access a network interface of the Communication Endpoint Gateway (CEG) server.
    2021-12-29 20:20 Author:Frank PV(100337)

    The RD Mobile Enabler that will reside along with RD Adapter under system files. The SMS interceptor on the RD Mobile application will be moved under the RD Mobile Enabler. Disclosed is an apparatus and method to access privileges of Virtual Mobile Management (VMM) client in mobile device. A disclosed example method contains an assigning embedded stub to raise the access privilege of the tool on a mobile device, the embedded stub is integrated by an operating system of the mobile device with root privilege, determining via a secured key exchange algorithm that the VMM client and tools is authorized to be installed on the mobile device then, the VMM client and tools of a mobile device are authorized to access a network interface of the Communication Endpoint Gateway (CEG) server.

    1. A method for obtaining a secured privileged access for an embedded client of mobile device comprising the steps of: embedding a stub into the mobile device with “root” privilege; installing a Virtual Mobile Management (‘VMM”) client and tools on the mobile device; attempting a Session Mediation Server connection with the mobile device; detecting whether the VMM Client has a privilege to invoke any of the installed tools; invoking said stub and elevating an access level of a tool stub to make a connection with the Session Mediation Server; receiving a stub connection request from the Session Mediation server; and performing a mutual authentication between the stub, the VMM Client and the Session Mediation Server.

    The method according to claim 1 including a security key data flow between the session mediation server and the embedded stub in which remote control authorization is provided by an embedded stub to the VMM client comprising the steps of: VMM Client sends a connection request to the embedded stub; embedded stub sends a random session token to VMM Client; VMM Client sends a NULL authentication vector to indicate to the embedded stub that it does not have the session key; embedded stub sends a challenge request with encrypted random number and the crypto suite that was used to encrypt the random number; VMM Client forwards the message to the Server; session Mediation Server computes hash on the random value r2 with decrypted er1 as key. server creates a signature of r1 and r2 random numbers and sends the signature to VMM Client; VMM Client forwards the signature to embedded stub; embedded stub verifies the signature and sends the Shared Secret Key (SSK) which is encrypted; server decrypts the SSK and sends the response to VMM Client; and VMM Client computes hash on token t1 with the SSK and requests the session token from the embedded stub; wherein the embedded stub sends the session token information to the VMM Client and completes the mutual authentication process before the session starts.

    With the growth of malicious applications or other fraudulent code (e.g., malware) targeted towards mobile devices, security of Mobile device is becoming progressively important. To connect to more than one type of wireless network (4G/3G/Wi-Fi), many mobile devices also include functionality in the mobile devices. For instance, a mobile device consists of a cellular wireless network (4G/3G) and a Wi-Fi wireless network. In this example, some applications on the mobile device (e.g., videoconference, Global Positioning System (GPS) applications, and virtual mobile management) may attach to the cellular network while other applications (e.g., web browsing, Short Message Service (SMS), multimedia streaming) may link to the Wi-Fi network. In some examples, without a user knowing which wireless network the applications are employing, the applications on a mobile device may access a wireless network.

    These days, application software has become more complex. Application software that functions on this hardware becomes both more multifaceted and more diverse as computer hardware becomes more dominant, less costly, and more ubiquitous in electronic devices. Nevertheless, to adapt to new environments and provide additional functionality unlike hardware, software mechanisms tend to progress rapidly. This results in a condition in which installed software applications involve, or at least advantage from, continued monitoring and maintenance by skilled software experts familiar with the structure and instruments that make up the software. Even though the issue is more obvious in complex software applications such as security software, anti-virus software, and etc., for relatively simple applications that must increase or alter behavior to remain competitive, it still remains a substantial problem.

    Disclosed is an apparatus and method to access privileges of Virtual Mobile Management (VMM) client in mobile device. A disclosed example method contains an assigning embedded stub to raise the access privilege of the tool on a mobile device, the embedded stub is integrated by an operating system of the mobile device with “root” privilege, determining via a secured key exchange algorithm that the VMM client and tools is authorized to be installed on the mobile device then, the VMM client and tools of a mobile device are authorized to access a network interface of the Communication Endpoint Gateway (CEG) server, configuring the embedded stub to install the key exchange procedure for the shared certification between the embedded stub, VMM client and the session mediation server, enabling the embedded stub to communicate through a secure link via VMM client.

    The embedded stub of mobile device with “root” privilege is already established by the device vendor. To install the VMM client and tools on the mobile device is triggered by the embedded stub. To make the connection between VMM client and communication endpoint gateway server, the embedded stub then upraises the access level of the tool stub. After set-up a Key Exchange procedure for mutual confirmation, when the stub obtains the connection request from the communication endpoint gateway server for the first try are happened between the stub, VMM client and the communication endpoint gateway server. Through a safe link via VMM client, the connection endpoint gateway server and the embedded stub interconnect.

    The Session Mediation server and the embedded stub communicate through a secure link via Virtual Mobile Management Client. There are two key processes involved: Secured Privileged Access to the embedded client and Key Exchange Algorithm procedure. The stub is embedded into the mobile device by the device vendor with “root” privilege. The next step is to install the Virtual Mobile Management client and tools on the mobile device. When the Session Mediation Server makes a connection to the device, the Virtual Mobile Management Client does not have the right privilege to invoke any of the installed tools. Hence the stub gets invoked by the client. The stub then elevates the access level of the Tool Stub to make the connection. When the stub receives connection request from the Mediation server for the first time after installation a Key Exchange procedure, mutual authentication is taken place between the stub, Virtual Mobile Management Client and the Session Mediation Server. The Session Mediation server and the embedded stub communicate through a secure link via Virtual Mobile Management Client.

    •  
     点击图片添加 X
     点击图片添加 X