US 9,811,672 B2
Systems and methods for provisioning and using multiple trusted security zones on an electronic device
Stephen J. Bye, Atlanta, GA (US); Lyle W. Paczkowski, Mission Hills, KS (US); William M. Parsel, Overland Park, KS (US); Carl J. Persson, Olathe, KS (US); Matthew C. Schlesener, Shawnee, KS (US); and Trevor D. Shipley, Olathe, KS (US)
Assigned to Sprint Communications Company L.P., Overland Park, KS (US)
Filed by Sprint Communications Company L.P., Overland Park, KS (US)
Filed on Sep. 15, 2015, as Appl. No. 14/855,364.
Application 14/855,364 is a division of application No. 13/571,348, filed on Aug. 10, 2012, granted, now 9,183,412.
Prior Publication US 2016/0004876 A1, Jan. 7, 2016
Int. Cl. G06F 7/04 (2006.01); G06F 21/60 (2013.01); G06F 21/74 (2013.01); G06F 21/62 (2013.01)
CPC G06F 21/604 (2013.01) [G06F 21/62 (2013.01); G06F 21/74 (2013.01)] 10 Claims
OG exemplary drawing
 
1. A method of changing the memory size of a subordinate trusted security zone in a processor having a trusted security zone, comprising:
transmitting an indication of memory utilized by a first subordinate trusted security zone of the processor to a master trusted application executing in a master trusted security zone of the processor;
determining an average memory utilized by the first subordinate trusted security zone based on the indication of memory utilized by the first subordinate trusted security zone;
receiving, by the master trusted application from a second subordinate trusted security zone of the processor, a request to increase the memory size of the second subordinate trusted security zone of the processor, wherein the master trusted application is mediating transfer of memory resources to the first subordinate trusted security zone and the second subordinate trusted security zone without accessing or monitoring either of the first subordinate trusted security zone and the second subordinate trusted security zone, and wherein the master trusted application has no visibility into a first memory space associated with the first subordinate trusted security zone and has no visibility into the processing of a first trusted application that executes in the first subordinate trusted security zone;
in response to receiving the request from the second subordinate trusted security zone, reducing, by the master trusted application, the memory size of the first subordinate trusted security zone based at least in part on the indication of memory utilized by the first subordinate trusted security zone and the average memory utilized by the first subordinate trusted security zone; and
increasing, by the master trusted application, the memory size of the second subordinate trusted security zone.