CN1882896A - 用于在计算机系统内为sim设备提供受信通道的方法和装置 - Google Patents
用于在计算机系统内为sim设备提供受信通道的方法和装置 Download PDFInfo
- Publication number
- CN1882896A CN1882896A CNA2004800337024A CN200480033702A CN1882896A CN 1882896 A CN1882896 A CN 1882896A CN A2004800337024 A CNA2004800337024 A CN A2004800337024A CN 200480033702 A CN200480033702 A CN 200480033702A CN 1882896 A CN1882896 A CN 1882896A
- Authority
- CN
- China
- Prior art keywords
- encryption key
- data
- exchange
- storer
- trusted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
- H04W12/086—Access security using security domains
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Abstract
在SIM设备(180)和在受信平台(110,120,140)上执行的应用之间交换数据,其中待交换的数据被保护免受未授权访问。在一个实施方案中,交换数据的操作包括通过受信路径在计算机系统(100)内交换加密密钥,并且通过计算机系统的非受信路径交换用所述加密密钥加密的数据。
Description
发明领域
本发明的领域总地涉及受信(trusted)计算机平台;并且,更具体地,涉及用于在计算机系统内为SIM设备提供受信通道的方法和装置。
背景技术
受信操作系统(OS)和平台是相对新的概念。在第一代平台中,创建一个受信环境,在该环境中应用可以以受信的方式运行并且可被随意篡改。通过在处理器、芯片组和软件中作出改变,从而创建一个对其他应用来说不可视(存储器区域被保护)并且不可篡改(代码执行流不可修改)的环境。结果,任何人都不能非法访问该计算机系统,或是病毒不能危害该计算机系统。
在今天的计算时代,用户识别模块(SIM),有时也被称作智能卡(smart card),变得益发普遍。SIM是信用卡大小的卡,它通常被全球移动通信系统(GSM)电话用来存储电话帐户信息并提供认证、授权和记帐(Authentication,Authorization and Accounting,AAA)。SIM卡还允许使用者像使用他们自己的电话一样来使用借来或租赁的GSM电话。SIM卡还能被编程为在电话的读出器(readout)上显示客户的菜单。在一些情况下,SIM卡包括内置(built-in)的微处理器和存储器,它们在一些情况下可以用于识别或金融交易。当SIM卡被插入读取器(reader)时,可以访问SIM卡以向其传输数据或是从其传输数据。SIM卡还可以被插入。
在计算机系统中使用SIM卡时,需要从SIM卡安全地访问(access)信息,以便防止未授权的软件应用访问SIM。这样的访问可能是想要获悉某些SIM秘密信息,或是想要破坏GSM认证机制并盗取提供的服务。
附图说明
在附图中以示例性而非限定性的方式图示说明了一个或更多个实施方案,其中:
图1根据一个实施方案示出能够提供受信平台以保护所选择的应用和数据免受未授权访问的计算机系统;以及
图2是根据一个实施方案的流程图,描述了在计算机系统内为SIM设备提供受信通道(channel)的过程。
具体实施方式
描述了用于在计算机系统内为SIM设备提供受信通道的方法和系统。在一个实施方案中,数据在正在受信平台上执行的应用和SIM设备之间进行交换,其中所交换的数据被保护以免受到未授权的访问。在一个实施方案中,通过计算机系统内的受信通道交换加密秘钥。通过计算机内的非受信通道交换用加密密钥加密的数据。
在下面的描述中,阐述了很多具体的细节。然而,应该理解无需这些具体细节可以实践实施方案。在其他实例中,公知的电路、结构和技术没有详细示出,以免模糊了对本描述的理解。
在整篇说明书中提及“一个实施方案”或“实施方案”表示关于该实施方案描述的具体特征、结构或特性被包括在至少一个实施方案中。因此,“在一个实施方案中”或“在实施方案中”在整篇说明书中不同地方的出现不一定全是指同一实施方案。此外,具体特征、结构或特性可以在以任何适当的方式组合的一个或更多个实施方案中。另外,这里所描述的受信平台、组件、单元或其子单元可被互换地称作受保护的或安全的。
受信平台
图1根据一个实施方案示出能够提供受信平台以保护所选择的应用和数据免受未授权访问的计算机系统。图示的实施方案的系统100包括处理器110、通过处理器总线130连接到处理器110的芯片组120、存储器140,以及用来访问SIM卡182上的数据的SIM设备180。在替换性的实施方案中,可以包括额外的处理器和单元。
处理器110可以具有各种部件(element),包括但不限于嵌入式密钥116、页面表(pagetable,PT)寄存器114和缓存存储器(缓存(cache))112。缓存112的所有或部分可以包括,或可转换为私有存储器(private memory,PM)160。私有存储器是这样的存储器,当它被激活为私有存储器时,它具有足够保护以避免未授权设备(例如相关联的处理器110之外的任何设备)对其访问。
密钥116可以是用来加密、解密、以及确认(validation)各种数据块和/或代码块的嵌入式密钥。可替换地,密钥116可以在系统100内的可替换的单元上提供。PT寄存器114可以是寄存器形式的表,用来识别哪些存储器页面仅能被受信代码访问而哪些存储器页面没有受到如此的保护。
在一个实施方案中,存储器140可以包括用于系统100的系统存储器,并且在一个实施方案中可以被实现为通常被称作随机访问存储器(RAM)的易失性存储器。在一个实施方案中,存储器140可以包含受保护的存储器表142,所述存储器表定义存储器140中的直接存储器访问(DMA)传输不能访问哪些存储器块(其中存储器块是一系列连续的可寻址的存储器位置)。因为对存储器140的所有访问都通过芯片组120,所以芯片组120可以在允许任何DMA传输发生之前检查受保护的存储器表142。在特定的操作中,受到被保护的存储器表142保护以避免DMA传输的存储器块,与被限制为由处理器110中的PT寄存器144进行受保护地处理的存储器块,可以是相同的存储器块。受保护的存储器表142可以替换性地存储在系统100内的可替换的单元的存储器器件中。
在一个实施方案中,存储器140还包括受信软件(S/W)监控器144,一旦受信工作环境被建立,监控器144就可以监控和控制整个受信工作环境。在一个实施方案中,受信S/W监控器144可以放置在受到被保护的存储器表142保护以避免DMA传输的存储器块中。
芯片组120可以是逻辑电路,用来提供在处理器110、存储器140、SIM设备180和其他未示出设备之间的接口。在一个实施方案中,芯片组120被实现为一个或更多个单个的集成电路,但是在其他实施方案中,芯片组120可以被实现为更大的集成电路的一部分。芯片组120可以包括存储器控制器122,以控制对存储器140的访问。此外,在一个实施方案中,芯片组120可以具有集成到芯片组120上的SIM设备的SIM读取器。
在一个实施方案中,只有仅由处理器110中的受信微代码初始化的命令才能对受保护寄存器126进行写入。受信微代码是这样的微代码,仅有被授权的指令(或多条指令)和/或不能被未授权设备控制的硬件能够启动该微代码的执行。在一个实施方案中,受信寄存器126保持数据,所述数据识别受信存储器表142和受信S/W监控器144的位置,和/或控制对受信存储器表142和受信S/W监控器144的访问。在一个实施方案中,受信寄存器126包括使能(enable)或禁用(disable)对受信存储器表142的使用的寄存器,从而可以在进入受信工作环境之前激活DMA保护,并在离开受信工作环境之后反激活DMA保护。
SIM设备的受信通道
图2是根据一个实施方案的流程图,描述了在计算机系统内为SIM设备提供受信通道的过程。如这里所描述的,提到SIM设备包括其他相关类型的智能卡。在图2的流程图中描述的过程是参照上述图1的系统进行描述的。
在一个实施方案中,在过程202处,在系统100的受信环境中执行的应用150确定要从系统100的SIM设备180访问的信息。在受信环境中执行的应用150可以位于受保护的存储器中,例如缓存112的受保护存储器160,或是存储器140的受保护区段(section)。在一个实施方案中,SIM设备180包括确认机制,以确认访问是来自于SIM设备物理附接的平台上运行的受信环境中的应用,而不是来自于某个远程执行的应用。
在过程204处,应用和SIM设备执行相互认证操作,以确定SIM设备是应用要从其接收数据的正确的设备,或是确定该应用是SIM设备要向其发送数据的正确的应用。相互认证可以通过整个相关技术领域公知的各种过程来进行。
在过程206,在一个实施方案中,在相互认证完成后,应用150通过存储器器件的受信通道和保持在CPU中相应的PT项向存储器140的受保护区段发送加密密钥。在一个实施方案中,用来存储加密密钥的存储器的受保护区段可以通过受保护存储器表142识别。
由应用150提供给存储器140的受保护区段的加密密钥是由应用150生成的,并且可以应用到几个可用的加密过程中的一个,例如数据加密标准(DAS)或先进加密标准(AES)。在一个实施方案中,加密密钥是通过使用处理器110的密钥116生成的。
在过程208处,SIM设备180从存储器140的受保护区段访问(access)加密密钥。在一个实施方案中,SIM设备通过芯片组120的受信端口112访问加密密钥,所述受信端口被映射到存储器140的受保护区段中。在一个实施方案中,受信端口可以支持几种平台总线协议中的一种,包括USB。在可替换的实施方案中,加密密钥由SIM设备提供,其中应用通过芯片组的受信端口从SIM设备访问加密密钥。
在过程210,SIM设备180使用加密密钥来加密要送往应用150的数据。在过程212,由芯片组的主控制器128(例如USB主控制器)把加密的分组(packet)从SIM设备180中传输到存储器的常规区域(即存储器的未受保护区段148)。例如,用来存储数据分组(例如USB数据分组)的存储器的区域。
在一个实施方案中,主控制器通过芯片组的常规端口120(即未受保护端口)将加密的分组传送到存储器,所述常规端口被映射到存储器的未受保护区段148。在一个实施方案中,来自SIM设备的加密的分组包括消息认证码,以提供完整性保护的等级。
在过程214,驱动器(例如未受保护的USB驱动器)从存储器的未受保护区段148访问加密的分组,并且将所述加密的分组提供给在受信平台上执行的应用150。在过程216处,应用150解密所述加密的分组,以便访问来自SIM设备的数据,所述加密的分组已经通过系统100内的非受信路径(path)安全地传输到了应用。
在一个实施方案中,可以基于预测事件交换新的加密密钥。例如,可以在每次新交易(如基于实现选择所定义的)、经过预定时间段或交换了预定量的数据这些事件中的一项或其组合发生之后,交换新的加密密钥。
在另一个可替换的实施方案中,可以在应用150和SIM设备180之间交换多个加密密钥,以用来加密在SIM设备180和应用150之间交换的数据。例如,SIM设备可以包括多个数据管道(pipe)(例如批量进入(bulk-in)、批量输出(bulk-out)和默认控制管道)。对于SIM设备的数据管道中的每一个,可以使用独立的加密密钥来保护数据交换。可替换地,独立的数据管道可以都是用相同的加密密钥。
在可替换的实施方案中,数据分组可以不采用加密而从SIM设备传送到应用。例如,主控制器128通过芯片组120的受信端口112将数据从SIM设备传送到存储器140的受保护区段。接着受信驱动器将从存储器140的受保护区段访问数据,并且通过受信路径把数据提供给应用150,而不将SIM数据加密。
上面所描述的过程可以作为被执行的指令集存储在计算机系统的存储器中。此外,用来执行上述过程的指令能够可替换地存储在其他形式的机器可读介质上,所述机器可读介质包括磁盘和光盘。例如,所描述的过程可以存储在诸如磁盘或光盘的机器可读介质上,磁盘和光盘可以通过盘驱动(或机器可读介质驱动)来访问。此外,所述指令可以以已编译和已链接版本的形式从数据网络上下载到计算设备中。
可替换地,执行如上所述的方法和系统的逻辑可以在另外的计算机和/或机器可读介质中实现,这样的计算机和/或机器可读介质比如作为大规模集成电路(LSI)、专用集成电路(ASIC)或诸如电可擦可编程只读存储器(EEPROM)的固件的分立硬件组件;以及电、光、声和其他形式的传播信号(例如载波,红外信号,数字信号等)等等。
在上面的说明书中参照发明的具体示例性实施方案描述了本发明。然而,很显然可以对其作出各种修改和改变,而不偏离所附权利要求书阐述的本发明的宽泛的精神和范围。具体来说,如这里所述,SIM设备包括智能卡设备(包括USB芯片/智能卡接口设备(CCID))。此外,这里所描述的系统的体系结构独立于所使用的具体密钥交换协议。因此,说明书和附图被认为是说明性的,而非限制意义的。
Claims (24)
1.一种方法,包括:
在SIM设备和在受信平台上执行的应用间交换数据,其中待交换的所述数据被保护免受未授权访问。
2.如权利要求1所述的方法,其中所述数据交换的操作包括:
通过计算机系统内的受信路径交换加密密钥;以及
通过所述计算系统内的非受信路径交换用加密密钥加密的数据。
3.如权利要求2所述的方法,其中所述交换所述加密密钥的操作包括,所述应用将所述加密密钥传送给所述计算机系统内的存储器的受保护区段;以及
SIM设备从存储器的所述受保护区段访问所述加密密钥。
4.如权利要求2所述的方法,其中所述交换所述加密密钥的操作包括,所述应用从所述SIM设备访问所述加密密钥,所述应用通过芯片组的受信端口访问所述加密密钥。
5.如权利要求2所述的方法,其中所述交换所述加密密钥的操作包括交换多个加密密钥,并且所述交换数据的操作包括交换分别的数据单元,其中每个数据单元用选自所述多个加密密钥中的加密密钥分别地进行加密。
6.如权利要求2所述的方法,其中所述交换数据的操作包括主控制器将数据从所述SIM设备传送到存储器的未受保护区段。
7.如权利要求6所述的方法,其中所述交换数据的操作包括驱动器将数据从存储器的所述未受保护区段传送到所述应用。
8.如权利要求7所述的方法,其中所述主控制器是通用串行总线(USB)主控制器,并且所述驱动器是USB驱动器。
9.如权利要求6所述的方法,其中所述交换所述加密密钥的操作包括,所述SIM设备通过芯片组的受信端口从存储器的所述受保护区段读取所述加密密钥。
10.如权利要求6所述的方法,还包括:
所述应用使用所述加密密钥解密所述加密的数据。
11.如权利要求7所述的方法,还包括:
在交换所述加密密钥之前,所述应用认证所述SIM设备。
12.如权利要求6所述的方法,还包括:
基于预定的事件交换新的加密密钥,所述预定事件选自由每次新交易、经过预定时间段和交换了预定量的数据所组成的组。
13.一种系统,包括:
处理器;
存储器,所述存储器具有受保护区段和未受保护区段;
SIM设备;以及
芯片组,所述芯片组用来在所述SIM设备和在受信平台上执行的应用之间交换数据,其中待交换的所述数据被保护免受未授权访问。
14.如权利要求13所述的系统,其中所述对数据的交换包括通过计算机系统内的受信路径进行的加密密钥的交换,以及通过所述计算机系统内的非受信路径进行的对使用所述加密密钥加密的数据的交换。
15.如权利要求14所述的系统,其中所述加密密钥的所述交换包括,所述应用将所述加密密钥传送给存储器的所述受保护区段,所述SIM设备从存储器的所述受保护区段访问所述加密密钥。
16.如权利要求13所述的系统,其中所述加密密钥的所述交换包括,所述应用从所述SIM设备访问所述加密密钥,所述应用通过芯片组的受信端口访问所述加密密钥。
17.如权利要求13所述的系统,其中所述加密密钥的所述交换包括交换多个加密密钥,并且对数据的所述交换包括对对分别的数据单元的交换,其中每个数据单元用选自所述多个加密密钥中的加密密钥分别地进行加密。
18.如权利要求12所述的系统,其中所述系统还包括主控制器,所述主控制器将数据从所述SIM设备传送到存储器的未受保护区段。
19.如权利要求16所述的系统,其中所述系统还包括驱动器,所述驱动器将数据从存储器的所述未受保护区域传送到所述应用。
20.如权利要求17所述的系统,其中所述主控制器是通用串行总线(USB)主控制器,并且所述驱动器是USB驱动器。
21.如权利要求14所述的系统,其中所述SIM设备通过所述芯片组的受信端口从存储器的所述受保护区段读取所述加密密钥。
22.如权利要求14所述的系统,其中所述应用使用所述加密密钥解密所述加密的数据。
23.如权利要求17所述的系统,其中,在交换所述加密密钥之前,所述应用认证所述SIM设备。
24.如权利要求14所述的系统,其中,基于预定的事件交换新的加密密钥,所述预定事件选自由每次新交易、经过预定时间段和交换了预定量的数据所组成的组。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/715,970 US7636844B2 (en) | 2003-11-17 | 2003-11-17 | Method and system to provide a trusted channel within a computer system for a SIM device |
US10/715,970 | 2003-11-17 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1882896A true CN1882896A (zh) | 2006-12-20 |
CN100480946C CN100480946C (zh) | 2009-04-22 |
Family
ID=34574323
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB2004800337024A Expired - Fee Related CN100480946C (zh) | 2003-11-17 | 2004-11-05 | 用于在计算机系统内为sim设备提供受信通道的方法和装置 |
Country Status (6)
Country | Link |
---|---|
US (1) | US7636844B2 (zh) |
JP (1) | JP4461145B2 (zh) |
KR (1) | KR100871182B1 (zh) |
CN (1) | CN100480946C (zh) |
TW (1) | TWI308836B (zh) |
WO (1) | WO2005050423A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104778401A (zh) * | 2014-01-13 | 2015-07-15 | 恩智浦有限公司 | 数据处理设备和用于执行应用程序的方法 |
Families Citing this family (32)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060099991A1 (en) * | 2004-11-10 | 2006-05-11 | Intel Corporation | Method and apparatus for detecting and protecting a credential card |
US8027472B2 (en) * | 2005-12-30 | 2011-09-27 | Selim Aissi | Using a trusted-platform-based shared-secret derivation and WWAN infrastructure-based enrollment to establish a secure local channel |
US7542345B2 (en) * | 2006-02-16 | 2009-06-02 | Innovative Silicon Isi Sa | Multi-bit memory cell having electrically floating body transistor, and method of programming and reading same |
US7925896B2 (en) * | 2006-03-30 | 2011-04-12 | Texas Instruments Incorporated | Hardware key encryption for data scrambling |
US7809939B2 (en) * | 2006-03-31 | 2010-10-05 | Intel Corporation | Trusted point-to-point communication over open bus |
US9092635B2 (en) * | 2006-03-31 | 2015-07-28 | Gemalto Sa | Method and system of providing security services using a secure device |
TWI506966B (zh) | 2006-05-09 | 2015-11-01 | 內數位科技公司 | 無線裝置安全時間功能 |
DE112006004111A5 (de) * | 2006-09-07 | 2009-10-15 | Nokia Siemens Networks Gmbh & Co.Kg | Verfahren zum Bereitstellen einer Dienstgüte für eine Paketdatenverbindung sowie Anordnung, Netzknoten und Kommunikationsendgerät |
GB2442023B (en) * | 2006-09-13 | 2011-03-02 | Advanced Risc Mach Ltd | Memory access security management |
WO2008150060A1 (en) * | 2007-06-04 | 2008-12-11 | Lg Electronics Inc. | Contactless management using envelope format |
KR100955347B1 (ko) * | 2007-11-15 | 2010-04-29 | 한국전자통신연구원 | 단말기의 정보 관리 장치 및 그 방법 |
KR100923987B1 (ko) * | 2007-12-13 | 2009-10-28 | 한국전자통신연구원 | 보안 방법 및 장치 |
JP2009152812A (ja) * | 2007-12-20 | 2009-07-09 | Hitachi Ltd | 端末のユーザ識別情報転送による非携帯端末のネットワーク接続方法 |
WO2010105259A1 (en) * | 2009-03-13 | 2010-09-16 | Assa Abloy Ab | Secure card access module for integrated circuit card applications |
WO2011022437A1 (en) * | 2009-08-17 | 2011-02-24 | Cram, Inc. | Digital content management and delivery |
US8397306B1 (en) * | 2009-09-23 | 2013-03-12 | Parallels IP Holdings GmbH | Security domain in virtual environment |
US8566934B2 (en) | 2011-01-21 | 2013-10-22 | Gigavation, Inc. | Apparatus and method for enhancing security of data on a host computing device and a peripheral device |
JP5772031B2 (ja) * | 2011-02-08 | 2015-09-02 | 富士通株式会社 | 通信装置およびセキュアモジュール |
US9633391B2 (en) | 2011-03-30 | 2017-04-25 | Cram Worldwide, Llc | Secure pre-loaded drive management at kiosk |
KR102195788B1 (ko) | 2011-08-10 | 2020-12-28 | 기타 스리바스타바 | 호스트 컴퓨팅 디바이스와 주변기기의 데이터의 보안을 강화하기 위한 장치 및 방법 |
US20140143147A1 (en) * | 2011-12-20 | 2014-05-22 | Rajesh Poornachandran | Transaction fee negotiation for currency remittance |
US9135449B2 (en) * | 2012-07-24 | 2015-09-15 | Electronics And Telecommunications Research Institute | Apparatus and method for managing USIM data using mobile trusted module |
DK4060529T3 (da) | 2013-07-31 | 2023-08-28 | Hewlett Packard Development Co | Beskyttelse af data i et forbrugerprodukts hukommelse |
CN104468997B (zh) * | 2014-12-01 | 2017-09-19 | 努比亚技术有限公司 | 加密状态处理方法及装置 |
CN107003934B (zh) | 2014-12-08 | 2020-12-29 | 英特尔公司 | 改进共享本地存储器和系统全局存储器之间的存储器访问性能的装置和方法 |
SG10201500698YA (en) * | 2015-01-29 | 2016-08-30 | Huawei Internat Pte Ltd | Method for data protection using isolated environment in mobile device |
US10374805B2 (en) * | 2015-07-20 | 2019-08-06 | Intel Corporation | Technologies for trusted I/O for multiple co-existing trusted execution environments under ISA control |
US11321493B2 (en) * | 2017-05-31 | 2022-05-03 | Crypto4A Technologies Inc. | Hardware security module, and trusted hardware network interconnection device and resources |
US11190356B2 (en) | 2018-02-23 | 2021-11-30 | Microsoft Technology Licensing, Llc | Secure policy ingestion into trusted execution environments |
US11411933B2 (en) * | 2018-02-23 | 2022-08-09 | Microsoft Technology Licensing, Llc | Trusted cyber physical system |
US11205003B2 (en) | 2020-03-27 | 2021-12-21 | Intel Corporation | Platform security mechanism |
US11874776B2 (en) | 2021-06-25 | 2024-01-16 | Intel Corporation | Cryptographic protection of memory attached over interconnects |
Family Cites Families (171)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US640838A (en) * | 1899-09-07 | 1900-01-09 | William C Vough | Piano-action. |
US3699532A (en) | 1970-04-21 | 1972-10-17 | Singer Co | Multiprogramming control for a data handling system |
US3996449A (en) | 1975-08-25 | 1976-12-07 | International Business Machines Corporation | Operating system authenticator |
US4162536A (en) | 1976-01-02 | 1979-07-24 | Gould Inc., Modicon Div. | Digital input/output system and method |
US4037214A (en) | 1976-04-30 | 1977-07-19 | International Business Machines Corporation | Key register controlled accessing system |
US4247905A (en) * | 1977-08-26 | 1981-01-27 | Sharp Kabushiki Kaisha | Memory clear system |
US4278837A (en) | 1977-10-31 | 1981-07-14 | Best Robert M | Crypto microprocessor for executing enciphered programs |
US4276594A (en) | 1978-01-27 | 1981-06-30 | Gould Inc. Modicon Division | Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same |
US4207609A (en) | 1978-05-08 | 1980-06-10 | International Business Machines Corporation | Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system |
JPS5823570B2 (ja) * | 1978-11-30 | 1983-05-16 | 国産電機株式会社 | 液面検出装置 |
JPS5576447A (en) | 1978-12-01 | 1980-06-09 | Fujitsu Ltd | Address control system for software simulation |
US4307447A (en) | 1979-06-19 | 1981-12-22 | Gould Inc. | Programmable controller |
US4319323A (en) * | 1980-04-04 | 1982-03-09 | Digital Equipment Corporation | Communications device for data processing system |
US4419724A (en) | 1980-04-14 | 1983-12-06 | Sperry Corporation | Main bus interface package |
US4366537A (en) | 1980-05-23 | 1982-12-28 | International Business Machines Corp. | Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys |
US4403283A (en) | 1980-07-28 | 1983-09-06 | Ncr Corporation | Extended memory system and method |
DE3034581A1 (de) * | 1980-09-13 | 1982-04-22 | Robert Bosch Gmbh, 7000 Stuttgart | Auslesesicherung bei einchip-mikroprozessoren |
US4521852A (en) | 1982-06-30 | 1985-06-04 | Texas Instruments Incorporated | Data processing device formed on a single semiconductor substrate having secure memory |
JPS59111561A (ja) * | 1982-12-17 | 1984-06-27 | Hitachi Ltd | 複合プロセツサ・システムのアクセス制御方式 |
US4759064A (en) | 1985-10-07 | 1988-07-19 | Chaum David L | Blind unanticipated signature systems |
US4975836A (en) | 1984-12-19 | 1990-12-04 | Hitachi, Ltd. | Virtual computer system |
JPS61206057A (ja) * | 1985-03-11 | 1986-09-12 | Hitachi Ltd | アドレス変換装置 |
FR2592510B1 (fr) * | 1985-12-31 | 1988-02-12 | Bull Cp8 | Procede et appareil pour certifier des services obtenus a l'aide d'un support portatif tel qu'une carte a memoire |
FR2601476B1 (fr) | 1986-07-11 | 1988-10-21 | Bull Cp8 | Procede pour authentifier une donnee d'habilitation externe par un objet portatif tel qu'une carte a memoire |
FR2601525B1 (fr) * | 1986-07-11 | 1988-10-21 | Bull Cp8 | Dispositif de securite interdisant le fonctionnement d'un ensemble electronique apres une premiere coupure de son alimentation electrique |
FR2601535B1 (fr) * | 1986-07-11 | 1988-10-21 | Bull Cp8 | Procede pour certifier l'authenticite d'une donnee echangee entre deux dispositifs connectes en local ou a distance par une ligne de transmission |
FR2618002B1 (fr) * | 1987-07-10 | 1991-07-05 | Schlumberger Ind Sa | Procede et systeme d'authentification de cartes a memoire electronique |
US5007082A (en) * | 1988-08-03 | 1991-04-09 | Kelly Services, Inc. | Computer software encryption apparatus |
US5079737A (en) * | 1988-10-25 | 1992-01-07 | United Technologies Corporation | Memory management unit for the MIL-STD 1750 bus |
US5434999A (en) | 1988-11-09 | 1995-07-18 | Bull Cp8 | Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal |
FR2640798B1 (fr) | 1988-12-20 | 1993-01-08 | Bull Cp8 | Dispositif de traitement de donnees comportant une memoire non volatile electriquement effacable et reprogrammable |
JPH02171934A (ja) * | 1988-12-26 | 1990-07-03 | Hitachi Ltd | 仮想計算機システム |
JPH02208740A (ja) | 1989-02-09 | 1990-08-20 | Fujitsu Ltd | 仮想計算機制御方式 |
US5442645A (en) | 1989-06-06 | 1995-08-15 | Bull Cp8 | Method for checking the integrity of a program or data, and apparatus for implementing this method |
JP2590267B2 (ja) * | 1989-06-30 | 1997-03-12 | 株式会社日立製作所 | 仮想計算機における表示制御方式 |
US5022077A (en) | 1989-08-25 | 1991-06-04 | International Business Machines Corp. | Apparatus and method for preventing unauthorized access to BIOS in a personal computer system |
JP2825550B2 (ja) * | 1989-09-21 | 1998-11-18 | 株式会社日立製作所 | 多重仮想空間アドレス制御方法および計算機システム |
CA2010591C (en) | 1989-10-20 | 1999-01-26 | Phillip M. Adams | Kernels, description tables and device drivers |
CA2027799A1 (en) * | 1989-11-03 | 1991-05-04 | David A. Miller | Method and apparatus for independently resetting processors and cache controllers in multiple processor systems |
US5075842A (en) | 1989-12-22 | 1991-12-24 | Intel Corporation | Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism |
US5230069A (en) | 1990-10-02 | 1993-07-20 | International Business Machines Corporation | Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system |
US5317705A (en) | 1990-10-24 | 1994-05-31 | International Business Machines Corporation | Apparatus and method for TLB purge reduction in a multi-level machine system |
US5287363A (en) * | 1991-07-01 | 1994-02-15 | Disk Technician Corporation | System for locating and anticipating data storage media failures |
US5437033A (en) | 1990-11-16 | 1995-07-25 | Hitachi, Ltd. | System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode |
US5255379A (en) | 1990-12-28 | 1993-10-19 | Sun Microsystems, Inc. | Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor |
US5453003A (en) * | 1991-01-09 | 1995-09-26 | Pfefferle; William C. | Catalytic method |
US5551033A (en) * | 1991-05-17 | 1996-08-27 | Zenith Data Systems Corporation | Apparatus for maintaining one interrupt mask register in conformity with another in a manner invisible to an executing program |
US5522075A (en) * | 1991-06-28 | 1996-05-28 | Digital Equipment Corporation | Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces |
US5319760A (en) | 1991-06-28 | 1994-06-07 | Digital Equipment Corporation | Translation buffer for virtual machines with address space match |
US5455909A (en) | 1991-07-05 | 1995-10-03 | Chips And Technologies Inc. | Microprocessor with operation capture facility |
JPH06236284A (ja) * | 1991-10-21 | 1994-08-23 | Intel Corp | コンピュータシステム処理状態を保存及び復元する方法及びコンピュータシステム |
US5627987A (en) * | 1991-11-29 | 1997-05-06 | Kabushiki Kaisha Toshiba | Memory management and protection system for virtual memory in computer system |
US5574936A (en) | 1992-01-02 | 1996-11-12 | Amdahl Corporation | Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system |
US5210795A (en) * | 1992-01-10 | 1993-05-11 | Digital Equipment Corporation | Secure user authentication from personal computer |
US5486529A (en) * | 1992-04-16 | 1996-01-23 | Zeneca Limited | Certain pyridyl ketones for treating diseases involving leukocyte elastase |
US5421006A (en) * | 1992-05-07 | 1995-05-30 | Compaq Computer Corp. | Method and apparatus for assessing integrity of computer system software |
US5327497A (en) * | 1992-06-04 | 1994-07-05 | Integrated Technologies Of America, Inc. | Preboot protection of unauthorized use of programs and data with a card reader interface |
US5237616A (en) | 1992-09-21 | 1993-08-17 | International Business Machines Corporation | Secure computer system having privileged and unprivileged memories |
US5293424A (en) * | 1992-10-14 | 1994-03-08 | Bull Hn Information Systems Inc. | Secure memory card |
WO1994011849A1 (en) * | 1992-11-11 | 1994-05-26 | Telecom Finland Oy | Mobile telephone systems and a method for carrying out financial transactions by means of a mobile telephone system |
JP2765411B2 (ja) * | 1992-11-30 | 1998-06-18 | 株式会社日立製作所 | 仮想計算機方式 |
US5668971A (en) | 1992-12-01 | 1997-09-16 | Compaq Computer Corporation | Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer |
JPH06187178A (ja) | 1992-12-18 | 1994-07-08 | Hitachi Ltd | 仮想計算機システムの入出力割込み制御方法 |
US5483656A (en) * | 1993-01-14 | 1996-01-09 | Apple Computer, Inc. | System for managing power consumption of devices coupled to a common bus |
US5469557A (en) | 1993-03-05 | 1995-11-21 | Microchip Technology Incorporated | Code protection in microcontroller with EEPROM fuses |
FR2703800B1 (fr) | 1993-04-06 | 1995-05-24 | Bull Cp8 | Procédé de signature d'un fichier informatique, et dispositif pour la mise en Óoeuvre. |
FR2704341B1 (fr) | 1993-04-22 | 1995-06-02 | Bull Cp8 | Dispositif de protection des clés d'une carte à puce. |
JPH06348867A (ja) * | 1993-06-04 | 1994-12-22 | Hitachi Ltd | マイクロコンピュータ |
FR2706210B1 (fr) | 1993-06-08 | 1995-07-21 | Bull Cp8 | Procédé d'authentification d'un objet portatif par un terminal hors ligne, objet portatif et terminal correspondants. |
US5555385A (en) | 1993-10-27 | 1996-09-10 | International Business Machines Corporation | Allocation of address spaces within virtual machine compute system |
US5825880A (en) | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
US5459869A (en) | 1994-02-17 | 1995-10-17 | Spilo; Michael L. | Method for providing protected mode services for device drivers and other resident software |
US5604805A (en) * | 1994-02-28 | 1997-02-18 | Brands; Stefanus A. | Privacy-protected transfer of electronic information |
FR2717286B1 (fr) * | 1994-03-09 | 1996-04-05 | Bull Cp8 | Procédé et dispositif pour authentifier un support de données destiné à permettre une transaction ou l'accès à un service ou à un lieu, et support correspondant. |
US5684881A (en) | 1994-05-23 | 1997-11-04 | Matsushita Electric Industrial Co., Ltd. | Sound field and sound image control apparatus and method |
US5473692A (en) | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
US5539828A (en) | 1994-05-31 | 1996-07-23 | Intel Corporation | Apparatus and method for providing secured communications |
JPH0883211A (ja) * | 1994-09-12 | 1996-03-26 | Mitsubishi Electric Corp | データ処理装置 |
US6058478A (en) * | 1994-09-30 | 2000-05-02 | Intel Corporation | Apparatus and method for a vetted field upgrade |
FR2725537B1 (fr) | 1994-10-11 | 1996-11-22 | Bull Cp8 | Procede de chargement d'une zone memoire protegee d'un dispositif de traitement de l'information et dispositif associe |
US5903752A (en) * | 1994-10-13 | 1999-05-11 | Intel Corporation | Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system |
US5606617A (en) * | 1994-10-14 | 1997-02-25 | Brands; Stefanus A. | Secret-key certificates |
US5564040A (en) | 1994-11-08 | 1996-10-08 | International Business Machines Corporation | Method and apparatus for providing a server function in a logically partitioned hardware machine |
US5560013A (en) | 1994-12-06 | 1996-09-24 | International Business Machines Corporation | Method of using a target processor to execute programs of a source architecture that uses multiple address spaces |
US5555414A (en) | 1994-12-14 | 1996-09-10 | International Business Machines Corporation | Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals |
US5615263A (en) * | 1995-01-06 | 1997-03-25 | Vlsi Technology, Inc. | Dual purpose security architecture with protected internal operating system |
US5764969A (en) | 1995-02-10 | 1998-06-09 | International Business Machines Corporation | Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization |
FR2731536B1 (fr) * | 1995-03-10 | 1997-04-18 | Schlumberger Ind Sa | Procede d'inscription securisee d'informations dans un support portable |
US5717903A (en) * | 1995-05-15 | 1998-02-10 | Compaq Computer Corporation | Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device |
JP3451595B2 (ja) | 1995-06-07 | 2003-09-29 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 二つの別個の命令セット・アーキテクチャへの拡張をサポートすることができるアーキテクチャ・モード制御を備えたマイクロプロセッサ |
US5684948A (en) | 1995-09-01 | 1997-11-04 | National Semiconductor Corporation | Memory management circuit which provides simulated privilege levels |
US5633929A (en) * | 1995-09-15 | 1997-05-27 | Rsa Data Security, Inc | Cryptographic key escrow system having reduced vulnerability to harvesting attacks |
US5737760A (en) * | 1995-10-06 | 1998-04-07 | Motorola Inc. | Microcontroller with security logic circuit which prevents reading of internal memory by external program |
JP3693721B2 (ja) * | 1995-11-10 | 2005-09-07 | Necエレクトロニクス株式会社 | フラッシュメモリ内蔵マイクロコンピュータ及びそのテスト方法 |
US5657445A (en) | 1996-01-26 | 1997-08-12 | Dell Usa, L.P. | Apparatus and method for limiting access to mass storage devices in a computer system |
US5835594A (en) | 1996-02-09 | 1998-11-10 | Intel Corporation | Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage |
US5809546A (en) | 1996-05-23 | 1998-09-15 | International Business Machines Corporation | Method for managing I/O buffers in shared storage by structuring buffer table having entries including storage keys for controlling accesses to the buffers |
US6205550B1 (en) * | 1996-06-13 | 2001-03-20 | Intel Corporation | Tamper resistant methods and apparatus |
US6175925B1 (en) * | 1996-06-13 | 2001-01-16 | Intel Corporation | Tamper resistant player for scrambled contents |
US6178509B1 (en) * | 1996-06-13 | 2001-01-23 | Intel Corporation | Tamper resistant methods and apparatus |
US5729760A (en) * | 1996-06-21 | 1998-03-17 | Intel Corporation | System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode |
US6199152B1 (en) * | 1996-08-22 | 2001-03-06 | Transmeta Corporation | Translated memory protection apparatus for an advanced microprocessor |
US5740178A (en) * | 1996-08-29 | 1998-04-14 | Lucent Technologies Inc. | Software for controlling a reliable backup memory |
US6055637A (en) * | 1996-09-27 | 2000-04-25 | Electronic Data Systems Corporation | System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential |
US5844986A (en) | 1996-09-30 | 1998-12-01 | Intel Corporation | Secure BIOS |
US5852717A (en) | 1996-11-20 | 1998-12-22 | Shiva Corporation | Performance optimizations for computer networks utilizing HTTP |
US5901225A (en) * | 1996-12-05 | 1999-05-04 | Advanced Micro Devices, Inc. | System and method for performing software patches in embedded systems |
US5757919A (en) * | 1996-12-12 | 1998-05-26 | Intel Corporation | Cryptographically protected paging subsystem |
US6005942A (en) * | 1997-03-24 | 1999-12-21 | Visa International Service Association | System and method for a multi-application smart card which can facilitate a post-issuance download of an application onto the smart card |
US6557104B2 (en) * | 1997-05-02 | 2003-04-29 | Phoenix Technologies Ltd. | Method and apparatus for secure processing of cryptographic keys |
US6044478A (en) * | 1997-05-30 | 2000-03-28 | National Semiconductor Corporation | Cache with finely granular locked-down regions |
US7290288B2 (en) * | 1997-06-11 | 2007-10-30 | Prism Technologies, L.L.C. | Method and system for controlling access, by an authentication server, to protected computer resources provided via an internet protocol network |
US6175924B1 (en) * | 1997-06-20 | 2001-01-16 | International Business Machines Corp. | Method and apparatus for protecting application data in secure storage areas |
US6035374A (en) * | 1997-06-25 | 2000-03-07 | Sun Microsystems, Inc. | Method of executing coded instructions in a multiprocessor having shared execution resources including active, nap, and sleep states in accordance with cache miss latency |
US6014745A (en) * | 1997-07-17 | 2000-01-11 | Silicon Systems Design Ltd. | Protection for customer programs (EPROM) |
US5919257A (en) | 1997-08-08 | 1999-07-06 | Novell, Inc. | Networked workstation intrusion detection system |
DE19735948C1 (de) * | 1997-08-19 | 1998-10-01 | Siemens Nixdorf Inf Syst | Verfahren zur Verbesserung der Steuerungsmöglichkeit in Datenverarbeitungsanlagen mit Adreßübersetzung |
US6182089B1 (en) * | 1997-09-23 | 2001-01-30 | Silicon Graphics, Inc. | Method, system and computer program product for dynamically allocating large memory pages of different sizes |
US6357004B1 (en) * | 1997-09-30 | 2002-03-12 | Intel Corporation | System and method for ensuring integrity throughout post-processing |
US6094952A (en) * | 1998-01-02 | 2000-08-01 | Sargent & Greenleaf, Inc. | Dead bolt combination lock with integrated re-locking features |
US6378072B1 (en) * | 1998-02-03 | 2002-04-23 | Compaq Computer Corporation | Cryptographic system |
US6308270B1 (en) * | 1998-02-13 | 2001-10-23 | Schlumberger Technologies, Inc. | Validating and certifying execution of a software program with a smart card |
US6192455B1 (en) * | 1998-03-30 | 2001-02-20 | Intel Corporation | Apparatus and method for preventing access to SMRAM space through AGP addressing |
US6374286B1 (en) * | 1998-04-06 | 2002-04-16 | Rockwell Collins, Inc. | Real time processor capable of concurrently running multiple independent JAVA machines |
US6173417B1 (en) * | 1998-04-30 | 2001-01-09 | Intel Corporation | Initializing and restarting operating systems |
US7096494B1 (en) * | 1998-05-05 | 2006-08-22 | Chen Jay C | Cryptographic system and method for electronic transactions |
US6339815B1 (en) * | 1998-08-14 | 2002-01-15 | Silicon Storage Technology, Inc. | Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space |
US6505279B1 (en) * | 1998-08-14 | 2003-01-07 | Silicon Storage Technology, Inc. | Microcontroller system having security circuitry to selectively lock portions of a program memory address space |
US6363485B1 (en) * | 1998-09-09 | 2002-03-26 | Entrust Technologies Limited | Multi-factor biometric authenticating device and method |
US6609199B1 (en) * | 1998-10-26 | 2003-08-19 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US6188257B1 (en) * | 1999-02-01 | 2001-02-13 | Vlsi Technology, Inc. | Power-on-reset logic with secure power down capability |
US7225333B2 (en) * | 1999-03-27 | 2007-05-29 | Microsoft Corporation | Secure processor architecture for use with a digital rights management (DRM) system on a computing device |
US6684326B1 (en) * | 1999-03-31 | 2004-01-27 | International Business Machines Corporation | Method and system for authenticated boot operations in a computer system of a networked computing environment |
FI109445B (fi) * | 1999-08-06 | 2002-07-31 | Nokia Corp | Menetelmä käyttäjän tunnistetietojen välitämiseksi langattomaan viestimeen |
WO2001013198A1 (en) * | 1999-08-13 | 2001-02-22 | Hewlett-Packard Company | Enforcing restrictions on the use of stored data |
US6529909B1 (en) * | 1999-08-31 | 2003-03-04 | Accenture Llp | Method for translating an object attribute converter in an information services patterns environment |
US7055041B1 (en) * | 1999-09-24 | 2006-05-30 | International Business Machines Corporation | Controlled use of devices |
US6535988B1 (en) * | 1999-09-29 | 2003-03-18 | Intel Corporation | System for detecting over-clocking uses a reference signal thereafter preventing over-clocking by reducing clock rate |
US6374317B1 (en) * | 1999-10-07 | 2002-04-16 | Intel Corporation | Method and apparatus for initializing a computer interface |
US6779112B1 (en) * | 1999-11-05 | 2004-08-17 | Microsoft Corporation | Integrated circuit devices with steganographic authentication, and steganographic authentication methods |
US6993656B1 (en) * | 1999-12-10 | 2006-01-31 | International Business Machines Corporation | Time stamping method using aged time stamp receipts |
US6996710B1 (en) * | 2000-03-31 | 2006-02-07 | Intel Corporation | Platform and method for issuing and certifying a hardware-protected attestation key |
US6678825B1 (en) * | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US6990579B1 (en) * | 2000-03-31 | 2006-01-24 | Intel Corporation | Platform and method for remote attestation of a platform |
FI20000760A0 (fi) * | 2000-03-31 | 2000-03-31 | Nokia Corp | Autentikointi pakettidataverkossa |
US6507904B1 (en) * | 2000-03-31 | 2003-01-14 | Intel Corporation | Executing isolated mode instructions in a secure system running in privilege rings |
US7558965B2 (en) * | 2000-08-04 | 2009-07-07 | First Data Corporation | Entity authentication in electronic communications by providing verification status of device |
GB0020416D0 (en) * | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Trusted system |
JP2002094499A (ja) * | 2000-09-18 | 2002-03-29 | Sanyo Electric Co Ltd | データ端末装置およびヘッドホン装置 |
FI115098B (fi) * | 2000-12-27 | 2005-02-28 | Nokia Corp | Todentaminen dataviestinnässä |
GB2366141B (en) * | 2001-02-08 | 2003-02-12 | Ericsson Telefon Ab L M | Authentication and authorisation based secure ip connections for terminals |
US7093127B2 (en) * | 2001-08-09 | 2006-08-15 | Falconstor, Inc. | System and method for computer storage security |
DE60109585D1 (de) * | 2001-05-08 | 2005-04-28 | Ericsson Telefon Ab L M | Sicherer Zugang zu einem entfernten Teilnehmermodul |
US20040218762A1 (en) * | 2003-04-29 | 2004-11-04 | Eric Le Saint | Universal secure messaging for cryptographic modules |
US8209753B2 (en) * | 2001-06-15 | 2012-06-26 | Activcard, Inc. | Universal secure messaging for remote security tokens |
US20030018892A1 (en) * | 2001-07-19 | 2003-01-23 | Jose Tello | Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer |
CA2456446C (en) * | 2001-08-07 | 2010-03-30 | Tatara Systems, Inc. | Method and apparatus for integrating billing and authentication functions in local area and wide area wireless data networks |
US7779267B2 (en) * | 2001-09-04 | 2010-08-17 | Hewlett-Packard Development Company, L.P. | Method and apparatus for using a secret in a distributed computing system |
JP2003101570A (ja) * | 2001-09-21 | 2003-04-04 | Sony Corp | 通信処理システム、通信処理方法、およびサーバー装置、並びにコンピュータ・プログラム |
US7191464B2 (en) * | 2001-10-16 | 2007-03-13 | Lenovo Pte. Ltd. | Method and system for tracking a secure boot in a trusted computing environment |
GB2392590B (en) * | 2002-08-30 | 2005-02-23 | Toshiba Res Europ Ltd | Methods and apparatus for secure data communication links |
KR100479260B1 (ko) * | 2002-10-11 | 2005-03-31 | 한국전자통신연구원 | 무선 데이터의 암호 및 복호 방법과 그 장치 |
KR100480258B1 (ko) * | 2002-10-15 | 2005-04-07 | 삼성전자주식회사 | 무선 근거리 네트워크에서 고속 핸드오버를 위한 인증방법 |
US7694139B2 (en) * | 2002-10-24 | 2010-04-06 | Symantec Corporation | Securing executable content using a trusted computing platform |
US7475241B2 (en) * | 2002-11-22 | 2009-01-06 | Cisco Technology, Inc. | Methods and apparatus for dynamic session key generation and rekeying in mobile IP |
JP4067985B2 (ja) * | 2003-02-28 | 2008-03-26 | 松下電器産業株式会社 | アプリケーション認証システムと装置 |
US20040221174A1 (en) * | 2003-04-29 | 2004-11-04 | Eric Le Saint | Uniform modular framework for a host computer system |
GB2404537B (en) * | 2003-07-31 | 2007-03-14 | Hewlett Packard Development Co | Controlling access to data |
US7634807B2 (en) * | 2003-08-08 | 2009-12-15 | Nokia Corporation | System and method to establish and maintain conditional trust by stating signal of distrust |
US7275263B2 (en) * | 2003-08-11 | 2007-09-25 | Intel Corporation | Method and system and authenticating a user of a computer system that has a trusted platform module (TPM) |
US7132860B2 (en) * | 2004-03-18 | 2006-11-07 | Intersil Americas Inc. | Differential-mode current feedback amplifiers |
-
2003
- 2003-11-17 US US10/715,970 patent/US7636844B2/en not_active Expired - Fee Related
-
2004
- 2004-11-05 KR KR1020067009481A patent/KR100871182B1/ko not_active IP Right Cessation
- 2004-11-05 JP JP2006539653A patent/JP4461145B2/ja not_active Expired - Fee Related
- 2004-11-05 WO PCT/US2004/036832 patent/WO2005050423A1/en active Application Filing
- 2004-11-05 CN CNB2004800337024A patent/CN100480946C/zh not_active Expired - Fee Related
- 2004-11-10 TW TW093134306A patent/TWI308836B/zh not_active IP Right Cessation
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104778401A (zh) * | 2014-01-13 | 2015-07-15 | 恩智浦有限公司 | 数据处理设备和用于执行应用程序的方法 |
CN104778401B (zh) * | 2014-01-13 | 2019-03-12 | 恩智浦有限公司 | 数据处理设备和用于执行应用程序的方法 |
US10853520B2 (en) | 2014-01-13 | 2020-12-01 | Nxp B.V. | Data processing device, method for executing an application and computer program product |
Also Published As
Publication number | Publication date |
---|---|
JP4461145B2 (ja) | 2010-05-12 |
TW200531499A (en) | 2005-09-16 |
US20050108532A1 (en) | 2005-05-19 |
CN100480946C (zh) | 2009-04-22 |
TWI308836B (en) | 2009-04-11 |
WO2005050423A1 (en) | 2005-06-02 |
KR100871182B1 (ko) | 2008-12-01 |
KR20060090262A (ko) | 2006-08-10 |
US7636844B2 (en) | 2009-12-22 |
JP2007515704A (ja) | 2007-06-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100480946C (zh) | 用于在计算机系统内为sim设备提供受信通道的方法和装置 | |
CN1182678C (zh) | 安全引导 | |
CN100578473C (zh) | 嵌入式系统和增加嵌入式系统安全性的方法 | |
CN1155866C (zh) | 防止在计算机中未经批准地使用软件的方法和设备 | |
JP5114617B2 (ja) | 秘密鍵を保護する、セキュア端末、プログラム、および方法 | |
CN107330333B (zh) | 保证pos机固件安全的方法及装置 | |
US20060075259A1 (en) | Method and system to generate a session key for a trusted channel within a computer system | |
US20030126451A1 (en) | Data processing | |
CN105094082B (zh) | 用于执行在控制设备之间的通信的方法 | |
CN1679273A (zh) | 用于数字权利管理的集成电路 | |
EP1725923A1 (en) | Secure mode controlled memory | |
CN1820235A (zh) | 密钥存储管理 | |
CN103824032A (zh) | 在微控制器中用于数据安全性处理的方法和装置 | |
TW200947202A (en) | System and method for providing secure access to system memory | |
CN101874245A (zh) | 用于从处理器向外围设备授予安全工作模式访问特权的方法和设备 | |
CN105892348B (zh) | 用于运行控制设备的方法 | |
US20050015611A1 (en) | Trusted peripheral mechanism | |
WO2002001368A2 (en) | Embedded security device within a nonvolatile memory device | |
US20100077230A1 (en) | Protecting a programmable memory against unauthorized modification | |
WO2017163204A1 (en) | A memory management system and method | |
US20050044408A1 (en) | Low pin count docking architecture for a trusted platform | |
CN114237492A (zh) | 非易失性存储器保护方法及装置 | |
KR20050002607A (ko) | 모바일 플랫폼 트랜잭션을 위한 신뢰 입력 | |
CN117216813B (zh) | 用于读写数据的方法、装置和安全芯片 | |
CN1860424A (zh) | 对访问基于计算机的对象的授权 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
C17 | Cessation of patent right | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090422 Termination date: 20131105 |