DE102010054614A1 - Eindringen in eine gesicherte EDV-Umgebung unter Verwendung mehrerer authentifizierter Codemodule - Google Patents

Eindringen in eine gesicherte EDV-Umgebung unter Verwendung mehrerer authentifizierter Codemodule Download PDF

Info

Publication number
DE102010054614A1
DE102010054614A1 DE102010054614A DE102010054614A DE102010054614A1 DE 102010054614 A1 DE102010054614 A1 DE 102010054614A1 DE 102010054614 A DE102010054614 A DE 102010054614A DE 102010054614 A DE102010054614 A DE 102010054614A DE 102010054614 A1 DE102010054614 A1 DE 102010054614A1
Authority
DE
Germany
Prior art keywords
master
code module
authenticated
processor
individual
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
DE102010054614A
Other languages
German (de)
English (en)
Inventor
Sham M. Oreg. Datta
Ernie F. Oreg. Brickell
Mohan J. Oreg. Kumar
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Intel Corp
Original Assignee
Intel Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corp filed Critical Intel Corp
Publication of DE102010054614A1 publication Critical patent/DE102010054614A1/de
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
DE102010054614A 2009-12-31 2010-12-15 Eindringen in eine gesicherte EDV-Umgebung unter Verwendung mehrerer authentifizierter Codemodule Withdrawn DE102010054614A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/650,579 US9202015B2 (en) 2009-12-31 2009-12-31 Entering a secured computing environment using multiple authenticated code modules
US12/650,579 2009-12-31

Publications (1)

Publication Number Publication Date
DE102010054614A1 true DE102010054614A1 (de) 2011-07-07

Family

ID=44188915

Family Applications (1)

Application Number Title Priority Date Filing Date
DE102010054614A Withdrawn DE102010054614A1 (de) 2009-12-31 2010-12-15 Eindringen in eine gesicherte EDV-Umgebung unter Verwendung mehrerer authentifizierter Codemodule

Country Status (6)

Country Link
US (2) US9202015B2 (enExample)
JP (2) JP5373753B2 (enExample)
CN (1) CN102122327B (enExample)
BR (1) BRPI1005586A2 (enExample)
DE (1) DE102010054614A1 (enExample)
TW (1) TWI582632B (enExample)

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9202015B2 (en) * 2009-12-31 2015-12-01 Intel Corporation Entering a secured computing environment using multiple authenticated code modules
WO2012023050A2 (en) 2010-08-20 2012-02-23 Overtis Group Limited Secure cloud computing system and method
US9596082B2 (en) * 2011-12-15 2017-03-14 Intel Corporation Secure debug trace messages for production authenticated code modules
US9930066B2 (en) 2013-02-12 2018-03-27 Nicira, Inc. Infrastructure level LAN security
US20150082006A1 (en) * 2013-09-06 2015-03-19 Futurewei Technologies, Inc. System and Method for an Asynchronous Processor with Asynchronous Instruction Fetch, Decode, and Issue
CN105335672B (zh) * 2014-06-16 2020-12-04 华为技术有限公司 一种安全模式提示方法及装置
US9734313B2 (en) 2014-06-16 2017-08-15 Huawei Technologies Co., Ltd. Security mode prompt method and apparatus
US9792447B2 (en) 2014-06-30 2017-10-17 Nicira, Inc. Method and apparatus for differently encrypting different flows
US10181027B2 (en) 2014-10-17 2019-01-15 Intel Corporation Interface between a device and a secure processing environment
US10079880B2 (en) * 2015-06-07 2018-09-18 Apple Inc. Automatic identification of invalid participants in a secure synchronization system
US10798073B2 (en) 2016-08-26 2020-10-06 Nicira, Inc. Secure key management protocol for distributed network encryption
CN112041838B (zh) * 2018-04-30 2024-07-23 谷歌有限责任公司 安全区交互
US11921905B2 (en) 2018-04-30 2024-03-05 Google Llc Secure collaboration between processors and processing accelerators in enclaves
DE102018120347A1 (de) * 2018-08-21 2020-02-27 Pilz Gmbh & Co. Kg Automatisierungssystem zur Überwachung eines sicherheitskritischen Prozesses

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPS62126451A (ja) * 1985-11-27 1987-06-08 Mitsubishi Electric Corp 分散処理装置のイニシヤルプログラムロ−ド方式
JPS62128354A (ja) 1985-11-29 1987-06-10 Fuji Electric Co Ltd マルチプロセツサシステムの起動方式
US6948070B1 (en) 1995-02-13 2005-09-20 Intertrust Technologies Corporation Systems and methods for secure transaction management and electronic rights protection
JP2000215093A (ja) * 1999-01-27 2000-08-04 Fuji Photo Film Co Ltd 画像ファイル装置および方法
US7360076B2 (en) 2001-06-13 2008-04-15 Itt Manufacturing Enterprises, Inc. Security association data cache and structure
TW583568B (en) 2001-08-27 2004-04-11 Dataplay Inc A secure access method and system
US20030126454A1 (en) 2001-12-28 2003-07-03 Glew Andrew F. Authenticated code method and apparatus
US7627753B2 (en) 2002-03-19 2009-12-01 Microsoft Corporation Secure digital data format and code enforced policy
US7069442B2 (en) * 2002-03-29 2006-06-27 Intel Corporation System and method for execution of a secured environment initialization instruction
US7620811B2 (en) 2002-04-23 2009-11-17 Panasonic Corporation Server device and program management system
US20040117318A1 (en) * 2002-12-16 2004-06-17 Grawrock David W. Portable token controlling trusted environment launch
US7103779B2 (en) 2003-09-18 2006-09-05 Apple Computer, Inc. Method and apparatus for incremental code signing
US7698552B2 (en) * 2004-06-03 2010-04-13 Intel Corporation Launching a secure kernel in a multiprocessor system
JP4447977B2 (ja) * 2004-06-30 2010-04-07 富士通マイクロエレクトロニクス株式会社 セキュアプロセッサ、およびセキュアプロセッサ用プログラム。
WO2006082994A2 (en) 2005-02-07 2006-08-10 Sony Computer Entertainment Inc. Methods and apparatus for facilitating a secure session between a processor and an external device
US7752428B2 (en) * 2005-03-31 2010-07-06 Intel Corporation System and method for trusted early boot flow
US7831778B2 (en) 2006-03-30 2010-11-09 Silicon Image, Inc. Shared nonvolatile memory architecture
US8458726B2 (en) * 2007-12-03 2013-06-04 Intel Corporation Bios routine avoidance
FR2918830B1 (fr) 2007-07-13 2009-10-30 Viaccess Sa Verification de code mac sans revelation.
US20090204823A1 (en) * 2008-02-07 2009-08-13 Analog Devices, Inc. Method and apparatus for controlling system access during protected modes of operation
US9202015B2 (en) * 2009-12-31 2015-12-01 Intel Corporation Entering a secured computing environment using multiple authenticated code modules

Also Published As

Publication number Publication date
US20110161676A1 (en) 2011-06-30
US9208292B2 (en) 2015-12-08
US20130212673A1 (en) 2013-08-15
JP2011141870A (ja) 2011-07-21
JP5752767B2 (ja) 2015-07-22
JP5373753B2 (ja) 2013-12-18
US9202015B2 (en) 2015-12-01
CN102122327B (zh) 2016-05-25
TW201140367A (en) 2011-11-16
JP2013251016A (ja) 2013-12-12
BRPI1005586A2 (pt) 2012-02-28
TWI582632B (zh) 2017-05-11
CN102122327A (zh) 2011-07-13

Similar Documents

Publication Publication Date Title
DE102010054614A1 (de) Eindringen in eine gesicherte EDV-Umgebung unter Verwendung mehrerer authentifizierter Codemodule
DE202019005671U1 (de) Koexistenz von Vertrauensdomänenarchitektur mitMehrschlüssel-Gesamtspeicherverschlüsselungstechnologieauf Servern
DE112016004330B4 (de) Integrierte Schaltung, Verfahren in integrierter Schaltung, Computersystem, Vorrichtung und Erzeugnis zum Zulassen sicherer Kommunikationen zwischen Device Protected Container Module und Eingabe-/Ausgabegerät
DE102008021567B4 (de) Computersystem mit sicherem Hochlaufmechanismus auf der Grundlage einer Verschlüsselung mit symmetrischem Schlüssel
DE10394383B4 (de) Verfahren und Vorrichtung zum Laden eines vertrauenswürdigen Betriebssystems
DE102020126293A1 (de) Vorrichtungen, verfahren und systeme für anweisungen für kryptografisch an daten gebundene nutzungsbeschränkungen
DE102019110327A1 (de) Technologien zum verifizieren von speicherintegrität über mehrere speicherbereiche hinweg
DE102019109088A1 (de) Schutz von schlüsseln und sensitiven daten gegen angriffe in einer mikroprozessorarchitektur
DE102018115491A1 (de) System, vorrichtung und verfahren zur seitengranularen, softwaregesteuerten speicherverschlüsselung mit mehreren schlüsseln
DE202019005672U1 (de) System zum Verhindern eines unautorisierten Zugriffs auf verschlüsselten Speicher
DE102021109189B4 (de) Verifikationsprüfung durchführen als Antwort auf Änderung im Basisregister der Seitentabelle
DE112010004885T5 (de) Bereitstellen von Integritätsüberprüfung und -bestätigung in einer verborgenen Ausführungsumgebung
DE102018109397A1 (de) Techniken für sicherheitschip-speicher für vertrauenswürdige ausführungsumgebungen
DE102020119389A1 (de) Vorrichtung und Verfahren zum sicheren Verwalten von Schlüsseln
DE112007000363T5 (de) Verfahren zum Bereitstellen sicherer Firmware
DE102018115670A1 (de) Technologien für die Ausführung von nicht vertrauenswürdigem Code mit Prozessor-Sandbox-Unterstützung
DE102014003690A1 (de) Prozessoren, Verfahren und Systeme zur Befehlsemulation
DE102014003705A1 (de) Prozessoren, Verfahren und Systeme zur Befehlsemulation
DE112017005005T5 (de) Systeme, vorrichtungen, und verfahren zur plattformsicherheit
DE102019128261A1 (de) Datenfreigabesteuerung auf der Basis von Authentifizierung und Verbindungsstreckenschutz
DE102008006759A1 (de) Prozessor-Anordnungen, Prozessor, Verfahren zum Betreiben einer Prozessor-Anordnung
DE102022107196A1 (de) Sichere direkte Peer-to-Peer-Speicherzugriffsanforderung zwischen Geräten
DE112016001972T5 (de) Sicherer Zugriff in einem Mikrokontrollersystem
DE112019007230T5 (de) Multimodus-Geschützter-Speicher
DE102018005101A1 (de) Feld-Systemtest-Sicherheit

Legal Events

Date Code Title Description
R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: G06F0021220000

Ipc: G06F0021440000

R079 Amendment of ipc main class

Free format text: PREVIOUS MAIN CLASS: G06F0021220000

Ipc: G06F0021440000

Effective date: 20130315

R119 Application deemed withdrawn, or ip right lapsed, due to non-payment of renewal fee