JP6053786B2 - Arm(登録商標)トラストゾーン実施のためのファームウェア基盤トラステッドプラットフォームモジュール(tpm) - Google Patents

Arm(登録商標)トラストゾーン実施のためのファームウェア基盤トラステッドプラットフォームモジュール(tpm) Download PDF

Info

Publication number
JP6053786B2
JP6053786B2 JP2014522856A JP2014522856A JP6053786B2 JP 6053786 B2 JP6053786 B2 JP 6053786B2 JP 2014522856 A JP2014522856 A JP 2014522856A JP 2014522856 A JP2014522856 A JP 2014522856A JP 6053786 B2 JP6053786 B2 JP 6053786B2
Authority
JP
Japan
Prior art keywords
ftpm
module
tpm
computing device
monitor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2014522856A
Other languages
English (en)
Japanese (ja)
Other versions
JP2014525105A (ja
JP2014525105A5 (enExample
Inventor
トム,ステファン
コックス,ジェレマイア
リンズリー,デイヴィッド
ニストロム,マグヌス
ラージ,ヒマンシュ
ロビンソン,デイヴィッド
サロイウ,ステファン
スパイガー,ロブ
ウォルマン,アラステア
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Corp
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Microsoft Technology Licensing LLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp, Microsoft Technology Licensing LLC filed Critical Microsoft Corp
Publication of JP2014525105A publication Critical patent/JP2014525105A/ja
Publication of JP2014525105A5 publication Critical patent/JP2014525105A5/ja
Application granted granted Critical
Publication of JP6053786B2 publication Critical patent/JP6053786B2/ja
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/572Secure firmware programming, e.g. of basic input output system [BIOS]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Stored Programmes (AREA)
JP2014522856A 2011-07-29 2012-07-11 Arm(登録商標)トラストゾーン実施のためのファームウェア基盤トラステッドプラットフォームモジュール(tpm) Active JP6053786B2 (ja)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/193,945 US8375221B1 (en) 2011-07-29 2011-07-29 Firmware-based trusted platform module for arm processor architectures and trustzone security extensions
US13/193,945 2011-07-29
PCT/US2012/046243 WO2013019369A1 (en) 2011-07-29 2012-07-11 Firmware-based trusted platform module for arm® trustzone™ implementations

Publications (3)

Publication Number Publication Date
JP2014525105A JP2014525105A (ja) 2014-09-25
JP2014525105A5 JP2014525105A5 (enExample) 2015-08-06
JP6053786B2 true JP6053786B2 (ja) 2016-12-27

Family

ID=47598262

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2014522856A Active JP6053786B2 (ja) 2011-07-29 2012-07-11 Arm(登録商標)トラストゾーン実施のためのファームウェア基盤トラステッドプラットフォームモジュール(tpm)

Country Status (6)

Country Link
US (3) US8375221B1 (enExample)
EP (1) EP2737429A4 (enExample)
JP (1) JP6053786B2 (enExample)
KR (2) KR101974188B1 (enExample)
CN (1) CN103748594B (enExample)
WO (1) WO2013019369A1 (enExample)

Families Citing this family (196)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100324983A1 (en) * 2009-06-22 2010-12-23 Etchegoyen Craig S System and Method for Media Distribution
US8817984B2 (en) * 2011-02-03 2014-08-26 mSignia, Inc. Cryptographic security functions based on anticipated changes in dynamic minutiae
US11063920B2 (en) 2011-02-03 2021-07-13 mSignia, Inc. Cryptographic security functions based on anticipated changes in dynamic minutiae
AU2012100460B4 (en) 2012-01-04 2012-11-08 Uniloc Usa, Inc. Method and system implementing zone-restricted behavior of a computing device
KR101658070B1 (ko) * 2012-01-26 2016-09-22 엠파이어 테크놀로지 디벨롭먼트 엘엘씨 연속 월드 스위치 보안을 갖는 데이터 센터
AU2012100462B4 (en) 2012-02-06 2012-11-08 Uniloc Usa, Inc. Near field authentication through communication of enclosed content sound waves
KR101897605B1 (ko) * 2012-02-24 2018-09-12 삼성전자 주식회사 휴대 단말기의 무결성 보호 방법 및 장치
US9027102B2 (en) 2012-05-11 2015-05-05 Sprint Communications Company L.P. Web server bypass of backend process on near field communications and secure element chips
US9282898B2 (en) 2012-06-25 2016-03-15 Sprint Communications Company L.P. End-to-end trusted communications infrastructure
US9369867B2 (en) * 2012-06-29 2016-06-14 Intel Corporation Mobile platform software update with secure authentication
US8649770B1 (en) 2012-07-02 2014-02-11 Sprint Communications Company, L.P. Extended trusted security zone radio modem
US8667607B2 (en) 2012-07-24 2014-03-04 Sprint Communications Company L.P. Trusted security zone access to peripheral devices
US8954965B2 (en) * 2012-08-03 2015-02-10 Microsoft Corporation Trusted execution environment virtual machine cloning
US9183412B2 (en) 2012-08-10 2015-11-10 Sprint Communications Company L.P. Systems and methods for provisioning and using multiple trusted security zones on an electronic device
US9015068B1 (en) 2012-08-25 2015-04-21 Sprint Communications Company L.P. Framework for real-time brokering of digital content delivery
US9215180B1 (en) 2012-08-25 2015-12-15 Sprint Communications Company L.P. File retrieval in real-time brokering of digital content
US9161227B1 (en) 2013-02-07 2015-10-13 Sprint Communications Company L.P. Trusted signaling in long term evolution (LTE) 4G wireless communication
US9578664B1 (en) 2013-02-07 2017-02-21 Sprint Communications Company L.P. Trusted signaling in 3GPP interfaces in a network function virtualization wireless communication system
AU2013100355B4 (en) 2013-02-28 2013-10-31 Netauthority, Inc Device-specific content delivery
US9342688B2 (en) 2013-03-07 2016-05-17 Qualcomm Incorporated Apparatus and method for inheriting a non-secure thread context
US20140281447A1 (en) * 2013-03-12 2014-09-18 Green Hills Software, Inc. Single-Chip Virtualizing and Obfuscating Communications System for Portable Computing Devices
US9613208B1 (en) * 2013-03-13 2017-04-04 Sprint Communications Company L.P. Trusted security zone enhanced with trusted hardware drivers
US9191388B1 (en) 2013-03-15 2015-11-17 Sprint Communications Company L.P. Trusted security zone communication addressing on an electronic device
US9374363B1 (en) 2013-03-15 2016-06-21 Sprint Communications Company L.P. Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device
WO2014139162A1 (en) * 2013-03-15 2014-09-18 Intel Corporation Security co-processor boot performance
US9384351B2 (en) * 2013-03-15 2016-07-05 Intel Corporation Method and apparatus for implementing a secure boot using multiple firmware sources
US9201662B2 (en) * 2013-03-29 2015-12-01 Dell Products, Lp System and method for pre-operating system memory map management to minimize operating system failures
US9171243B1 (en) 2013-04-04 2015-10-27 Sprint Communications Company L.P. System for managing a digest of biographical information stored in a radio frequency identity chip coupled to a mobile communication device
US9324016B1 (en) 2013-04-04 2016-04-26 Sprint Communications Company L.P. Digest of biographical information for an electronic device with static and dynamic portions
US9454723B1 (en) 2013-04-04 2016-09-27 Sprint Communications Company L.P. Radio frequency identity (RFID) chip electrically and communicatively coupled to motherboard of mobile communication device
US9838869B1 (en) 2013-04-10 2017-12-05 Sprint Communications Company L.P. Delivering digital content to a mobile device via a digital rights clearing house
US9443088B1 (en) 2013-04-15 2016-09-13 Sprint Communications Company L.P. Protection for multimedia files pre-downloaded to a mobile device
US9208105B2 (en) * 2013-05-30 2015-12-08 Dell Products, Lp System and method for intercept of UEFI block I/O protocol services for BIOS based hard drive encryption support
US9560519B1 (en) 2013-06-06 2017-01-31 Sprint Communications Company L.P. Mobile communication device profound identity brokering framework
US10025674B2 (en) 2013-06-07 2018-07-17 Microsoft Technology Licensing, Llc Framework for running untrusted code
US9100192B2 (en) * 2013-06-07 2015-08-04 Qualcomm Incorporated Apparatus and method for provisioning an endorsement key certificate for a firmware trusted platform module
US9927995B2 (en) * 2013-06-19 2018-03-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and an integrated circuit for executing a trusted application within a trusted runtime environment
US9183606B1 (en) 2013-07-10 2015-11-10 Sprint Communications Company L.P. Trusted processing location within a graphics processing unit
US9208339B1 (en) 2013-08-12 2015-12-08 Sprint Communications Company L.P. Verifying Applications in Virtual Environments Using a Trusted Security Zone
US9167002B2 (en) 2013-08-15 2015-10-20 Microsoft Technology Licensing, Llc Global platform health management
US9633210B2 (en) 2013-09-13 2017-04-25 Microsoft Technology Licensing, Llc Keying infrastructure
US10192054B2 (en) * 2013-09-13 2019-01-29 Intel Corporation Automatic pairing of IO devices with hardware secure elements
US9852299B2 (en) 2013-09-27 2017-12-26 Intel Corporation Protection scheme for remotely-stored data
CN103530578B (zh) * 2013-10-18 2016-01-27 武汉大学 一种android系统的软构可信平台模块STPM的构建方法
WO2015060858A1 (en) * 2013-10-24 2015-04-30 Intel Corporation Methods and apparatus for protecting software from unauthorized copying
US9185626B1 (en) 2013-10-29 2015-11-10 Sprint Communications Company L.P. Secure peer-to-peer call forking facilitated by trusted 3rd party voice server provisioning
US9191522B1 (en) 2013-11-08 2015-11-17 Sprint Communications Company L.P. Billing varied service based on tier
US9405912B2 (en) 2013-11-14 2016-08-02 Microsoft Technology Licensing, Llc Hardware rooted attestation
EP3075099B1 (en) * 2013-11-25 2019-05-01 McAfee, LLC Secure proxy to protect private data
FR3015663B1 (fr) * 2013-12-20 2020-01-24 Ixblue Systeme d'aide a la navigation et procede mis en œuvre dans un tel systeme
US9448950B2 (en) * 2013-12-24 2016-09-20 Intel Corporation Using authenticated manifests to enable external certification of multi-processor platforms
CN103714459A (zh) * 2013-12-26 2014-04-09 电子科技大学 一种智能终端安全支付系统及方法
US9292686B2 (en) 2014-01-16 2016-03-22 Fireeye, Inc. Micro-virtualization architecture for threat-aware microvisor deployment in a node of a network environment
US8756417B1 (en) * 2014-02-04 2014-06-17 Sypris Electronics, Llc Multi-level assurance trusted computing platform
US10389709B2 (en) 2014-02-24 2019-08-20 Amazon Technologies, Inc. Securing client-specified credentials at cryptographically attested resources
US9792448B2 (en) 2014-02-28 2017-10-17 Advanced Micro Devices, Inc. Cryptographic protection of information in a processing system
US9686077B2 (en) 2014-03-06 2017-06-20 Microsoft Technology Licensing, Llc Secure hardware for cross-device trusted applications
US9226145B1 (en) 2014-03-28 2015-12-29 Sprint Communications Company L.P. Verification of mobile device integrity during activation
CN103955263B (zh) * 2014-05-16 2017-07-28 华为技术有限公司 Arm的电源管理方法及处理器
CN104063788B (zh) * 2014-07-16 2017-02-22 武汉大学 一种移动平台可信支付系统及方法
US9230085B1 (en) 2014-07-29 2016-01-05 Sprint Communications Company L.P. Network based temporary trust extension to a remote or mobile device enabled via specialized cloud services
WO2016024967A1 (en) * 2014-08-13 2016-02-18 Hewlett Packard Enterprise Development Lp Secure non-volatile random access memory
FR3024915B1 (fr) * 2014-08-18 2016-09-09 Proton World Int Nv Dispositif et procede pour assurer des services de module de plateforme securisee
US10097513B2 (en) 2014-09-14 2018-10-09 Microsoft Technology Licensing, Llc Trusted execution environment extensible computing device interface
KR102297383B1 (ko) 2014-09-25 2021-09-03 삼성전자주식회사 보안 데이터 처리
CN104268477B (zh) * 2014-09-26 2017-09-26 华为技术有限公司 一种安全控制方法及网络设备
US10657262B1 (en) * 2014-09-28 2020-05-19 Red Balloon Security, Inc. Method and apparatus for securing embedded device firmware
US9628279B2 (en) 2014-09-30 2017-04-18 Microsoft Technology Licensing, Llc Protecting application secrets from operating system attacks
US9584317B2 (en) 2014-10-13 2017-02-28 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
US10229272B2 (en) 2014-10-13 2019-03-12 Microsoft Technology Licensing, Llc Identifying security boundaries on computing devices
CN104408371B (zh) * 2014-10-14 2017-12-19 中国科学院信息工程研究所 一种基于可信执行环境高安全应用系统的实现方法
US10303879B1 (en) 2014-11-06 2019-05-28 Amazon Technologies, Inc. Multi-tenant trusted platform modules
US9762388B2 (en) * 2014-11-19 2017-09-12 Honeywell International Inc. Symmetric secret key protection
CN104378381A (zh) * 2014-11-27 2015-02-25 上海斐讯数据通信技术有限公司 智能终端企业邮件安全办公方法及系统
US9742762B2 (en) 2014-12-01 2017-08-22 Microsoft Technology Licensing, Llc Utilizing a trusted platform module (TPM) of a host device
US9525672B2 (en) 2014-12-19 2016-12-20 Amazon Technologies, Inc. Multi-faceted compute instance identity
US9537883B2 (en) * 2014-12-22 2017-01-03 International Business Machines Corporation Process security validation
US9934376B1 (en) 2014-12-29 2018-04-03 Fireeye, Inc. Malware detection appliance architecture
US9760727B2 (en) 2014-12-31 2017-09-12 Google Inc. Secure host interactions
US9537833B2 (en) 2014-12-31 2017-01-03 Google Inc. Secure host communications
US9547773B2 (en) * 2014-12-31 2017-01-17 Google Inc. Secure event log management
US9779232B1 (en) 2015-01-14 2017-10-03 Sprint Communications Company L.P. Trusted code generation and verification to prevent fraud from maleficent external devices that capture data
US10068092B2 (en) * 2015-01-21 2018-09-04 Microsoft Technology Licensing, Llc Upgrading a secure boot policy on a virtual machine
US9838868B1 (en) 2015-01-26 2017-12-05 Sprint Communications Company L.P. Mated universal serial bus (USB) wireless dongles configured with destination addresses
EP3241149B1 (en) * 2015-02-11 2018-12-12 Siemens Aktiengesellschaft Method to isolate real-time or safety-critical software and operating system from non-critical software and operating system
US10193700B2 (en) 2015-02-27 2019-01-29 Samsung Electronics Co., Ltd. Trust-zone-based end-to-end security
KR102291719B1 (ko) 2015-03-18 2021-08-23 삼성전자주식회사 애플리케이션 보호 방법 및 장치
US10430589B2 (en) * 2015-03-19 2019-10-01 Intel Corporation Dynamic firmware module loader in a trusted execution environment container
EP3070607B1 (en) * 2015-03-20 2020-12-09 Virtual Open Systems Compute node supporting virtual machines and services
US10496974B2 (en) * 2015-03-25 2019-12-03 Intel Corporation Secure transactions with connected peripherals
US9912681B1 (en) 2015-03-31 2018-03-06 Fireeye, Inc. Injection of content processing delay in an endpoint
US10474813B1 (en) 2015-03-31 2019-11-12 Fireeye, Inc. Code injection technique for remediation at an endpoint of a network
US10019576B1 (en) 2015-04-06 2018-07-10 Intelligent Automation, Inc. Security control system for protection of multi-core processors
US9473945B1 (en) 2015-04-07 2016-10-18 Sprint Communications Company L.P. Infrastructure for secure short message transmission
US10063375B2 (en) * 2015-04-20 2018-08-28 Microsoft Technology Licensing, Llc Isolation of trusted input/output devices
US10657274B2 (en) 2015-06-29 2020-05-19 Samsng Electronics Co., Ltd. Semiconductor device including memory protector
US10454950B1 (en) 2015-06-30 2019-10-22 Fireeye, Inc. Centralized aggregation technique for detecting lateral movement of stealthy cyber-attacks
CN104992122A (zh) * 2015-07-20 2015-10-21 武汉大学 一种基于ARM TrustZone的手机私密信息保险箱
CN105138930A (zh) * 2015-08-12 2015-12-09 山东超越数控电子有限公司 一种基于TrustZone的加密系统及方法
US10699274B2 (en) 2015-08-24 2020-06-30 Samsung Electronics Co., Ltd. Apparatus and method for secure electronic payment
US10846696B2 (en) * 2015-08-24 2020-11-24 Samsung Electronics Co., Ltd. Apparatus and method for trusted execution environment based secure payment transactions
US10057260B2 (en) 2015-08-27 2018-08-21 International Business Machines Corporation Electronic device identification
WO2017040974A1 (en) 2015-09-03 2017-03-09 Rhombus Systems Group, Inc. System for employing cellular telephone networks to operate, control and communicate with unmannded aerial vehicles and remote piloted vehicles
US9819679B1 (en) 2015-09-14 2017-11-14 Sprint Communications Company L.P. Hardware assisted provenance proof of named data networking associated to device data, addresses, services, and servers
US10320786B2 (en) 2015-09-14 2019-06-11 Samsung Electronics Co., Ltd. Electronic apparatus and method for controlling the same
CN105205401B (zh) * 2015-09-30 2017-10-24 中国人民解放军信息工程大学 基于安全密码芯片的可信计算机系统及其可信引导方法
CN105447406B (zh) * 2015-11-10 2018-10-19 华为技术有限公司 一种用于访问存储空间的方法与装置
US10282719B1 (en) 2015-11-12 2019-05-07 Sprint Communications Company L.P. Secure and trusted device-based billing and charging process using privilege for network proxy authentication and audit
US9817992B1 (en) 2015-11-20 2017-11-14 Sprint Communications Company Lp. System and method for secure USIM wireless network access
US10447728B1 (en) 2015-12-10 2019-10-15 Fireeye, Inc. Technique for protecting guest processes using a layered virtualization architecture
US10846117B1 (en) 2015-12-10 2020-11-24 Fireeye, Inc. Technique for establishing secure communication between host and guest processes of a virtualization architecture
US10108446B1 (en) 2015-12-11 2018-10-23 Fireeye, Inc. Late load technique for deploying a virtualization layer underneath a running operating system
CN107111511B (zh) * 2016-03-25 2021-09-14 达闼机器人有限公司 访问控制的方法、装置和系统
US20170277898A1 (en) * 2016-03-25 2017-09-28 Advanced Micro Devices, Inc. Key management for secure memory address spaces
SG10201602449PA (en) * 2016-03-29 2017-10-30 Huawei Int Pte Ltd System and method for verifying integrity of an electronic device
CN109416537B (zh) 2016-04-18 2023-02-28 荣布斯系统集团公司 使用两个频带与无人驾驶飞行器通信的系统
CN107346395B (zh) * 2016-05-05 2020-04-28 华为技术有限公司 一种可信平台模块tpm部署方法、装置及系统
US10673878B2 (en) 2016-05-19 2020-06-02 International Business Machines Corporation Computer security apparatus
US10541816B2 (en) 2016-06-01 2020-01-21 International Business Machines Corporation Controlling execution of software by combining secure boot and trusted boot features
EP3255544B1 (en) 2016-06-08 2019-07-31 Virtual Open Systems Interrupt controller
EP3264711B1 (en) 2016-06-28 2018-09-19 Virtual Open Systems Virtual switch for multi-compartment mixed critical network communications
DE102016008902A1 (de) * 2016-07-22 2018-01-25 Giesecke+Devrient Mobile Security Gmbh Chipset mit gesicherter Firmware
CN106127054B (zh) * 2016-08-22 2019-01-29 中国科学院信息工程研究所 一种面向智能设备控制指令的系统级安全防护方法
US20180060077A1 (en) * 2016-08-26 2018-03-01 Qualcomm Incorporated Trusted platform module support on reduced instruction set computing architectures
US10191861B1 (en) 2016-09-06 2019-01-29 Fireeye, Inc. Technique for implementing memory views using a layered virtualization architecture
CN106445702A (zh) * 2016-09-21 2017-02-22 乐视控股(北京)有限公司 多系统通信方法及终端
CN106506166B (zh) * 2016-10-26 2020-02-11 泰山医学院 云计算环境下终端可信平台系统
CN106452753B (zh) * 2016-10-26 2020-02-11 泰山医学院 云计算环境下终端可信平台构建方法
CN106603487B (zh) * 2016-11-04 2020-05-19 中软信息系统工程有限公司 一种基于cpu时空隔离机制对tls协议处理进行安全改进的方法
US10628611B2 (en) 2016-11-04 2020-04-21 Qualcomm Incorporated Exclusive execution environment within a system-on-a-chip computing system
US10482034B2 (en) * 2016-11-29 2019-11-19 Microsoft Technology Licensing, Llc Remote attestation model for secure memory applications
US10416991B2 (en) * 2016-12-14 2019-09-17 Microsoft Technology Licensing, Llc Secure IoT device update
US10715526B2 (en) 2016-12-14 2020-07-14 Microsoft Technology Licensing, Llc Multiple cores with hierarchy of trust
US10402273B2 (en) 2016-12-14 2019-09-03 Microsoft Technology Licensing, Llc IoT device update failure recovery
KR102668238B1 (ko) 2016-12-15 2024-05-23 삼성전자주식회사 전자 장치 및 그 동작 방법
EP3340147A1 (en) 2016-12-22 2018-06-27 Mastercard International Incorporated Method for providing key identifier in transaction data
CN106815494B (zh) * 2016-12-28 2020-02-07 中软信息系统工程有限公司 一种基于cpu时空隔离机制实现应用程序安全认证的方法
CN108287999A (zh) * 2017-01-10 2018-07-17 厦门雅迅网络股份有限公司 一种基于TrustZone的系统可信启动方法
US10108800B1 (en) 2017-01-10 2018-10-23 Gbs Laboratories, Llc ARM processor-based hardware enforcement of providing separate operating system environments for mobile devices with capability to employ different switching methods
RU2641226C1 (ru) * 2017-02-13 2018-01-16 Самсунг Электроникс Ко., Лтд. Способ функционирования secureos на многопроцессорных системах в мобильных устройствах
US10740496B2 (en) 2017-02-13 2020-08-11 Samsung Electronics Co., Ltd. Method and apparatus for operating multi-processor system in electronic device
IL270042B2 (en) 2017-04-24 2024-03-01 Theia Group Incorporated System for recording and real-time transmission of in-flight of aircraft cockpit to ground services
CN106973067A (zh) * 2017-05-10 2017-07-21 成都麟成科技有限公司 一种平台环境完整性检测方法和装置
CN107169375B (zh) * 2017-05-16 2020-07-28 北京梦天门科技股份有限公司 系统数据安全增强方法
CN108959916B (zh) * 2017-05-22 2022-01-14 华为技术有限公司 用于访问安全世界的方法、装置和系统
CN107168747B (zh) * 2017-05-27 2020-12-29 努比亚技术有限公司 移动终端配置的区分方法、装置及计算机可读存储介质
US10499249B1 (en) 2017-07-11 2019-12-03 Sprint Communications Company L.P. Data link layer trust signaling in communication network
CN111052170A (zh) * 2017-08-30 2020-04-21 华为技术有限公司 用于进行电子交易的电子设备和方法
CN107679393B (zh) * 2017-09-12 2020-12-04 中国科学院软件研究所 基于可信执行环境的Android完整性验证方法和装置
EP3688948B1 (en) * 2017-09-25 2025-04-30 Telefonaktiebolaget LM Ericsson (PUBL) PROVISION OF SUPPORTING DOCUMENTS FROM SELLERS
CN109714185B (zh) 2017-10-26 2022-03-04 阿里巴巴集团控股有限公司 可信服务器的策略部署方法、装置、系统及计算系统
CN107844362B (zh) * 2017-11-14 2021-10-15 浪潮(北京)电子信息产业有限公司 虚拟化tpm设备的系统、方法、虚拟机及可读存储介质
CN107861795B (zh) * 2017-11-20 2022-04-26 浪潮(北京)电子信息产业有限公司 模拟物理tcm芯片的方法、系统、装置及可读存储介质
KR102434444B1 (ko) 2017-11-29 2022-08-19 한국전자통신연구원 가상 트러스트 컴퓨팅 베이스를 이용한 기기 보안성 검증 방법 및 장치
US11269992B2 (en) * 2018-03-22 2022-03-08 Trulyprotect Oy Systems and methods for hypervisor-based protection of code
GB201806465D0 (en) 2018-04-20 2018-06-06 Nordic Semiconductor Asa Memory-access controll
EP3811264A4 (en) * 2018-06-24 2022-03-02 Hex Five Security, Inc. CONFIGURATION, ENFORCEMENT AND MONITORING THE SEPARATION OF TRUSTED EXECUTION ENVIRONMENTS
GB201810653D0 (en) 2018-06-28 2018-08-15 Nordic Semiconductor Asa Secure peripheral interconnect
GB201810662D0 (en) 2018-06-28 2018-08-15 Nordic Semiconductor Asa Peripheral Access On A Secure-Aware Bus System
GB201810659D0 (en) 2018-06-28 2018-08-15 Nordic Semiconductor Asa Secure-Aware Bus System
US10853498B2 (en) * 2018-09-19 2020-12-01 Dell Products L.P. Secure boot orchestration device in a virtual desktop infrastructure
CN109684126B (zh) * 2018-12-25 2022-05-03 贵州华芯通半导体技术有限公司 用于arm设备的内存校验方法和执行内存校验的arm设备
US11232209B2 (en) * 2019-01-18 2022-01-25 International Business Machines Corporation Trojan detection in cryptographic hardware adapters
CN111814205B (zh) * 2019-04-12 2023-11-14 阿里巴巴集团控股有限公司 计算处理方法、系统、设备、存储器、处理器及计算机设备
US11645425B2 (en) 2019-07-03 2023-05-09 Beyond Semiconductor, d.o.o. Systems and methods for data-driven secure and safe computing
CN110414235B (zh) * 2019-07-08 2021-05-14 北京可信华泰信息技术有限公司 一种基于ARM TrustZone的主动免疫的双体系结构系统
TWI759827B (zh) 2019-08-16 2022-04-01 邊信聯科技股份有限公司 異構處理器透過開放式連接器進行具有遠距認證及資訊獨立的可信運算系統及方法
CN110730159B (zh) * 2019-09-03 2022-01-25 东南大学 一种基于TrustZone的安全和可信混合系统启动方法
CN110677388B (zh) * 2019-09-03 2023-04-18 东南大学 一种基于TrustZone的物联网终端进程完整性度量方法
US11611549B2 (en) * 2019-10-03 2023-03-21 Fset Inc System and method of securing access to a secure remote server and database on a mobile device
CN110737902B (zh) * 2019-10-10 2022-02-11 北京智芯微电子科技有限公司 嵌入式终端及其可信安全模块的固件设计方法
CN111338997B (zh) * 2020-03-05 2021-07-20 苏州浪潮智能科技有限公司 一种arm服务器bios支持tcm通信的方法、装置、设备和介质
CN113468535B (zh) * 2020-03-31 2024-06-25 华为技术有限公司 可信度量方法及相关装置
CN111898115A (zh) * 2020-07-16 2020-11-06 四川爱联科技股份有限公司 防止模组固件的参数被篡改的方法及装置
US11853793B2 (en) 2020-10-09 2023-12-26 Samsung Electronics Co., Ltd. Methods and system for on-device AI model parameter run-time protection
KR102820957B1 (ko) 2020-10-20 2025-06-16 삼성전자주식회사 전자 장치 및 그 제어 방법
US12106133B2 (en) * 2020-11-11 2024-10-01 Intel Corporation Method and apparatus for trusted devices using Trust Domain Extensions
CN112988508B (zh) * 2021-03-04 2022-03-18 浙江中控研究院有限公司 一种基于内存隔离的可信plc嵌入式系统
US12197608B2 (en) 2021-05-10 2025-01-14 Beyond Semiconductor, d.o.o. Inter system policy federation in a data-driven secure and safe computing environment
CN113343234B (zh) * 2021-06-10 2023-01-20 支付宝(杭州)信息技术有限公司 对代码安全性进行可信检查的方法及装置
CN115509677A (zh) * 2021-06-23 2022-12-23 华为技术有限公司 一种虚拟机与安全隔离区间的通信方法及相关装置
CN113553231B (zh) * 2021-07-01 2023-08-22 江苏电力信息技术有限公司 一种基于安全芯片的嵌入式操作系统运行环境监控方法
US12105804B2 (en) 2021-07-17 2024-10-01 International Business Machines Corporation Securely executing software based on cryptographically verified instructions
US11615190B2 (en) * 2021-07-20 2023-03-28 Dell Products L.P. Secure boot policy for platform security using neutral processors in an information handling system
US12101410B2 (en) * 2021-08-12 2024-09-24 Microsoft Technology Licensing, Llc Hardware virtualized TPM into virtual machines
CN113703924B (zh) * 2021-09-22 2024-07-26 上海交通大学 基于可信执行环境的安全虚拟机系统设计方法及系统
CN114003919A (zh) * 2021-11-08 2022-02-01 支付宝(杭州)信息技术有限公司 计算设备及其安全管理方法、支持隐私计算的系统
CN114721693B (zh) * 2022-03-22 2025-07-18 飞腾信息技术有限公司 一种微处理器、bios固件更新方法、计算机设备及存储介质
US12323990B2 (en) 2022-03-29 2025-06-03 T-Mobile Innovations Llc Memory access for a user application in a wireless communication device
CN114625484B (zh) * 2022-03-31 2024-06-21 苏州浪潮智能科技有限公司 虚拟化实现方法、装置、电子设备、介质及arm平台
CN114491565B (zh) * 2022-03-31 2022-07-05 飞腾信息技术有限公司 固件安全启动方法、装置、计算设备和可读存储介质
CN114996338B (zh) * 2022-06-01 2025-08-22 阿里云计算有限公司 远程证明报告的处理方法、数据库服务端和数据库客户端
CN118535410A (zh) * 2023-02-21 2024-08-23 中兴通讯股份有限公司 主机操作系统的监测方法、电子设备
CN116702129B (zh) * 2023-06-08 2024-07-05 合芯科技有限公司 一种power架构运行服务代码的安全调用方法及装置
CN120020779A (zh) * 2023-11-17 2025-05-20 华为技术有限公司 计算设备、安全服务调用方法、启动fTPM的方法及相关设备
US20250251942A1 (en) * 2024-02-01 2025-08-07 Dell Products L.P. Processor Environment Agnostic Information Handling System Firmware Unified Runtime Trusted Communication Operation

Family Cites Families (54)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2378013A (en) * 2001-07-27 2003-01-29 Hewlett Packard Co Trusted computer platform audit system
US7974416B2 (en) * 2002-11-27 2011-07-05 Intel Corporation Providing a secure execution mode in a pre-boot environment
US7380136B2 (en) * 2003-06-25 2008-05-27 Intel Corp. Methods and apparatus for secure collection and display of user interface information in a pre-boot environment
US7222062B2 (en) * 2003-12-23 2007-05-22 Intel Corporation Method and system to support a trusted set of operational environments using emulated trusted hardware
US7318150B2 (en) * 2004-02-25 2008-01-08 Intel Corporation System and method to support platform firmware as a trusted process
US7552419B2 (en) * 2004-03-18 2009-06-23 Intel Corporation Sharing trusted hardware across multiple operational environments
US7653727B2 (en) * 2004-03-24 2010-01-26 Intel Corporation Cooperative embedded agents
US7490070B2 (en) * 2004-06-10 2009-02-10 Intel Corporation Apparatus and method for proving the denial of a direct proof signature
US7590867B2 (en) * 2004-06-24 2009-09-15 Intel Corporation Method and apparatus for providing secure virtualization of a trusted platform module
US20060010326A1 (en) * 2004-07-08 2006-01-12 International Business Machines Corporation Method for extending the CRTM in a trusted platform
US7360253B2 (en) 2004-12-23 2008-04-15 Microsoft Corporation System and method to lock TPM always ‘on’ using a monitor
US7506380B2 (en) 2005-01-14 2009-03-17 Microsoft Corporation Systems and methods for boot recovery in a secure boot process on a computer with a hardware security module
US7565553B2 (en) 2005-01-14 2009-07-21 Microsoft Corporation Systems and methods for controlling access to data on a computer with a secure boot process
US8028172B2 (en) 2005-01-14 2011-09-27 Microsoft Corporation Systems and methods for updating a secure boot process on a computer with a hardware security module
US7836299B2 (en) 2005-03-15 2010-11-16 Microsoft Corporation Virtualization of software configuration registers of the TPM cryptographic processor
US8619971B2 (en) 2005-04-01 2013-12-31 Microsoft Corporation Local secure service partitions for operating system security
US7603707B2 (en) * 2005-06-30 2009-10-13 Intel Corporation Tamper-aware virtual TPM
US7908483B2 (en) 2005-06-30 2011-03-15 Intel Corporation Method and apparatus for binding TPM keys to execution entities
US7900059B2 (en) * 2005-12-13 2011-03-01 International Business Machines Corporation Sealing of data for applications
US8296561B2 (en) * 2006-07-03 2012-10-23 Panasonic Corporation Certifying device, verifying device, verifying system, computer program and integrated circuit
US8200952B2 (en) 2006-10-25 2012-06-12 Microsoft Corporation Platform authentication via a transparent second factor
US8082551B2 (en) * 2006-10-30 2011-12-20 Hewlett-Packard Development Company, L.P. System and method for sharing a trusted platform module
US8620818B2 (en) 2007-06-25 2013-12-31 Microsoft Corporation Activation system architecture
US7836309B2 (en) 2007-07-20 2010-11-16 Microsoft Corporation Generic extensible pre-operating system cryptographic infrastructure
US7934096B2 (en) 2007-07-27 2011-04-26 Microsoft Corporation Integrity protected smart card transaction
US8032741B2 (en) 2007-08-22 2011-10-04 Intel Corporation Method and apparatus for virtualization of a multi-context hardware trusted platform module (TPM)
US8249257B2 (en) * 2007-09-28 2012-08-21 Intel Corporation Virtual TPM keys rooted in a hardware TPM
US8156298B1 (en) * 2007-10-24 2012-04-10 Adam Stubblefield Virtualization-based security apparatuses, methods, and systems
US7921286B2 (en) 2007-11-14 2011-04-05 Microsoft Corporation Computer initialization for secure kernel
US20090172639A1 (en) * 2007-12-27 2009-07-02 Mahesh Natu Firmware integrity verification
CN101271498A (zh) * 2008-03-25 2008-09-24 浙江大学 在linux操作系统通过威胁链表和安全链表实现可信计算的方法
US8321931B2 (en) * 2008-03-31 2012-11-27 Intel Corporation Method and apparatus for sequential hypervisor invocation
US20090327741A1 (en) * 2008-06-30 2009-12-31 Zimmer Vincent J System and method to secure boot uefi firmware and uefi-aware operating systems on a mobile internet device (mid)
US8572692B2 (en) * 2008-06-30 2013-10-29 Intel Corporation Method and system for a platform-based trust verifying service for multi-party verification
US8122514B2 (en) 2008-07-30 2012-02-21 Microsoft Corporation Software enhanced trusted platform module
US8161285B2 (en) 2008-09-26 2012-04-17 Microsoft Corporation Protocol-Independent remote attestation and sealing
US8127146B2 (en) 2008-09-30 2012-02-28 Microsoft Corporation Transparent trust validation of an unknown platform
US8411863B2 (en) 2008-10-03 2013-04-02 Microsoft Corporation Full volume encryption in a clustered environment
US8341430B2 (en) 2008-10-03 2012-12-25 Microsoft Corporation External encryption and recovery management with hardware encrypted storage devices
US9230109B2 (en) 2008-10-07 2016-01-05 Microsoft Technology Licensing, Llc Trusted platform module security
CN101576944B (zh) * 2008-11-20 2011-09-07 武汉大学 基于可信平台模块的计算机安全启动系统和方法
US8250379B2 (en) 2009-10-13 2012-08-21 Microsoft Corporation Secure storage of temporary secrets
US8296841B2 (en) 2009-10-27 2012-10-23 Microsoft Corporation Trusted platform module supported one time passwords
US8700893B2 (en) 2009-10-28 2014-04-15 Microsoft Corporation Key certification in one round trip
US8418259B2 (en) 2010-01-05 2013-04-09 Microsoft Corporation TPM-based license activation and validation
US8375437B2 (en) 2010-03-30 2013-02-12 Microsoft Corporation Hardware supported virtualized cryptographic service
US8639923B2 (en) * 2010-05-28 2014-01-28 Dell Products, Lp System and method for component authentication of a secure client hosted virtualization in an information handling system
US8938774B2 (en) * 2010-05-28 2015-01-20 Dell Products, Lp System and method for I/O port assignment and security policy application in a client hosted virtualization system
CN101901318B (zh) * 2010-07-23 2011-11-30 北京工业大学 一种可信硬件设备及其使用方法
US8819437B2 (en) 2010-09-30 2014-08-26 Microsoft Corporation Cryptographic device that binds an additional authentication factor to multiple identities
US8627464B2 (en) 2010-11-02 2014-01-07 Microsoft Corporation Globally valid measured operating system launch with hibernation support
US8683579B2 (en) 2010-12-14 2014-03-25 Microsoft Corporation Software activation using digital licenses
US8972746B2 (en) * 2010-12-17 2015-03-03 Intel Corporation Technique for supporting multiple secure enclaves
US10496824B2 (en) * 2011-06-24 2019-12-03 Microsoft Licensing Technology, LLC Trusted language runtime on a mobile platform

Also Published As

Publication number Publication date
US20160048678A1 (en) 2016-02-18
US8375221B1 (en) 2013-02-12
KR102102090B1 (ko) 2020-04-20
EP2737429A4 (en) 2014-11-05
CN103748594A (zh) 2014-04-23
US20130031374A1 (en) 2013-01-31
JP2014525105A (ja) 2014-09-25
CN103748594B (zh) 2016-06-22
KR20140054003A (ko) 2014-05-08
KR101974188B1 (ko) 2019-04-30
US20130159729A1 (en) 2013-06-20
EP2737429A1 (en) 2014-06-04
US9489512B2 (en) 2016-11-08
WO2013019369A1 (en) 2013-02-07
US9189653B2 (en) 2015-11-17
KR20190047115A (ko) 2019-05-07

Similar Documents

Publication Publication Date Title
JP6053786B2 (ja) Arm(登録商標)トラストゾーン実施のためのファームウェア基盤トラステッドプラットフォームモジュール(tpm)
CN109918919B (zh) 认证变量的管理
US9542114B2 (en) Methods and apparatus to protect memory regions during low-power states
US8151262B2 (en) System and method for reporting the trusted state of a virtual machine
US10635821B2 (en) Method and apparatus for launching a device
US10826904B2 (en) Local verification of code authentication
CN114035842B (zh) 固件配置方法、计算系统配置方法、计算装置以及设备
US8843742B2 (en) Hypervisor security using SMM
CN112149190A (zh) 用于非易失性存储器模块的热启动攻击缓解
Ushakov et al. Trusted hart for mobile RISC-V security
Schwarz et al. Affordable Separation on Embedded Platforms: Soft Reboot Enabled Virtualization on a Dual Mode System
Shepherd Techniques for Establishing Trust in Modern Constrained Sensing Platforms with Trusted Execution Environments
EP4273722B1 (en) Terminal chip and measurement method therefor
Francis et al. TPM: A More Trustworthy Solution to Computer Security
Molina et al. A mobile trusted platform module (mtpm) architecture
Ruan Intel’s Embedded Solutions: from Management to Security
CN117390630A (zh) 安全启动方法、安全架构系统及计算设备
Günes et al. Verified boot in embedded systems with hard boot time constraints
Cheng et al. Seal-based secure boot scheme for trusted computing platform
Schramm Investigation and development of a hypervisor-based security architecture utilising a state-of-the-art hardware trust anchor
Vasudevan et al. Trustworthy Execution on Mobile Devices: What security properties can my mobile platform give me?(CMU-CyLab-11-023)
Parno et al. How Do We Make Sense of Platform State?
Informationssäkerhet et al. New Security Challenges

Legal Events

Date Code Title Description
A711 Notification of change in applicant

Free format text: JAPANESE INTERMEDIATE CODE: A711

Effective date: 20150523

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20150615

A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20150615

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20160629

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20160712

A521 Request for written amendment filed

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20161007

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20161101

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20161129

R150 Certificate of patent or registration of utility model

Ref document number: 6053786

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250

R250 Receipt of annual fees

Free format text: JAPANESE INTERMEDIATE CODE: R250