PL3588360T3 - Kodowane funkcjonalności liniowych - Google Patents

Kodowane funkcjonalności liniowych

Info

Publication number
PL3588360T3
PL3588360T3 PL19176635T PL19176635T PL3588360T3 PL 3588360 T3 PL3588360 T3 PL 3588360T3 PL 19176635 T PL19176635 T PL 19176635T PL 19176635 T PL19176635 T PL 19176635T PL 3588360 T3 PL3588360 T3 PL 3588360T3
Authority
PL
Poland
Prior art keywords
capabilities
encoded
encoded inline
inline capabilities
inline
Prior art date
Application number
PL19176635T
Other languages
English (en)
Inventor
Michael Lemay
David M. Durham
Michael E. Kounavis
Barry E. Huntley
Vedvyas Shanbhogue
Jason W. Brandt
Josh Triplett
Gilbert Neiger
Karanvir Grewal
Baiju V. Patel
Ye Zhuang
Jr-Shian Tsai
Vadim SUKHOMLINOV
Ravi Sahita
Mingwei Zhang
James C. Farwell
Amitabh Das
Krishna Bhuyan
Original Assignee
Intel Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corporation filed Critical Intel Corporation
Publication of PL3588360T3 publication Critical patent/PL3588360T3/pl

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/76Architectures of general purpose stored program computers
    • G06F15/78Architectures of general purpose stored program computers comprising a single central processing unit
    • G06F15/7807System on chip, i.e. computer system on a single chip; System in package, i.e. computer system on one or more chips in a single package
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/02Addressing or allocation; Relocation
    • G06F12/0223User address space allocation, e.g. contiguous or non contiguous base addressing
    • G06F12/023Free address space management
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/1425Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block
    • G06F12/1441Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being physical, e.g. cell, word, block for a range
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • G06F9/45516Runtime code conversion or optimisation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogram communication
    • G06F9/547Remote procedure calls [RPC]; Web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45587Isolation or security of virtual machine instances
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2209/00Indexing scheme relating to G06F9/00
    • G06F2209/54Indexing scheme relating to G06F9/54
    • G06F2209/544Remote
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1008Correctness of operation, e.g. memory ordering
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2212/00Indexing scheme relating to accessing, addressing or allocation within memory systems or architectures
    • G06F2212/10Providing a specific technical effect
    • G06F2212/1052Security improvement
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/127Trusted platform modules [TPM]

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Mathematical Physics (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
PL19176635T 2018-06-29 2019-05-24 Kodowane funkcjonalności liniowych PL3588360T3 (pl)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16/024,547 US10860709B2 (en) 2018-06-29 2018-06-29 Encoded inline capabilities
EP19176635.1A EP3588360B1 (en) 2018-06-29 2019-05-24 Encoded inline capabilities

Publications (1)

Publication Number Publication Date
PL3588360T3 true PL3588360T3 (pl) 2022-02-21

Family

ID=66668730

Family Applications (1)

Application Number Title Priority Date Filing Date
PL19176635T PL3588360T3 (pl) 2018-06-29 2019-05-24 Kodowane funkcjonalności liniowych

Country Status (4)

Country Link
US (2) US10860709B2 (pl)
EP (2) EP3958160B1 (pl)
CN (1) CN110659244A (pl)
PL (1) PL3588360T3 (pl)

Families Citing this family (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2564130B (en) * 2017-07-04 2020-10-07 Advanced Risc Mach Ltd An apparatus and method for controlling execution of instructions
US10116436B1 (en) * 2017-09-26 2018-10-30 Intel Corporation Techniques for preventing memory timing attacks
US10860709B2 (en) * 2018-06-29 2020-12-08 Intel Corporation Encoded inline capabilities
US20200264921A1 (en) * 2019-02-20 2020-08-20 Nanjing Iluvatar CoreX Technology Co., Ltd. (DBA "Iluvatar CoreX Inc. Nanjing") Crypto engine and scheduling method for vector unit
GB2579682B (en) * 2019-03-25 2021-03-24 Trustonic Ltd Trusted execution environment migration method
US11288213B2 (en) 2019-03-29 2022-03-29 Intel Corporation Memory protection with hidden inline metadata
US11580234B2 (en) 2019-06-29 2023-02-14 Intel Corporation Implicit integrity for cryptographic computing
US11403234B2 (en) 2019-06-29 2022-08-02 Intel Corporation Cryptographic computing using encrypted base addresses and used in multi-tenant environments
US12282567B2 (en) 2019-06-29 2025-04-22 Intel Corporation Cryptographic computing using encrypted base addresses and used in multi-tenant environments
US11250165B2 (en) 2019-12-20 2022-02-15 Intel Corporation Binding of cryptographic operations to context or speculative execution restrictions
US11575504B2 (en) 2019-06-29 2023-02-07 Intel Corporation Cryptographic computing engine for memory load and store units of a microarchitecture pipeline
US11003785B2 (en) 2019-07-16 2021-05-11 Advanced New Technologies Co., Ltd. Data transmission method and apparatus in tee systems
CN110442462B (zh) 2019-07-16 2020-07-28 阿里巴巴集团控股有限公司 Tee系统中的多线程数据传输方法和装置
CN110399235B (zh) * 2019-07-16 2020-07-28 阿里巴巴集团控股有限公司 Tee系统中的多线程数据传输方法和装置
US10699015B1 (en) 2020-01-10 2020-06-30 Alibaba Group Holding Limited Method and apparatus for data transmission in a tee system
US11163569B2 (en) 2019-12-28 2021-11-02 Intel Corporation Hardware apparatuses, methods, and systems for individually revocable capabilities for enforcing temporal memory safety
CN114902225A (zh) 2020-02-13 2022-08-12 英特尔公司 多租户环境中的密码计算
US11216366B2 (en) 2020-02-13 2022-01-04 Intel Corporation Security check systems and methods for memory allocations
CN111914265B (zh) * 2020-03-16 2023-12-19 西安交通大学 面向高性能计算虚拟数据空间的轻量级数据安全保密方法
US11070621B1 (en) * 2020-07-21 2021-07-20 Cisco Technology, Inc. Reuse of execution environments while guaranteeing isolation in serverless computing
KR20230054872A (ko) * 2020-09-02 2023-04-25 사이파이브, 인크. 마스킹된 메모리 액세스의 효율적인 프로세싱
US12032485B2 (en) * 2020-12-23 2024-07-09 Intel Corporation 64-bit virtual addresses having metadata bit(s) and canonicality check that does not fail due to non-canonical values of metadata bit(s)
US20210109870A1 (en) * 2020-12-23 2021-04-15 Ravi L. Sahita Isolating memory within trusted execution environments
US11669625B2 (en) 2020-12-26 2023-06-06 Intel Corporation Data type based cryptographic computing
WO2022139850A1 (en) 2020-12-26 2022-06-30 Intel Corporation Cryptographic computing including enhanced cryptographic addresses
US11580035B2 (en) 2020-12-26 2023-02-14 Intel Corporation Fine-grained stack protection using cryptographic computing
US11960420B2 (en) * 2021-02-16 2024-04-16 Red Hat, Inc. Direct memory control operations on memory data structures
US11972126B2 (en) 2021-03-26 2024-04-30 Intel Corporation Data relocation for inline metadata
US11954045B2 (en) 2021-09-24 2024-04-09 Intel Corporation Object and cacheline granularity cryptographic memory integrity
US12019733B2 (en) 2022-03-11 2024-06-25 Intel Corporation Compartment isolation for load store forwarding
US12393523B2 (en) 2022-03-31 2025-08-19 Intel Corporation Circuitry and methods for implementing micro-context based trust domains
US12417099B2 (en) 2022-04-02 2025-09-16 Intel Corporation Circuitry and methods for informing indirect prefetches using capabilities
US12306998B2 (en) 2022-06-30 2025-05-20 Intel Corporation Stateless and low-overhead domain isolation using cryptographic computing
US12321467B2 (en) 2022-06-30 2025-06-03 Intel Corporation Cryptographic computing isolation for multi-tenancy and secure software components
CN119004443B (zh) * 2024-07-29 2025-11-04 浙江大学 一种针对内核文件系统中可攻击数据的识别和防护方法

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5625819A (en) * 1995-04-26 1997-04-29 Honeywell, Inc. Methods and apparatus for performing heap management and protecting data structure integrity in non-volatile memory
US7613921B2 (en) * 2005-05-13 2009-11-03 Intel Corporation Method and apparatus for remotely provisioning software-based security coprocessors
US8255431B2 (en) * 2009-11-23 2012-08-28 International Business Machines Corporation Managing memory
JP6242036B2 (ja) * 2011-11-17 2017-12-06 ソニー株式会社 情報処理装置、情報記憶装置、情報処理システム、および情報処理方法、並びにプログラム
WO2013101188A1 (en) * 2011-12-30 2013-07-04 Intel Corporation Memory event notification
US8995657B2 (en) * 2012-06-14 2015-03-31 Kabushiki Kaisha Toshiba Device and method for certifying one's own authenticity
US8762717B2 (en) * 2012-06-15 2014-06-24 Kabushiki Kaisha Toshiba Authentication device
US9569612B2 (en) * 2013-03-14 2017-02-14 Daniel Shawcross Wilkerson Hard object: lightweight hardware enforcement of encapsulation, unforgeability, and transactionality
US20180189479A1 (en) * 2013-05-08 2018-07-05 Mads DAM Verification of security domain separation
US9842065B2 (en) 2015-06-15 2017-12-12 Intel Corporation Virtualization-based platform protection technology
US10860709B2 (en) * 2018-06-29 2020-12-08 Intel Corporation Encoded inline capabilities
US11200330B2 (en) * 2018-08-01 2021-12-14 Red Hat, Inc. Secure storage access through rate limitation
US20200097646A1 (en) * 2018-09-26 2020-03-26 Qualcomm Incorporated Virtualization techniques with real-time constraints
US10719362B2 (en) * 2018-10-10 2020-07-21 Oracle International Corporation Managing multiple isolated execution contexts in a single process
JP7432523B2 (ja) * 2018-10-29 2024-02-16 スターナム リミテッド 動的メモリ保護
US11580234B2 (en) * 2019-06-29 2023-02-14 Intel Corporation Implicit integrity for cryptographic computing
US11163569B2 (en) * 2019-12-28 2021-11-02 Intel Corporation Hardware apparatuses, methods, and systems for individually revocable capabilities for enforcing temporal memory safety

Also Published As

Publication number Publication date
US10860709B2 (en) 2020-12-08
EP3588360B1 (en) 2021-11-10
EP3958160B1 (en) 2023-11-22
EP3958160A1 (en) 2022-02-23
EP3588360A1 (en) 2020-01-01
US20200004953A1 (en) 2020-01-02
US20210117535A1 (en) 2021-04-22
US11562063B2 (en) 2023-01-24
CN110659244A (zh) 2020-01-07

Similar Documents

Publication Publication Date Title
PL3588360T3 (pl) Kodowane funkcjonalności liniowych
GB2574733B (en) Improved video bitstream coding
EP3381190A4 (en) Parallel video encoding
GB201702625D0 (en) Powerboat
GB201800274D0 (en) Novel treatments
GB201504403D0 (en) Adapting encoded bandwidth
GB201700623D0 (en) Video encoding
ZA201800147B (en) Downscaled decoding
GB201701315D0 (en) Novel treatments
GB201504402D0 (en) Adapting encoded bandwidth
GB201716967D0 (en) Coding technique
GB201604648D0 (en) Coding technique
GB2573043B (en) Plug-ins as microservices
GB2577172B (en) Decoder
GB2580036B (en) Bitstream decoding
GB201809021D0 (en) Skateboard
EP3516775A4 (en) CHANNEL CODING ARRANGEMENT
GB201910881D0 (en) Contact
IL262221A (en) Treat ments forcahcers etc
PH32018050083S1 (en) Four-wheeled motorcab
GB201801982D0 (en) Novel treatments
GB201603782D0 (en) Video encoding
GB201709513D0 (en) High jump pockt
GB201710433D0 (en) Novel treatments
AU201614746S (en) Skateboard