TWI349230B - A computer system and a method for implementating a trusted execution environment - Google Patents
A computer system and a method for implementating a trusted execution environmentInfo
- Publication number
- TWI349230B TWI349230B TW093125088A TW93125088A TWI349230B TW I349230 B TWI349230 B TW I349230B TW 093125088 A TW093125088 A TW 093125088A TW 93125088 A TW93125088 A TW 93125088A TW I349230 B TWI349230 B TW I349230B
- Authority
- TW
- Taiwan
- Prior art keywords
- implementating
- computer system
- execution environment
- trusted execution
- trusted
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1491—Protection against unauthorised use of memory or access to memory by checking the subject access rights in a hierarchical protection system, e.g. privilege levels, memory rings
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
- G06F21/79—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2143—Clearing memory, e.g. to prevent the data from being stolen
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/654,734 US7210009B2 (en) | 2003-09-04 | 2003-09-04 | Computer system employing a trusted execution environment including a memory controller configured to clear memory |
Publications (2)
Publication Number | Publication Date |
---|---|
TW200527293A TW200527293A (en) | 2005-08-16 |
TWI349230B true TWI349230B (en) | 2011-09-21 |
Family
ID=34225999
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW093125088A TWI349230B (en) | 2003-09-04 | 2004-08-20 | A computer system and a method for implementating a trusted execution environment |
Country Status (8)
Country | Link |
---|---|
US (1) | US7210009B2 (zh) |
JP (1) | JP4695082B2 (zh) |
KR (1) | KR101093124B1 (zh) |
CN (1) | CN100416501C (zh) |
DE (1) | DE112004001605B4 (zh) |
GB (1) | GB2422228B (zh) |
TW (1) | TWI349230B (zh) |
WO (1) | WO2005026954A1 (zh) |
Families Citing this family (42)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7765381B2 (en) * | 2003-04-04 | 2010-07-27 | Oracle America, Inc. | Multi-node system in which home memory subsystem stores global to local address translation information for replicating nodes |
US7228400B2 (en) * | 2003-12-31 | 2007-06-05 | Intel Corporation | Control of multiply mapped memory locations |
US7380069B2 (en) * | 2004-11-19 | 2008-05-27 | Marvell International Technology Ltd. | Method and apparatus for DMA-generated memory write-back |
JP2006203564A (ja) * | 2005-01-20 | 2006-08-03 | Nara Institute Of Science & Technology | マイクロプロセッサ、ノード端末、コンピュータシステム及びプログラム実行証明方法 |
US20070192826A1 (en) * | 2006-02-14 | 2007-08-16 | Microsoft Corporation | I/O-based enforcement of multi-level computer operating modes |
US8060744B2 (en) * | 2006-03-23 | 2011-11-15 | Harris Corporation | Computer architecture for an electronic device providing single-level secure access to multi-level secure file system |
US8041947B2 (en) * | 2006-03-23 | 2011-10-18 | Harris Corporation | Computer architecture for an electronic device providing SLS access to MLS file system with trusted loading and protection of program execution memory |
US8127145B2 (en) * | 2006-03-23 | 2012-02-28 | Harris Corporation | Computer architecture for an electronic device providing a secure file system |
US7979714B2 (en) * | 2006-06-02 | 2011-07-12 | Harris Corporation | Authentication and access control device |
US7877558B2 (en) * | 2007-08-13 | 2011-01-25 | Advanced Micro Devices, Inc. | Memory controller prioritization scheme |
US7757039B2 (en) * | 2007-09-18 | 2010-07-13 | Nikos Kaburlasos | DRAM selective self refresh |
US7937449B1 (en) * | 2007-10-08 | 2011-05-03 | Empirix, Inc. | System and method for enabling network stack processes in user mode and kernel mode to access kernel memory locations |
US20090144332A1 (en) * | 2007-11-29 | 2009-06-04 | Wallace Paul Montgomery | Sideband access based method and apparatus for determining software integrity |
US8250354B2 (en) * | 2007-11-29 | 2012-08-21 | GlobalFoundries, Inc. | Method and apparatus for making a processor sideband interface adhere to secure mode restrictions |
CN101493877B (zh) * | 2008-01-22 | 2012-12-19 | 联想(北京)有限公司 | 数据处理方法及系统 |
US9274573B2 (en) * | 2008-02-07 | 2016-03-01 | Analog Devices, Inc. | Method and apparatus for hardware reset protection |
US8117642B2 (en) * | 2008-03-21 | 2012-02-14 | Freescale Semiconductor, Inc. | Computing device with entry authentication into trusted execution environment and method therefor |
JP5286943B2 (ja) * | 2008-05-30 | 2013-09-11 | 富士通株式会社 | メモリクリア機構 |
US7831816B2 (en) * | 2008-05-30 | 2010-11-09 | Globalfoundries Inc. | Non-destructive sideband reading of processor state information |
FR2934697B1 (fr) * | 2008-07-29 | 2010-09-10 | Thales Sa | Procede et systeme permettant de securiser un logiciel |
US20100138597A1 (en) * | 2008-11-28 | 2010-06-03 | Kabushiki Kaisha Toshiba | Information Processing System, System Controller, and Memory Control Method |
US8880854B2 (en) * | 2009-02-11 | 2014-11-04 | Via Technologies, Inc. | Out-of-order execution microprocessor that speculatively executes dependent memory access instructions by predicting no value change by older instructions that load a segment register |
EP2270708A1 (en) * | 2009-06-29 | 2011-01-05 | Thomson Licensing | Data security in solid state memory |
CN102656588B (zh) * | 2009-08-14 | 2015-07-15 | 本质Id有限责任公司 | 具有防篡改和抗老化系统的物理不可克隆函数 |
US20120036308A1 (en) * | 2010-08-06 | 2012-02-09 | Swanson Robert C | Supporting a secure readable memory region for pre-boot and secure mode operations |
US8458486B2 (en) * | 2010-10-13 | 2013-06-04 | International Business Machines Corporation | Problem-based account generation |
WO2013078085A1 (en) * | 2011-11-22 | 2013-05-30 | Mips Technologies, Inc. | Processor with kernel mode access to user space virtual addresses |
TWI464746B (zh) * | 2012-03-30 | 2014-12-11 | Wistron Corp | 記憶體之清除電路 |
CN103368928B (zh) * | 2012-04-11 | 2018-04-27 | 富泰华工业(深圳)有限公司 | 帐号密码重置系统及方法 |
US8775757B2 (en) | 2012-09-25 | 2014-07-08 | Apple Inc. | Trust zone support in system on a chip having security enclave processor |
US8873747B2 (en) | 2012-09-25 | 2014-10-28 | Apple Inc. | Key management using security enclave processor |
US9047471B2 (en) | 2012-09-25 | 2015-06-02 | Apple Inc. | Security enclave processor boot control |
US8832465B2 (en) | 2012-09-25 | 2014-09-09 | Apple Inc. | Security enclave processor for a system on a chip |
US9043632B2 (en) | 2012-09-25 | 2015-05-26 | Apple Inc. | Security enclave processor power control |
US20150089245A1 (en) * | 2013-09-26 | 2015-03-26 | Asher M. Altman | Data storage in persistent memory |
US9594927B2 (en) * | 2014-09-10 | 2017-03-14 | Intel Corporation | Providing a trusted execution environment using a processor |
US9547778B1 (en) | 2014-09-26 | 2017-01-17 | Apple Inc. | Secure public key acceleration |
US10127406B2 (en) * | 2015-03-23 | 2018-11-13 | Intel Corporation | Digital rights management playback glitch avoidance |
CN105630351A (zh) * | 2015-12-23 | 2016-06-01 | 深圳市嘉兰图设计股份有限公司 | 具有一键清理后台程序功能的按键系统 |
US10884952B2 (en) * | 2016-09-30 | 2021-01-05 | Intel Corporation | Enforcing memory operand types using protection keys |
US10353858B2 (en) * | 2017-12-18 | 2019-07-16 | GM Global Technology Operations LLC | System and method for managing system memory integrity in suspended electronic control units |
US11681965B2 (en) * | 2019-10-25 | 2023-06-20 | Georgetown University | Specialized computing environment for co-analysis of proprietary data |
Family Cites Families (28)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US200402A (en) * | 1878-02-19 | Improvement in toy money-boxes | ||
US200405A (en) * | 1878-02-19 | Improvement in feed-water regulators | ||
JPS62169218A (ja) * | 1986-01-17 | 1987-07-25 | インタ−ナショナル ビジネス マシ−ンズ コ−ポレ−ション | 情報処理システムのアプリケ−シヨン中断再開装置 |
AU640181B2 (en) * | 1989-12-26 | 1993-08-19 | Digital Equipment Corporation | Method for securing terminal and terminal apparatus for use with the method |
JPH07219885A (ja) * | 1994-02-04 | 1995-08-18 | Canon Inc | 情報処理システム及び電子機器及び制御方法 |
JP3393521B2 (ja) * | 1995-10-19 | 2003-04-07 | 日本電信電話株式会社 | 端末プログラム改ざん検出方法、および情報センタ |
JPH09128232A (ja) * | 1995-11-01 | 1997-05-16 | Fujitsu Ltd | プログラム正常性確認装置 |
JP3715711B2 (ja) * | 1996-04-19 | 2005-11-16 | キヤノン株式会社 | 画像処理装置及びその画像処理方法 |
US5987604A (en) * | 1997-10-07 | 1999-11-16 | Phoenix Technologies, Ltd. | Method and apparatus for providing execution of system management mode services in virtual mode |
US6330670B1 (en) * | 1998-10-26 | 2001-12-11 | Microsoft Corporation | Digital rights management operating system |
US6327652B1 (en) * | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
US6243831B1 (en) * | 1998-10-31 | 2001-06-05 | Compaq Computer Corporation | Computer system with power loss protection mechanism |
US6175454B1 (en) * | 1999-01-13 | 2001-01-16 | Behere Corporation | Panoramic imaging arrangement |
US6367022B1 (en) | 1999-07-14 | 2002-04-02 | Visteon Global Technologies, Inc. | Power management fault strategy for automotive multimedia system |
JP2001202289A (ja) * | 2000-01-18 | 2001-07-27 | Casio Comput Co Ltd | セキュリティ管理方法およびそのプログラム記録媒体 |
US6938164B1 (en) | 2000-11-22 | 2005-08-30 | Microsoft Corporation | Method and system for allowing code to be securely initialized in a computer |
US6546472B2 (en) * | 2000-12-29 | 2003-04-08 | Hewlett-Packard Development Company, L.P. | Fast suspend to disk |
JP2002323939A (ja) * | 2001-04-25 | 2002-11-08 | Casio Comput Co Ltd | 起動処理制御装置 |
JP2003037719A (ja) * | 2001-05-17 | 2003-02-07 | Sharp Corp | 画像処理装置 |
US6854046B1 (en) * | 2001-08-03 | 2005-02-08 | Tensilica, Inc. | Configurable memory management unit |
US7024555B2 (en) * | 2001-11-01 | 2006-04-04 | Intel Corporation | Apparatus and method for unilaterally loading a secure operating system within a multiprocessor environment |
US6922783B2 (en) * | 2002-01-16 | 2005-07-26 | Hewlett-Packard Development Company, L.P. | Method and apparatus for conserving power on a multiprocessor integrated circuit |
US20030154392A1 (en) * | 2002-02-11 | 2003-08-14 | Lewis Timothy A. | Secure system firmware using interrupt generation on attempts to modify shadow RAM attributes |
US6986006B2 (en) | 2002-04-17 | 2006-01-10 | Microsoft Corporation | Page granular curtained memory via mapping control |
US7058768B2 (en) | 2002-04-17 | 2006-06-06 | Microsoft Corporation | Memory isolation through address translation data edit control |
US7392415B2 (en) * | 2002-06-26 | 2008-06-24 | Intel Corporation | Sleep protection |
US6925627B1 (en) * | 2002-12-20 | 2005-08-02 | Conexant Systems, Inc. | Method and apparatus for power routing in an integrated circuit |
US7284136B2 (en) * | 2003-01-23 | 2007-10-16 | Intel Corporation | Methods and apparatus for implementing a secure resume |
-
2003
- 2003-09-04 US US10/654,734 patent/US7210009B2/en active Active
-
2004
- 2004-06-04 CN CNB200480025290XA patent/CN100416501C/zh active Active
- 2004-06-04 GB GB0604581A patent/GB2422228B/en active Active
- 2004-06-04 DE DE112004001605T patent/DE112004001605B4/de active Active
- 2004-06-04 KR KR1020067003108A patent/KR101093124B1/ko active IP Right Grant
- 2004-06-04 WO PCT/US2004/018043 patent/WO2005026954A1/en active Application Filing
- 2004-06-04 JP JP2006525317A patent/JP4695082B2/ja active Active
- 2004-08-20 TW TW093125088A patent/TWI349230B/zh active
Also Published As
Publication number | Publication date |
---|---|
US7210009B2 (en) | 2007-04-24 |
CN1846195A (zh) | 2006-10-11 |
CN100416501C (zh) | 2008-09-03 |
KR101093124B1 (ko) | 2011-12-13 |
DE112004001605B4 (de) | 2010-05-06 |
JP2007504553A (ja) | 2007-03-01 |
GB2422228B (en) | 2007-02-14 |
KR20060061832A (ko) | 2006-06-08 |
US20050055524A1 (en) | 2005-03-10 |
GB2422228A (en) | 2006-07-19 |
WO2005026954A1 (en) | 2005-03-24 |
JP4695082B2 (ja) | 2011-06-08 |
GB0604581D0 (en) | 2006-04-19 |
DE112004001605T5 (de) | 2006-07-06 |
TW200527293A (en) | 2005-08-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI349230B (en) | A computer system and a method for implementating a trusted execution environment | |
AU2003297864A8 (en) | System and method for software application development in a portal environment | |
AU2003267881A1 (en) | Method and apparatus for booting a computer system | |
EP1407349A4 (en) | SOFTWARE APPLICATION EXECUTION METHOD AND SYSTEM | |
GB0224112D0 (en) | System and method for installing applications in a trusted environment | |
GB2382419B (en) | Apparatus and method for creating a trusted environment | |
EP1815327A4 (en) | SYSTEM AND METHOD FOR PROGRAMMING ISOLATED COMPUTER ENVIRONMENT | |
TWI366105B (en) | Programming interface for a computer platform and system and method for programming and application | |
EP1685458A4 (en) | TECHNIQUE AND SYSTEM FOR THE RESPONSE TO INTRUSIVE ATTACKS AGAINST COMPUTERS | |
AU2003207509A8 (en) | System and method for simulating an electronic trading environment | |
IL179889A0 (en) | A method and system for blocking phishing scams | |
ZA200505253B (en) | System and method for preference application installation and execution | |
GB2420432B (en) | System and methods for dependent trust in a computer system | |
GB0506508D0 (en) | Method, system and software tool for processing an electronic form | |
GB0326903D0 (en) | System and method for software debugging | |
EP1472525A4 (en) | SYSTEM AND METHOD FOR ADAPTING SOFTWARE CONTROL IN AN OPERATING ENVIRONMENT | |
AU2002341482A1 (en) | A unit and a method for handling a data object | |
PL1941705T3 (pl) | Sposób i system ochrony łącza dostępu do serwera | |
GB0526204D0 (en) | Method and data processor for reduced pipeline stalling | |
IL164620A0 (en) | Method and system for managing a computer system | |
IL179954A0 (en) | Method and apparatus for booting a computer system | |
AU2002313608A1 (en) | Calibration method, device and computer program | |
EP1834243A4 (en) | SYSTEM AND METHOD FOR FINDING MALWARE | |
GB0229724D0 (en) | Apparatus,method and computer program for defining a data mapping between two or more data structures | |
GB2402236B (en) | A method and apparatus for securing a computer system |