TWI582632B - 使用多重鑑別碼模組以進入安全計算環境之方法及系統、以及處理器 - Google Patents
使用多重鑑別碼模組以進入安全計算環境之方法及系統、以及處理器 Download PDFInfo
- Publication number
- TWI582632B TWI582632B TW099143486A TW99143486A TWI582632B TW I582632 B TWI582632 B TW I582632B TW 099143486 A TW099143486 A TW 099143486A TW 99143486 A TW99143486 A TW 99143486A TW I582632 B TWI582632 B TW I582632B
- Authority
- TW
- Taiwan
- Prior art keywords
- processor
- module
- authenticator module
- secure
- authenticator
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2149—Restricted operating environment
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2153—Using hardware token as a secondary aspect
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US12/650,579 US9202015B2 (en) | 2009-12-31 | 2009-12-31 | Entering a secured computing environment using multiple authenticated code modules |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201140367A TW201140367A (en) | 2011-11-16 |
| TWI582632B true TWI582632B (zh) | 2017-05-11 |
Family
ID=44188915
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW099143486A TWI582632B (zh) | 2009-12-31 | 2010-12-13 | 使用多重鑑別碼模組以進入安全計算環境之方法及系統、以及處理器 |
Country Status (6)
| Country | Link |
|---|---|
| US (2) | US9202015B2 (enExample) |
| JP (2) | JP5373753B2 (enExample) |
| CN (1) | CN102122327B (enExample) |
| BR (1) | BRPI1005586A2 (enExample) |
| DE (1) | DE102010054614A1 (enExample) |
| TW (1) | TWI582632B (enExample) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9202015B2 (en) * | 2009-12-31 | 2015-12-01 | Intel Corporation | Entering a secured computing environment using multiple authenticated code modules |
| WO2012023050A2 (en) | 2010-08-20 | 2012-02-23 | Overtis Group Limited | Secure cloud computing system and method |
| US9596082B2 (en) | 2011-12-15 | 2017-03-14 | Intel Corporation | Secure debug trace messages for production authenticated code modules |
| US9930066B2 (en) | 2013-02-12 | 2018-03-27 | Nicira, Inc. | Infrastructure level LAN security |
| US20150082006A1 (en) * | 2013-09-06 | 2015-03-19 | Futurewei Technologies, Inc. | System and Method for an Asynchronous Processor with Asynchronous Instruction Fetch, Decode, and Issue |
| US9734313B2 (en) | 2014-06-16 | 2017-08-15 | Huawei Technologies Co., Ltd. | Security mode prompt method and apparatus |
| CN105335672B (zh) * | 2014-06-16 | 2020-12-04 | 华为技术有限公司 | 一种安全模式提示方法及装置 |
| US9613218B2 (en) | 2014-06-30 | 2017-04-04 | Nicira, Inc. | Encryption system in a virtualized environment |
| US10181027B2 (en) * | 2014-10-17 | 2019-01-15 | Intel Corporation | Interface between a device and a secure processing environment |
| US10079880B2 (en) * | 2015-06-07 | 2018-09-18 | Apple Inc. | Automatic identification of invalid participants in a secure synchronization system |
| US10798073B2 (en) | 2016-08-26 | 2020-10-06 | Nicira, Inc. | Secure key management protocol for distributed network encryption |
| EP3788528B1 (en) * | 2018-04-30 | 2022-12-14 | Google LLC | Enclave interactions |
| CN112005237B (zh) | 2018-04-30 | 2024-04-30 | 谷歌有限责任公司 | 安全区中的处理器与处理加速器之间的安全协作 |
| DE102018120347A1 (de) * | 2018-08-21 | 2020-02-27 | Pilz Gmbh & Co. Kg | Automatisierungssystem zur Überwachung eines sicherheitskritischen Prozesses |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030055840A1 (en) * | 1999-01-27 | 2003-03-20 | Yoshiki Kawaoka | Image file apparatus and method |
| TW583568B (en) * | 2001-08-27 | 2004-04-11 | Dataplay Inc | A secure access method and system |
| TWI237974B (en) * | 2001-06-13 | 2005-08-11 | Corrent Corp | Security association data cache and structure |
| US20060224878A1 (en) * | 2005-03-31 | 2006-10-05 | Intel Corporation | System and method for trusted early boot flow |
| TW200910900A (en) * | 2007-07-13 | 2009-03-01 | Viaccess Sa | MAC code verification without disclosure |
Family Cites Families (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS62126451A (ja) * | 1985-11-27 | 1987-06-08 | Mitsubishi Electric Corp | 分散処理装置のイニシヤルプログラムロ−ド方式 |
| JPS62128354A (ja) | 1985-11-29 | 1987-06-10 | Fuji Electric Co Ltd | マルチプロセツサシステムの起動方式 |
| US6948070B1 (en) * | 1995-02-13 | 2005-09-20 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
| US20030126454A1 (en) | 2001-12-28 | 2003-07-03 | Glew Andrew F. | Authenticated code method and apparatus |
| US7627753B2 (en) | 2002-03-19 | 2009-12-01 | Microsoft Corporation | Secure digital data format and code enforced policy |
| US7069442B2 (en) | 2002-03-29 | 2006-06-27 | Intel Corporation | System and method for execution of a secured environment initialization instruction |
| KR20040099253A (ko) * | 2002-04-23 | 2004-11-26 | 마쯔시다덴기산교 가부시키가이샤 | 서버 장치 및 프로그램 관리 시스템 |
| US20040117318A1 (en) * | 2002-12-16 | 2004-06-17 | Grawrock David W. | Portable token controlling trusted environment launch |
| US7103779B2 (en) * | 2003-09-18 | 2006-09-05 | Apple Computer, Inc. | Method and apparatus for incremental code signing |
| US7698552B2 (en) | 2004-06-03 | 2010-04-13 | Intel Corporation | Launching a secure kernel in a multiprocessor system |
| JP4447977B2 (ja) * | 2004-06-30 | 2010-04-07 | 富士通マイクロエレクトロニクス株式会社 | セキュアプロセッサ、およびセキュアプロセッサ用プログラム。 |
| JP4522372B2 (ja) | 2005-02-07 | 2010-08-11 | 株式会社ソニー・コンピュータエンタテインメント | プロセッサと外部のデバイスとの間にセキュアセッションを実現する方法および装置 |
| US7831778B2 (en) | 2006-03-30 | 2010-11-09 | Silicon Image, Inc. | Shared nonvolatile memory architecture |
| US8458726B2 (en) * | 2007-12-03 | 2013-06-04 | Intel Corporation | Bios routine avoidance |
| US20090204823A1 (en) * | 2008-02-07 | 2009-08-13 | Analog Devices, Inc. | Method and apparatus for controlling system access during protected modes of operation |
| US9202015B2 (en) * | 2009-12-31 | 2015-12-01 | Intel Corporation | Entering a secured computing environment using multiple authenticated code modules |
-
2009
- 2009-12-31 US US12/650,579 patent/US9202015B2/en not_active Expired - Fee Related
-
2010
- 2010-12-13 TW TW099143486A patent/TWI582632B/zh not_active IP Right Cessation
- 2010-12-14 JP JP2010277703A patent/JP5373753B2/ja not_active Expired - Fee Related
- 2010-12-15 DE DE102010054614A patent/DE102010054614A1/de not_active Withdrawn
- 2010-12-23 BR BRPI1005586-0A patent/BRPI1005586A2/pt not_active Application Discontinuation
- 2010-12-24 CN CN201010625143.3A patent/CN102122327B/zh not_active Expired - Fee Related
-
2013
- 2013-03-15 US US13/837,837 patent/US9208292B2/en not_active Expired - Fee Related
- 2013-09-19 JP JP2013194105A patent/JP5752767B2/ja not_active Expired - Fee Related
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030055840A1 (en) * | 1999-01-27 | 2003-03-20 | Yoshiki Kawaoka | Image file apparatus and method |
| TWI237974B (en) * | 2001-06-13 | 2005-08-11 | Corrent Corp | Security association data cache and structure |
| TW583568B (en) * | 2001-08-27 | 2004-04-11 | Dataplay Inc | A secure access method and system |
| US20060224878A1 (en) * | 2005-03-31 | 2006-10-05 | Intel Corporation | System and method for trusted early boot flow |
| TW200910900A (en) * | 2007-07-13 | 2009-03-01 | Viaccess Sa | MAC code verification without disclosure |
Also Published As
| Publication number | Publication date |
|---|---|
| US20130212673A1 (en) | 2013-08-15 |
| US20110161676A1 (en) | 2011-06-30 |
| JP5373753B2 (ja) | 2013-12-18 |
| JP2011141870A (ja) | 2011-07-21 |
| DE102010054614A1 (de) | 2011-07-07 |
| TW201140367A (en) | 2011-11-16 |
| US9208292B2 (en) | 2015-12-08 |
| JP2013251016A (ja) | 2013-12-12 |
| BRPI1005586A2 (pt) | 2012-02-28 |
| US9202015B2 (en) | 2015-12-01 |
| CN102122327B (zh) | 2016-05-25 |
| CN102122327A (zh) | 2011-07-13 |
| JP5752767B2 (ja) | 2015-07-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI582632B (zh) | 使用多重鑑別碼模組以進入安全計算環境之方法及系統、以及處理器 | |
| US11843705B2 (en) | Dynamic certificate management as part of a distributed authentication system | |
| JP4883459B2 (ja) | ポイントツーポイント相互接続システム上のセキュアな環境初期化命令の実行 | |
| EP3582129B1 (en) | Technologies for secure hardware and software attestation for trusted i/o | |
| TWI528281B (zh) | 平臺韌體防護方法、設備、系統以及相關的機器可讀媒體 | |
| CN102270288B (zh) | 基于反向完整性验证的操作系统可信引导方法 | |
| US8583908B2 (en) | Enhanced network and local boot of Unified Extensible Firmware Interface images | |
| US7974416B2 (en) | Providing a secure execution mode in a pre-boot environment | |
| US7028149B2 (en) | System and method for resetting a platform configuration register | |
| US8799673B2 (en) | Seamlessly encrypting memory regions to protect against hardware-based attacks | |
| TW201145069A (en) | Providing integrity verification and attestation in a hidden execution environment | |
| US10564981B2 (en) | Providing a trustworthy indication of the current state of a multi-processor data processing apparatus | |
| US20210243030A1 (en) | Systems And Methods To Cryptographically Verify An Identity Of An Information Handling System | |
| CN113342735B (zh) | 一种处理器芯片及电子设备 | |
| US9202056B2 (en) | Inter-processor attestation hardware | |
| US12039052B2 (en) | Information processing apparatus, method of controlling the same, and storage medium | |
| Muramoto et al. | Improving Hardware Security on Talos II Architecture Through Boot Image Encryption | |
| CN118798100A (zh) | 图形处理器芯片、电子设备及安全管理方法 | |
| CN115618362A (zh) | 一种计算机系统、访问控制方法及存储介质 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MM4A | Annulment or lapse of patent due to non-payment of fees |