[특허]Secure processing unit systems and methods

Secure processing unit systems and methods 원문보기

IPC분류정보
국가/구분	United States(US) Patent 등록
국제특허분류(IPC7판)	G06F-015/167 G06F-015/16
출원번호	US-0528752 (2006-09-27)
등록번호	US-7430585 (2008-09-30)
발명자 / 주소	Sibert,W. Olin
출원인 / 주소	Intertrust Technologies Corp.
대리인 / 주소	Finnegan, Henderson, Farabow, Garrett & Dunner LLP
인용정보	피인용 횟수 : 15 인용 특허 : 18

초록 ▼

A hardware Secure Processing Unit (SPU) is described that can perform both security functions and other information appliance functions using the same set of hardware resources. Because the additional hardware required to support security functions is a relatively small fraction of the overall device hardware, this type of SPU can be competitive with ordinary non-secure CPUs or microcontrollers that perform the same functions. A set of minimal initialization and management hardware and software is added to, e.g., a standard CPU/microcontroller. The additional hardware and/or software creates an SPU environment and performs the functions needed to virtualize the SPU's hardware resources so that they can be shared between security functions and other functions performed by the same CPU.

대표청구항 ▼

What is claimed is: 1. In a secure processing unit comprising a memory management unit, an internal memory unit, and processor security registers, a method of restricting access to memory, the method comprising: using one or more level-one page table entries of a plurality of page table entries in a level-one page table to indicate whether entries in a level-two page table corresponding with the one or more level-one page table entries may designate certain predefined memory regions based on one or more predefined attributes respectively contained in the one or more level-one page table entries; and restricting access by certain software components or processor modes to predefined memory regions based on access control data, wherein the access control data are stored in a critical address register, the critical address register comprising one of the processor security registers. 2. The method of claim 1, wherein the internal memory unit includes secure random access memory, secure non-volatile memory, and secure read-only memory. 3. The method of claim 2, wherein the secure non-volatile memory contains a cryptographic key. 4. The method of claim 2, wherein the secure non-volatile memory is powered by a battery. 5. The method of claim 4, wherein the secure non-volatile memory contains a cryptographic key. 6. The method of claim 1, wherein the internal memory unit includes a unique identifier for the secure processing unit, a private cryptographic key, and a public cryptographic key. 7. The method of claim 6, wherein the internal memory unit further includes a cryptographic certificate linking the unique identifier and the public cryptographic key. 8. The method of claim 1, wherein one or more level-two page tables are configured so as to be unable to designate the predefined memory regions are stored in memory locations other than the internal memory unit. 9. In an information appliance comprising a secure processing unit, the secure processing unit comprising a memory management unit, an internal memory unit, and processor security registers, a method comprising: indicating, using one or more level-one page table entries of a plurality of page table entries in a level-one page table, whether entries in a level-two page table corresponding with the one or more level-one page table entries may designate certain predefined memory regions based on one or more predefined attributes respectively contained in the one or more level-one page table entries; restricting access by certain software components or processor modes to predefined memory regions based on access control data, wherein the access control data are stored in a critical address register, the critical address register comprising one of the processor security registers; and enabling performance, by the secure processing unit, of both secure processing operations and at least some processing operations performed by a conventional information appliance processing unit. 10. The method of claim 9, wherein the information appliance is an appliance selected from: a television set-top box, a portable audio player, a portable video player, a cellular telephone, a personal computer, and a workstation. 11. The method of claim 9, wherein the secure processing unit is the information appliance's primary processing unit. 12. The method of claim 9, wherein the secure processing unit is the information appliance's only processing unit. 13. The method of claim 9, wherein the level-one page table and the level-two page tables that may designate the predefined memory regions are stored in the internal memory unit. 14. The method of claim 9, wherein the internal memory unit includes secure random access memory, secure non-volatile memory, and secure read-only memory. 15. The method of claim 14, wherein the secure non-volatile memory contains a cryptographic key. 16. The method of claim 14, wherein the secure non-volatile memory is powered by a battery. 17. The method of claim 16, wherein the secure non-volatile memory contains a cryptographic key. 18. The method of claim 9, wherein the internal memory unit includes a unique identifier for the secure processing unit, a private cryptographic key, and a public cryptographic key. 19. The method of claim 18, wherein the internal memory unit further includes a cryptographic certificate linking the unique identifier and the public cryptographic key. 20. The method of claim 9, wherein one or more level-two page tables are configured so as to be unable to designate the predefined memory regions are stored in memory locations other than the internal memory unit.

이 특허에 인용된 특허 (18)

Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
상세보기
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
상세보기
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
상세보기
Czajkowski, Grzegorz J., Small memory footprint system and method for separating applications within a single virtual machine.
상세보기
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
상세보기
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
상세보기
Stefik Mark J. (Woodside CA) Casey Michalene M. (Morgan Hill CA), System for controlling the distribution and use of digital works.
상세보기
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
상세보기
Stefik Mark J., System for controlling the distribution and use of digital works having attached usage rights where the usage rights are.
상세보기
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
상세보기
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
상세보기
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
상세보기
Shear Victor H. ; Sibert W. Olin ; Van Wie David M., Systems and methods using cryptography to protect secure computing environments.
상세보기
Shear Victor H. ; Sibert W. Olin ; Van Wie David M., Systems and methods using cryptography to protect secure computing environments.
상세보기
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
상세보기
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
상세보기
Noel Karen Lee ; Harvey Michael Seward, Virtual memory allocation in a virtual address space having an inaccessible gap.
상세보기

이 특허를 인용한 특허 (15)

Nilsson, Jarl; Carey, William Knox, Bioinformatic processing systems and methods.
상세보기
Nilsson, Jarl; Carey, William Knox, Bioinformatic processing systems and methods.
상세보기
Nilsson, Jarl; Carey, William Knox, Bioinformatic processing systems and methods.
상세보기
Schulze, Hans Wolfgang; Speiser, Ryan; Zuroski, Erik; Duell, Samuel; Van Veghel, James, Boot display device detection and selection techniques in multi-GPU devices.
상세보기
Case, Sr., Paul, Case secure computer architecture.
상세보기
Case, Sr., Paul, Case secure computer architecture.
상세보기
Maher, David P.; Khambete, Prasad; Sanagavarapu, Prasad; Tenneti, Sanjeev; Grandhomme, Laurent, Content delivery systems and methods.
상세보기
Nilsson, Jarl; Carey, William Knox, Distributed computation systems and methods.
상세보기
De Santis, Luca; Gallese, Maria Luisa; Imondi, Giuliano Gennaro, Memory area protection system and methods.
상세보기
Finkelstein, Vincent; Elisabeth, Fabrice, Method and device for automatic validation of computer program using cryptography functions.
상세보기
Cox, Michael Brian; Smith, Phillip Norman; Lew, Stephen Donald, Method and system for generating a secure key.
상세보기
Cox, Michael; Smith, Phillip, Method and system for implementing a secure chain of trust.
상세보기
Watson, P. Thomas; Swix, Scott R.; Gray, James H., System and method to remotely manage and audit set top box resources.
상세보기
Watson, P. Thomas; Swix, Scott R.; Gray, James H., System and method to remotely manage and audit set top box resources.
상세보기
Manente, Michael, Systems and methods for vehicle policy enforcement.
상세보기

내보내기 메뉴

내보내기 구분

파일저장
인쇄
메일전송

구성항목

기본정보
상세정보

관리번호, 국가코드, 자료구분, 상태, 출원번호, 출원일자, 공개번호, 공개일자, 등록번호, 등록일자, 발명명칭(한글), 발명명칭(영문), 출원인(한글), 출원인(영문), 출원인코드, 대표IPC

저장형식

Text(ASCII format)
Excel format
PIAS분석(.xls)

메일정보

받는사람 (필수): @
보내는사람 (선택): @
제목
내용: KISTI 검색결과 이메일 서비스

안내

총 건의 자료가 검색되었습니다.

다운받으실 자료의 인덱스를 입력하세요. (1-10,000)

검색결과의 순서대로 최대 10,000건 까지 다운로드가 가능합니다.

데이타가 많을 경우 속도가 느려질 수 있습니다.(최대 2~3분 소요)

다운로드 파일은 UTF-8 형태로 저장됩니다.
파일의 내용이 제대로 보이지 않을실 때는 웹브라우저 상단의 보기 -> 인코딩 -> 자동선택 여부를 확인하십시오.

Text(ASCII format)
Excel format

AI-Helper ※ AI-Helper는 을 사용합니다.

AI-Helper

안녕하세요, AI-Helper입니다. 좌측 "선택된 텍스트"에서 텍스트를 선택하여 요약, 번역, 용어설명을 실행하세요.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.

IPC	Description
A	생활필수품
A62	인명구조; 소방(사다리 E06C)
A62B	인명구조용의 기구, 장치 또는 방법(특히 의료용에 사용되는 밸브 A61M 39/00; 특히 물에서 쓰이는 인명구조 장치 또는 방법 B63C 9/00; 잠수장비 B63C 11/00; 특히 항공기에 쓰는 것, 예. 낙하산, 투출좌석 B64D; 특히 광산에서 쓰이는 구조장치 E21F 11/00)
A62B-1/08	.. 윈치 또는 풀리에 제동기구가 있는 것

연합인증

Secure processing unit systems and methods 원문보기