Apparatus and method for managing a microprocessor providing for a secure execution mode
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-011/30
G06F-012/14
G06F-012/16
G06F-021/72
G06F-021/75
G06F-021/71
G06F-021/82
G06F-021/55
G06F-021/12
G06F-021/73
G06F-021/74
G06F-021/14
G08B-023/00
G06F-021/70
출원번호
US-0263238
(2008-10-31)
등록번호
US-8978132
(2015-03-10)
발명자
/ 주소
Henry, G. Glenn
Parks, Terry
출원인 / 주소
Via Technologies, Inc.
대리인 / 주소
Huffman, Richard K.
인용정보
피인용 횟수 :
0인용 특허 :
67
초록▼
An apparatus providing for a secure execution environment including a microprocessor and a secure non-volatile memory. The microprocessor executes non-secure application programs and a secure application program. The non-secure application programs are accessed from a system memory via a system bus.
An apparatus providing for a secure execution environment including a microprocessor and a secure non-volatile memory. The microprocessor executes non-secure application programs and a secure application program. The non-secure application programs are accessed from a system memory via a system bus. The secure application program executes in a secure execution mode. The microprocessor has secure execution mode logic that monitors conditions corresponding to the microprocessor associated with tampering, and causes the microprocessor to transition to a degraded operating mode from the secure execution mode following detection of a first one or more of the conditions. The degraded operating mode exclusively provides for execution of BIOS instructions. The secure non-volatile memory is coupled to the microprocessor via a private bus, stores the secure application program. Transactions over the private bus are isolated from the system bus and corresponding system bus resources within the microprocessor.
대표청구항▼
1. An apparatus providing for a secure execution environment, comprising: an x86-compatible microprocessor, comprising: one or more execution units, configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from
1. An apparatus providing for a secure execution environment, comprising: an x86-compatible microprocessor, comprising: one or more execution units, configured to execute non-secure application programs and a secure application program, wherein said non-secure application programs are accessed from a system memory via a system bus, and wherein said secure application program is executed in a secure execution mode;a cryptographic unit;a processor key register, coupled to said cryptographic unit, configured to store a cryptographic key that is unique to said x86-compatible microprocessor, wherein said cryptographic key is employed to encrypt said secure application program for storage, and wherein said processor key register can only be read by said cryptographic unit; andsecure execution mode logic, configured to monitor conditions corresponding to said x86-compatible microprocessor that are associated with potential security exposure and tampering, and configured to cause said x86-compatible microprocessor to transition to a degraded operating mode from said secure execution mode following detection of a first one or more of said conditions, wherein said degraded operating mode exclusively provides for execution of BIOS instructions, said BIOS instructions comprising instructions to allow for user input and display of messages; anda secure non-volatile memory, coupled to said x86-compatible microprocessor via a private bus, configured to store said secure application program, wherein said secure application program is encrypted in said system memory according to an asymmetric cryptographic algorithm, and wherein, upon enablement of said secure execution mode, said microprocessor encrypts said secure application program according to a symmetric key algorithm and transfers said secure application program to said secure non-volatile memory over said private bus. 2. The apparatus as recited in claim 1, wherein said BIOS instructions are executed by forcing an external interrupt to said x86-compatible microprocessor and communicating via a machine specific register. 3. The apparatus as recited in claim 1, wherein said conditions comprise hardware detected conditions. 4. The apparatus as recited in claim 1, wherein said conditions further comprise results of executing said secure application program. 5. The apparatus as recited in claim 1, wherein, upon detection of said first one or more of said conditions, said secure execution mode logic attempts to erase a data area of a secure volatile memory within said x86-compatible microprocessor and attempts to log said detection in said secure non-volatile memory. 6. The apparatus as recited in claim 5, wherein, upon successful erasure of said data area and logging of said detection, said secure execution mode logic transitions said x86-compatible microprocessor to said degraded mode. 7. The apparatus as recited in claim 1, wherein said secure execution mode logic causes said x86-compatible microprocessor to transition to a shutdown mode following detection of a second one or more of said conditions, wherein said shutdown mode can be exited only by resetting said x86-compatible microprocessor. 8. The apparatus as recited in claim 7, wherein, upon detection of said second one or more of said conditions, said secure execution mode logic attempts to erase a data area of a secure volatile memory within said x86-compatible microprocessor, attempts to log said detection in said secure non-volatile memory, and forces said x86-compatible microprocessor into said shutdown mode. 9. A microprocessor apparatus, for executing secure code within a secure execution environment, the microprocessor apparatus comprising: a secure non-volatile memory, configured to store a secure application program, wherein said secure application program is encrypted in a system memory according to an asymmetric cryptographic algorithm, and wherein said secure application program is retrieved from said system memory and is encrypted using a cryptographic key, and transferred over a private bus to said secure non-volatile memory; andan x86-compatible microprocessor, coupled to said secure non-volatile memory via said private bus, said x86-compatible microprocessor comprising: one or more execution units, configured to execute non-secure application programs and said secure application program;a cryptographic unit;a processor key register, coupled to said cryptographic unit, configured to store said cryptographic key, wherein said cryptographic key is unique to said x86-compatible microprocessor, wherein said cryptographic key is employed to encrypt said secure application program for storage into said secure non-volatile memory, and wherein said processor key register can only be read by said cryptographic unit; andsecure execution mode logic, configured to monitor conditions corresponding to said x86-compatible microprocessor that are associated with potential security exposure and tampering, and configured to cause said x86-compatible microprocessor to transition to a degraded operating mode from said secure execution mode following detection of a first one or more of said conditions, wherein said degraded operating mode exclusively provides for execution of BIOS instructions, said BIOS instructions comprising instructions to allow for user input and display of messages. 10. The microprocessor apparatus as recited in claim 9, wherein said BIOS instructions are executed by forcing an external interrupt to said x86-compatible microprocessor and communicating via a machine specific register. 11. The microprocessor apparatus as recited in claim 9, wherein said conditions comprise hardware detected conditions. 12. The microprocessor apparatus as recited in claim 9, wherein said conditions further comprise results of executing said secure application program. 13. The microprocessor apparatus as recited in claim 9, wherein, upon detection of said first one or more of said conditions, said secure execution mode logic attempts to erase a data area of a secure volatile memory within said x86-compatible microprocessor and attempts to log said detection in said secure non-volatile memory. 14. The microprocessor apparatus as recited in claim 13, wherein, upon successful erasure of said data area and logging of said detection, said secure execution mode logic transitions said x86-compatible microprocessor to said degraded mode. 15. The microprocessor apparatus as recited in claim 9, wherein said secure execution mode logic causes said x86-compatible microprocessor to transition to a shutdown mode following detection of a second one or more of said conditions, wherein said shutdown mode can be exited only by resetting said x86-compatible microprocessor. 16. The microprocessor apparatus as recited in claim 15, wherein, upon detection of said second one or more of said conditions, said secure execution mode logic attempts to erase a data area of a secure volatile memory within said x86-compatible microprocessor, attempts to log said detection in said secure non-volatile memory, and forces said x86-compatible microprocessor into said shutdown mode. 17. A method for executing secure code within a secure execution environment, the method comprising: accessing the secure code in a system memory, wherein the secure code is encrypted according to an asymmetric cryptographic algorithm;via a cryptographic unit disposed within an x86-compatible microprocessor, encrypting the secure code using a cryptographic key, and transferring the secure code over a private bus to a secure non-volatile memory for storage of the secure code, said encrypting comprising; first accessing a processor key register, coupled to the cryptographic unit, configured to store a cryptographic key that is unique to the x86-compatible microprocessor, wherein the cryptographic key is programmed into the processor key register during fabrication of the x86-compatible microprocessor, and wherein the processor key register can only be read by the cryptographic unit; and;second accessing the secure code within the secure non-volatile memory via private transactions accomplished over a private bus that is coupled between the secure non-volatile memory and the x86-compatible microprocessor, wherein the private bus is isolated from all system bus resources within the x86-compatible microprocessor and external to the x86-compatible microprocessor, and wherein the private bus is observable and accessible exclusively by secure execution logic within the x86-compatible microprocessor;employing one or more execution units disposed within the x86-compatible microprocessor to execute the secure code;monitoring conditions corresponding to the x86-compatible microprocessor that are associated with potential security exposure and tampering; andfirst transitioning the x86-compatible microprocessor to a degraded operating mode from the secure execution mode following detection of a first one or more of the conditions, wherein the degraded operating mode exclusively provides for execution of BIOS instructions, the BIOS instructions comprising instructions to allow for user input and display of messages. 18. The method as recited in claim 17, wherein the BIOS instructions are executed by forcing an external interrupt to the x86-compatible microprocessor and communicating via a machine specific register. 19. The method as recited in claim 17, wherein the conditions comprise hardware detected conditions. 20. The method as recited in claim 17, wherein the conditions further comprise results of executing the secure application program. 21. The method as recited in claim 17, wherein said first transitioning comprises: upon detection of the first one or more of the conditions, first attempting to erase a data area of a secure volatile memory within the x86-compatible microprocessor and second attempting to log the detection in the secure non-volatile memory. 22. The method as recited in claim 21, wherein, upon successful erasure of the data area and logging of the detection, completing said first transitioning. 23. The method as recited in claim 17, further comprising: second transitioning the x86-compatible microprocessor to a shutdown mode following detection of a second one or more of the conditions, wherein the shutdown mode can be exited only by resetting the x86-compatible microprocessor. 24. The method as recited in claim 23, wherein, upon detection of the second one or more of the conditions, first attempting to erase a data area of a secure volatile memory within the x86-compatible microprocessor, second attempting to log the detection in the secure non-volatile memory, and forcing the x86-compatible microprocessor into the shutdown mode.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (67)
Watt,Simon Charles, Apparatus and method for controlling access to a memory unit.
Johnson, Richard C.; Morgan, Andrew; Anvin, H. Peter; Torvalds, Linus, Architecture, system, and method for operating on encrypted and/or hidden information.
Sibigtroth James M. (Round Rock TX) Rhoades Michael W. (Austin TX) Grimmer ; Jr. George G. (Austin TX) Longwell Susan W. (Austin TX), Integrated circuit microcontroller with on-chip memory and external bus interface and programmable mechanism for securin.
McDevitt,Hugh W.; Spanel,Carol; Walls,Andrew D., Method, apparatus and program storage device for providing clocks to multiple frequency domains using a single input clock of variable frequency.
Little Wendell L. ; Curry Stephen M. ; Grider Steven N. ; Thrower Mark L. ; Hass Steven N. ; Bolan Michael L. ; Fieseler Ricky D. ; Harrington Bradley M., Microcircuit with memory that is protected by both hardware and software.
Okada, Takayuki, Processor with a function to prevent illegal execution of a program, an instruction executed by a processor and a method of preventing illegal execution of a program.
Force Gordon (San Jose CA) Davis Timothy D. (Arlington TX) Duncan Richard L. (Bedford TX) Norcross Thomas M. (Arlington TX) Shay Michael J. (Arlington TX) Short Timothy A. (Duncanville TX), Programmable distributed personal security.
Hartmann Robert F. (San Jose CA) Chan Yiu-Fai (Saratoga CA) Frankovich Robert J. (Cupertino CA) Ou Jung-Hsing (Sunnyvale CA) So Hock C. (Milpitas CA) Wong Sau-Ching (Hillsborough CA), Programmable macrocell using eprom or eeprom transistors for architecture control in programmable logic circuits.
Guttag Karl M. (Houston TX) Nussrallah Steve (Richardson TX), Security bit for designating the security status of information stored in a nonvolatile memory.
Padgaonkar Ajay J. (9617 S. 43rd Pl. Phoenix AZ 85044) Mitra Sumit K. (8860 S. Drea La. Tempe AZ 85284), Security for digital signal processor program memory.
Burghardt Martin (Oberneuching NY DEX) Berman Eric (Hicksville NY) Padgaonkar Ajay (Sugarland TX) Allen Ray (Mesa AZ), System and method for protecting contents of microcontroller memory by providing scrambled data in response to an unauth.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Watt, Simon Charles; Dornan, Christopher Bentley; Orion, Luc; Chaussade, Nicolas; Belnet, Lionel; Brochier, Stephane Eric Sebastian; Mansell, David Hennah; Symes, Dominic Hugo, Task following between multiple operating systems.
Watt,Simon Charles; Dornan,Christopher Bentley; Orion,Luc; Chaussade,Nicolas; Belnet,Lionel; Brochier,Stephane Eric Sebastien; Mansell,David Hennah; Callan,Jonathan Sean, Vectored interrupt control within a system having a secure domain and a non-secure domain.
Doi Bryan C. (Fremont CA) Thomas Steven D. (Palm Dale CA) Coli Vincent J. (San Jose CA) Giglio Vito D. (Canoga Park CA), Verifiable security circuitry for preventing unauthorized access to programmed read only memory.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.