A hardware Secure Processing Unit (SPU) is described that can perform both security functions and other information appliance functions using the same set of hardware resources. Because the additional hardware required to support security functions is a relatively small fraction of the overall devic
A hardware Secure Processing Unit (SPU) is described that can perform both security functions and other information appliance functions using the same set of hardware resources. Because the additional hardware required to support security functions is a relatively small fraction of the overall device hardware, this type of SPU can be competitive with ordinary non-secure CPUs or microcontrollers that perform the same functions. A set of minimal initialization and management hardware and software is added to, e.g., a standard CPU/microcontroller. The additional hardware and/or software creates an SPU environment and performs the functions needed to virtualize the SPU's hardware resources so that they can be shared between security functions and other functions performed by the same CPU.
대표청구항▼
1. A method comprising: establishing a secure environment within a secure processing unit, wherein establishing the secure environment comprises generating a first cryptographic key and a second cryptographic key, the first cryptographic key and second cryptographic key being unique to the secure pr
1. A method comprising: establishing a secure environment within a secure processing unit, wherein establishing the secure environment comprises generating a first cryptographic key and a second cryptographic key, the first cryptographic key and second cryptographic key being unique to the secure processing unit;setting, in response to establishing the secure environment, a secure flag indicating that the secure processing unit is operating in a secure state;storing, in a first region of a secure memory associated with the secure processing unit, secret information based on a determination that the secure flag is set and a determination that a first indication in an erasure control register associated with the secure memory indicates that the first region will be erased in response to a change in a state of the secure flag;encrypting a first portion of the secret information using the first cryptographic key to generate an encrypted copy of the first portion of the secret information;storing, in a second region of the secure memory, the encrypted copy of the first portion of the secret information based on a determination that a second indication in the erasure control register indicates that the second region will be persisted in response to a change in the state of the secure flag;encrypting a second portion of the secret information using the second cryptographic key to generate an encrypted copy of the second portion of the secret information;storing, in the second region of the secure memory, the encrypted copy of the second portion of the secret information based on the determination that the second indication in the erasure control register indicates that the second region will be persisted in response to a change in the state of the secure flag; andimplementing, by a monitoring module executing on the secure processing unit, at least one protective action in response to a determination that the secure processing unit has been tampered with, wherein the at least one protective action comprises erasing the first region of the secure memory containing the secret information based on the first indication. 2. The method of claim 1, wherein the method further comprises: loading, by a loading module executing on the secure processing unit, the monitoring module onto an operating environment of the secure processing unit. 3. The method of claim 2, wherein the loading is performed in response to the secure processing unit being initialized. 4. The method of claim 2, wherein the loading is performed in response to the secure processing unit being reset. 5. The method of claim 1, where the secure flag is stored in a hardware register of the secure processing unit. 6. The method of claim 1, wherein the secure state comprises a state in which the secure processing unit may store or process secure information. 7. The method of claim 1, wherein the at least one protective action is implemented in response to a determination that the secure processing unit has been physically tampered with. 8. The method of claim 1, wherein the at least one protective action is implemented in response to a determination that the secure processing unit has been electronically tampered with. 9. The method of claim 1, wherein the method further comprises: resetting the secure flag based on the determination that the secure processing unit has been tampered with. 10. A non-transitory computer-readable storage medium storing instructions that, when executed by a processor included in a secure processing unit, cause the processor to perform a method comprising: establishing a secure environment within the secure processing unit, wherein establishing the secure environment comprises generating a first cryptographic key and a second cryptographic key, the first cryptographic key and second cryptographic key being unique to the secure processing unit;setting, in response to establishing the secure environment, a secure flag indicating that the secure processing unit is operating in a secure state;storing, in a first region of a secure memory associated with the secure processing unit, secret information based on a determination that the secure flag is set and a determination that a first indication in an erasure control register associated with the secure memory indicates that the first region will be erased in response to a change in a state of the secure flag;encrypting a first portion of the secret information using the first cryptographic key to generate an encrypted copy of the first portion of the secret information;storing, in a second region of the secure memory, the encrypted copy of the first portion of the secret information based on a determination that a second indication in the erasure control register indicates that the second region will be persisted in response to a change in the state of the secure flag;encrypting a second portion of the secret information using the second cryptographic key to generate an encrypted copy of the second portion of the secret information;storing, in the second region of the secure memory, the encrypted copy of the second portion of the secret information based on the determination that the second indication in the erasure control register indicates that the second region will be persisted in response to a change in the state of the secure flag; andimplementing, by a monitoring module executing on the secure processing unit, at least one protective action in response to a determination that the secure processing unit has been tampered with, wherein the at least one protective action comprises erasing the first region of the secure memory containing the secret information based on the first indication. 11. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises: loading, by a loading module executing on the secure processing unit, the monitoring module onto an operating environment of the secure processing unit. 12. The non-transitory computer-readable storage medium of claim 11, wherein the loading is performed in response to the secure processing unit being initialized. 13. The non-transitory computer-readable storage medium of claim 11, wherein the loading is performed in response to the secure processing unit being reset. 14. The non-transitory computer-readable storage medium of claim 10, wherein the secure flag is stored in a hardware register of the secure processing unit. 15. The non-transitory computer-readable storage medium of claim 10, wherein the secure state comprises a state in which the secure processing unit may store or process secure information. 16. The non-transitory computer-readable storage medium of claim 10, wherein the at least one protective action is implemented in response to a determination that the secure processing unit has been physically tampered with. 17. The non-transitory computer-readable storage medium of claim 10, wherein the at least one protective action is implemented in response to a determination that the secure processing unit has been electronically tampered with. 18. The non-transitory computer-readable storage medium of claim 10, wherein the method further comprises: resetting the secure flag based on the determination that the secure processing unit has been tampered with.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (21)
Shear Victor H. (Bethesda MD), Database usage metering and protection system and method.
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Bergum Russell A. (Lake Zurich IL) Van Bosch Janes A. (Crystal Lake IL), Method and apparatus for improved security within encrypted communication devices.
Everett David Barrington,GBX ; Miller Stuart James,GBX ; Peacham Anthony David,GBX ; Simmons Ian Stephen,GBX ; Richards Timothy Philip,GBX ; Viner John Charles,GBX, Multi-application IC card with delegation feature.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.