公开(公告)号：US09747435B2

公开(公告)日：2017-08-29

申请号：US14696581

申请日：2015-04-27

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Weihua Mao ,  Shu-Yi Yu

IPC: G06F21/00 ,  G06F21/46 ,  G06F21/60

CPC classification number: G06F21/46 ,  G06F21/44 ,  G06F21/602 ,  G06F21/606 ,  G06F21/85 ,  G06F2221/2137 ,  H04L9/088

Abstract: An apparatus, a method, and a system are presented in which the apparatus may include a security circuit, a processor, and an interface controller. The security circuit may be configured to generate a keyword. The processor may be configured to determine one or more policies to be applied to usage of the keyword, and to generate a policy value. The policy value may include one or more data bits indicative of the determined one or more policies. The interface controller may be configured to generate a message including the keyword and the policy value. The interface controller may also be configured to send the message.

公开(公告)号：US20240330432A1

公开(公告)日：2024-10-03

申请号：US18593243

申请日：2024-03-01

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Weihua Mao ,  Shu-Yi Yu

IPC: G06F21/46 ,  G06F21/44 ,  G06F21/60 ,  G06F21/85 ,  H04L9/08

CPC classification number: G06F21/46 ,  G06F21/44 ,  G06F21/602 ,  G06F21/606 ,  G06F21/85 ,  H04L9/088 ,  G06F2221/2137

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

公开(公告)号：US20200342091A1

公开(公告)日：2020-10-29

申请号：US16927934

申请日：2020-07-13

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  Weihua Mao ,  Shu-Yi Yu

IPC: G06F21/46 ,  G06F21/60 ,  G06F21/44 ,  G06F21/85 ,  H04L9/08

Abstract: An apparatus, a method, and a system are presented in which the apparatus includes an interface control circuit that may be configured to receive a message including a cryptographic keyword and a policy value. The policy value may include one or more data bits indicative of one or more policies that define allowable usage of the cryptographic keyword. The apparatus also includes a security circuit that may be configured to extract the cryptographic keyword and the policy value from the message, and to apply at least one policy of the one or more policies to usage of the cryptographic keyword in response to a determination that an authentication of the message succeeded.

公开(公告)号：US20150046702A1

公开(公告)日：2015-02-12

申请号：US13963457

申请日：2013-08-09

Applicant: Apple Inc.

Inventor： Timothy R. Paaske ,  David S. Warren ,  Michael J. Smith ,  Diarmuid P. Ross ,  Weihua Mao

IPC: G06F12/14 ,  H04L9/12

CPC classification number: G06F12/1408 ,  G06F21/602 ,  G06F21/72 ,  G06F21/85 ,  G06F21/87 ,  G09C1/00 ,  H04L9/12 ,  H04L2209/12

Abstract: In an embodiment, a peripheral interface controller may include an inline cryptographic engine which may encrypt data being sent over a peripheral interface and decrypt data received from the peripheral interface. The encryption may be transparent to the device connected to the peripheral interface that is receiving/supplying the data. In an embodiment, the peripheral interface controller is included in a system on a chip (SOC) that also includes a memory controller configured to couple to a memory. The memory may be mounted on the SOC in a chip-on-chip or package-on-package configuration. The unencrypted data may be stored in the memory for use by other parts of the SOC (e.g. processors, on-chip peripherals, etc.). The keys used for the encryption/decryption of data may remain within the SOC.

Abstract translation: 在一个实施例中，外围接口控制器可以包括内联密码引擎，其可以对通过外围接口发送的数据进行加密，并解密从外围接口接收的数据。 加密可能对连接到正在接收/提供数据的外设接口的设备是透明的。 在一个实施例中，外围接口控制器包括在芯片上的系统（SOC）中，该系统还包括被配置为耦合到存储器的存储器控​​制器。 存储器可以以片上芯片或封装的封装形式安装在SOC上。 未加密的数据可以存储在存储器中以供SOC的其他部分使用（例如处理器，片上外设等）。 用于加密/解密数据的密钥可能保留在SOC内。