公开(公告)号：US20210110070A1

公开(公告)日：2021-04-15

申请号：US17131716

申请日：2020-12-22

Applicant: Anjo Lucas Vahldiek-Oberwagner ,  Ravi L. Sahita ,  Mona Vij ,  Rameshkumar Illikkal ,  Michael Steiner ,  Thomas Knauth ,  Dmitrii Kuvaiskii ,  Sudha Krishnakumar ,  Krystof C. Zmudzinski ,  Vincent Scarlata ,  Francis McKeen

Inventor： Anjo Lucas Vahldiek-Oberwagner ,  Ravi L. Sahita ,  Mona Vij ,  Rameshkumar Illikkal ,  Michael Steiner ,  Thomas Knauth ,  Dmitrii Kuvaiskii ,  Sudha Krishnakumar ,  Krystof C. Zmudzinski ,  Vincent Scarlata ,  Francis McKeen

IPC: G06F21/79 ,  H04L9/14 ,  H04L9/32 ,  G06F12/14 ,  G06F3/06

Abstract: Example methods and systems are directed to reducing latency in providing trusted execution environments (TEES). Initializing a TEE includes multiple steps before the TEE starts executing. Besides workload-specific initialization, workload-independent initialization is performed, such as adding memory to the TEE. In function-as-a-service (FaaS) environments, a large portion of the TEE is workload-independent, and thus can be performed prior to receiving the workload. Certain steps performed during TEE initialization are identical for certain classes of workloads. Thus, the common parts of the TEE initialization sequence may be performed before the TEE is requested. When a TEE is requested for a workload in the class and the parts to specialize the TEE for its particular purpose are known, the final steps to initialize the TEE are performed.

公开(公告)号：US20170177293A1

公开(公告)日：2017-06-22

申请号：US14974645

申请日：2015-12-18

Applicant: Sudha Krishnakumar ,  Reshma Lal ,  Pradeep M. Pappachan ,  Kar Leong Wong ,  Steven B. McGowan ,  Adeel A. Aslam

Inventor： Sudha Krishnakumar ,  Reshma Lal ,  Pradeep M. Pappachan ,  Kar Leong Wong ,  Steven B. McGowan ,  Adeel A. Aslam

IPC: G06F3/16 ,  G06F15/167 ,  H04L9/32 ,  H04L29/06

CPC classification number: G06F3/165 ,  G06F3/162 ,  G06F15/167 ,  H04L9/32 ,  H04L63/126 ,  H04L65/1069 ,  H04L65/4069 ,  H04L65/605

Abstract: Technologies for cryptographic protection of I/O audio data include a computing device with a cryptographic engine and an audio controller. A trusted software component may request an untrusted audio driver to establish an audio session with the audio controller that is associated with an audio codec. The trusted software component may verify that a stream identifier associated with the audio session received from the audio driver matches a stream identifier received from the codec. The trusted software may program the cryptographic engine with a DMA channel identifier associated with the codec, and the audio controller may assert the channel identifier in each DMA transaction associated with the audio session. The cryptographic engine cryptographically protects audio data associated with the audio session. The audio controller may lock the controller topology after establishing the audio session, to prevent re-routing of audio during a trusted audio session. Other embodiments are described and claimed.