公开(公告)号：US11436343B2

公开(公告)日：2022-09-06

申请号：US16731123

申请日：2019-12-31

Applicant: Arm Limited

Inventor： Ehud Maor ,  Avi Shif ,  David Yellin ,  Ofir Drang

IPC: G06F21/60 ,  G06F16/2455 ,  H04L9/06 ,  G06F21/10

Abstract: Device, system, and method of policy enforcement for rich execution environment. An electronic device includes a Trusted Execution Environment (TEE), a Rich Execution Environment (REE), and a hardware-based secure sub-system which includes a cryptographic engine. The REE includes a cryptographic driver configured to initiate a request for TEE authorization to perform a particular cryptographic operation by the cryptographic engine on a data-item that is stored in a memory region that is accessible by the REE. The TEE includes a policies manager to determine whether the request from the REE is approved or rejected, and if approved, to inject data-items into the secure sub-system to enable performance of the requested cryptographic operation by the cryptographic engine.

公开(公告)号：US20210200882A1

公开(公告)日：2021-07-01

申请号：US16731123

申请日：2019-12-31

Applicant: Arm Limited

Inventor： Ehud Maor ,  Avi Shif ,  David Yellin ,  Ofir Drang

IPC: G06F21/60 ,  G06F16/2455 ,  G06F21/10 ,  H04L9/06

Abstract: Device, system, and method of policy enforcement for rich execution environment. An electronic device includes a Trusted Execution Environment (TEE), a Rich Execution Environment (REE), and a hardware-based secure sub-system which includes a cryptographic engine. The REE includes a cryptographic driver configured to initiate a request for TEE authorization to perform a particular cryptographic operation by the cryptographic engine on a data-item that is stored in a memory region that is accessible by the REE. The TEE includes a policies manager to determine whether the request from the REE is approved or rejected, and if approved, to inject data-items into the secure sub-system to enable performance of the requested cryptographic operation by the cryptographic engine.