公开(公告)号：US09355280B2

公开(公告)日：2016-05-31

申请号：US14473662

申请日：2014-08-29

Applicant: BROADCOM CORPORATION

Inventor： Paul Chou ,  Love Kothari ,  Lawrence J. Madar, III

IPC: G06F21/00 ,  G06F21/72 ,  G06F12/14

CPC classification number: G06F21/72 ,  G06F12/14

Abstract: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.

Abstract translation: 一种提供硬件安全模块的技术，其提供用于将安全密钥保持在安全边界内的安全边界，并防止从安全边界外部的外部源的未经授权的访问以获得安全密钥。 硬件安全模块包括一个安全处理器，用于对安全边界内的安全密钥进行解包和认证，以对数据进行解密或加密，并通过与外部源通信的单一接口提供数据，从而在安全边界之间传输所有数据，由 硬件安全模块和外部源仅通过接口传输。 硬件安全模块确保没有解开的密钥离开硬件安全模块建立的安全边界。

公开(公告)号：US20150052367A1

公开(公告)日：2015-02-19

申请号：US14473662

申请日：2014-08-29

Applicant: BROADCOM CORPORATION

Inventor： Paul Chou ,  Love Kothari ,  Lawrence J. Madar, III

IPC: G06F21/72

CPC classification number: G06F21/72 ,  G06F12/14

Abstract: A technique to provide a hardware security module that provides a secure boundary for retention of a secure key within the secure boundary and prevention of unauthorized accesses from external sources outside of the secure boundary to obtain the secure key. The hardware security module includes a security processor to unwrap and authenticate a secure key within the secure boundary to decrypt or encrypt data and to provide data through a single interface that communicates with external sources, so that all data transfers between the secure boundary, formed by the hardware security module, and external sources are transferred only through the interface. The hardware security module ensures no unwrapped key leaves the secure boundary established by the hardware security module.

Abstract translation: 一种提供硬件安全模块的技术，其提供用于将安全密钥保持在安全边界内的安全边界，并防止从安全边界外部的外部源的未经授权的访问以获得安全密钥。 硬件安全模块包括一个安全处理器，用于对安全边界内的安全密钥进行解包和认证，以对数据进行解密或加密，并通过与外部源通信的单一接口提供数据，从而在安全边界之间传输所有数据，由 硬件安全模块和外部源仅通过接口传输。 硬件安全模块确保没有解开的密钥离开硬件安全模块建立的安全边界。