-
公开(公告)号:US20180011802A1
公开(公告)日:2018-01-11
申请号:US15205326
申请日:2016-07-08
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Geoffrey Ndu , Fraser John Dickin
CPC classification number: G06F12/1408 , G06F12/0891 , G06F12/1466 , G06F21/602 , G06F21/78 , G09C1/00 , H04L9/0894
Abstract: In one example in accordance with the present disclosure, a method may include receiving, by a processor on a system on a chip (SoC), a request to encrypt a subset of data accessed by a process. The method may also include receiving, at a page encryption hardware unit of the SoC, a system call from an operating system on behalf of the process, to generate an encrypted memory page corresponding to the subset of data. The method may also include generating, by the page encryption hardware unit, an encryption/decryption key for the first physical memory address. The encryption/decryption key may not be accessible by the operating system. The method may also include encrypting, by the page encryption hardware unit, the subset of data to the physical memory address using the encryption/decryption key and storing, by the page encryption hardware unit, the encryption/decryption key in a key store.
-
公开(公告)号:US10303883B2
公开(公告)日:2019-05-28
申请号:US15333779
申请日:2016-10-25
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Shiva R. Dasari , Nicholas Ramirez , Fraser John Dickin
Abstract: In some examples, a computing device includes a data port, device memory to store firmware for the computing device, and verification circuitry. The verification circuitry may override operation of the data port responsive to a determination that firmware verification mode criteria are satisfied. The verification circuitry may also extract firmware data from the device memory for verification of the firmware and provide the firmware data to an external device connected to the computing device through the data port.
-
公开(公告)号:US20180114024A1
公开(公告)日:2018-04-26
申请号:US15333779
申请日:2016-10-25
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Shiva R. Dasari , Nicholas Ramirez , Fraser John Dickin
CPC classification number: G06F21/572 , G06F21/44 , G06F21/575 , G06F21/604
Abstract: In some examples, a computing device includes a data port, device memory to store firmware for the computing device, and verification circuitry. The verification circuitry may override operation of the data port responsive to a determination that firmware verification mode criteria are satisfied. The verification circuitry may also extract firmware data from the device memory for verification of the firmware and provide the firmware data to an external device connected to the computing device through the data port.
-
公开(公告)号:US20170371808A1
公开(公告)日:2017-12-28
申请号:US15192493
申请日:2016-06-24
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Adrian Shaw , Geoffrey Ndu , Fraser John Dickin
CPC classification number: G06F12/1408 , G06F12/1466 , G06F13/28 , G06F2212/1052 , G06F2212/402
Abstract: In one example in accordance with the present disclosure, a method may include retrieving, at a memory management unit (MMU), encrypted data from a memory via direct memory access and determining, at the MMU, a peripheral that is the intended recipient of the encrypted data. The method may also include accessing an application key used for transmission between an application and the peripheral, wherein the application key originates from the application and decrypting, at the MMU, the encrypted data using the application key and transmitting the decrypted data to the peripheral.
-
公开(公告)号:US20170213054A1
公开(公告)日:2017-07-27
申请号:US15328408
申请日:2014-10-30
Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
Inventor: Liqun Chen , Chris I. Dalton , Fraser John Dickin , Nigel Edwards , Simon Kai-Ying Shiu
CPC classification number: G06F21/79 , G06F21/606 , G06F21/64 , H04L9/0822 , H04L9/083 , H04L2463/061
Abstract: In an example, transactions are secured between electronic circuits in a memory fabric. An electronic circuit may receive a transaction integrity key. The electronic circuit may compute a truncated message authentication code (MAC) using the received transaction integrity key and attach the truncated MAC to a security message header (SMH) of the transaction.
-
公开(公告)号:US10699031B2
公开(公告)日:2020-06-30
申请号:US15328408
申请日:2014-10-30
Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP
Inventor: Liqun Chen , Chris I. Dalton , Fraser John Dickin , Nigel Edwards , Simon Kai-Ying Shiu
Abstract: In an example, transactions are secured between electronic circuits in a memory fabric. An electronic circuit may receive a transaction integrity key. The electronic circuit may compute a truncated message authentication code (MAC) using the received transaction integrity key and attach the truncated MAC to a security message header (SMH) of the transaction.
-
公开(公告)号:US10310990B2
公开(公告)日:2019-06-04
申请号:US15192493
申请日:2016-06-24
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Adrian Shaw , Geoffrey Ndu , Fraser John Dickin
Abstract: In one example in accordance with the present disclosure, a method may include retrieving, at a memory management unit (MMU), encrypted data from a memory via direct memory access and determining, at the MMU, a peripheral that is the intended recipient of the encrypted data. The method may also include accessing an application key used for transmission between an application and the peripheral, wherein the application key originates from the application and decrypting, at the MMU, the encrypted data using the application key and transmitting the decrypted data to the peripheral.
-
公开(公告)号:US10027481B2
公开(公告)日:2018-07-17
申请号:US14755125
申请日:2015-06-30
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Liqun Chen , Fraser John Dickin , Martin Sadler , Chris I Dalton , Nigel Edwards , Simon Kai-Ying Shiu , Boris Balacheff
CPC classification number: H04L9/0897 , G06F21/72 , H04L9/0866 , H04L9/3073 , H04L9/3247
Abstract: An electronic device for management of cryptographic keys, and a corresponding method implemented in a computing device comprising a physical processor, transmit feature data of the device to a key generation module, wherein the feature data comprises information corresponding to an identifier or an attribute of the device, and receive, by the device from the key generation module, a digital signature of the transmitted feature data. The device installs the received digital signature as a cryptographic private key for communication, and performs a cryptographic operation using the installed digital signature as the cryptographic private key.
-
公开(公告)号:US10261919B2
公开(公告)日:2019-04-16
申请号:US15205326
申请日:2016-07-08
Applicant: Hewlett Packard Enterprise Development LP
Inventor: Geoffrey Ndu , Fraser John Dickin
Abstract: In one example in accordance with the present disclosure, a method may include receiving, by a processor on a system on a chip (SoC), a request to encrypt a subset of data accessed by a process. The method may also include receiving, at a page encryption hardware unit of the SoC, a system call from an operating system on behalf of the process, to generate an encrypted memory page corresponding to the subset of data. The method may also include generating, by the page encryption hardware unit, an encryption/decryption key for the first physical memory address. The encryption/decryption key may not be accessible by the operating system. The method may also include encrypting, by the page encryption hardware unit, the subset of data to the physical memory address using the encryption/decryption key and storing, by the page encryption hardware unit, the encryption/decryption key in a key store.
-
-
-
-
-
-
-
-