公开(公告)号：US20160371493A1

公开(公告)日：2016-12-22

申请号：US15181218

申请日：2016-06-13

Applicant: Intel Corporation

Inventor： GYAN PRAKASH ,  JIPHUN C. SATAPATHY

IPC: G06F21/57 ,  H04W12/06 ,  H04W12/08 ,  G06F21/74

CPC classification number: G06F21/572 ,  G06F8/65 ,  G06F21/57 ,  G06F21/74 ,  H04L67/34 ,  H04W12/06 ,  H04W12/08

Abstract: Generally, this disclosure describes devices, methods and systems and for securely updating software on a mobile platform using trusted hardware based authentication. The device may include an image update module configured to receive a software update image from an update server, the image update module executing at an operating system (OS) level; a critical component database configured to identify critical software components associated with the secure operation of the device; a secure update application module configured to verify the inclusion of the critical software components in the software update image prior to installation of the software update image on the device; and a trusted execution environment (TEE) configured to restrict control access and data access to the secure update application module and the critical component database, the restriction enforced against the OS and against modules executing at the OS level.

Abstract translation: 通常，本公开描述了设备，方法和系统，并且使用基于可信硬件的认证来安全地更新移动平台上的软件。 所述设备可以包括被配置为从更新服务器接收软件更新映像的映像更新模块，所述映像更新模块在操作系统（OS）级执行; 配置为识别与所述设备的安全操作相关联的关键软件组件的关键组件数据库; 安全更新应用模块，被配置为在所述设备上安装所述软件更新映像之前，将所述关键软件组件包含在所述软件更新映像中; 以及被配置为限制对安全更新应用模块和关键组件数据库的控制访问和数据访问的受信任执行环境（TEE），针对OS强制执行的限制以及在OS级执行的模块。