公开(公告)号：US10362015B2

公开(公告)日：2019-07-23

申请号：US15292367

申请日：2016-10-13

Applicant: MediaTek Inc.

Inventor： Hungwen Li

IPC: H04L29/06 ,  G06F9/4401 ,  H04W4/70 ,  H04W12/02

Abstract: A network-connected device is identified by multiple keys for multiple security levels in a network. From the network, the device detects a request directed at the device. The device identifies, from the request, a source entity that sent the request and a security level specified by the request. Among the plurality keys that identify the device for different levels of security, the device determines one or more of the keys to identify the device according to at least the security level. In response to the security level being a high security level, the device establishes a network session with the high security level to communicate with the source entity using a set of inter-related keys among the plurality of keys.

公开(公告)号：US20180019988A1

公开(公告)日：2018-01-18

申请号：US15292367

申请日：2016-10-13

Applicant: MediaTek Inc.

Inventor： Hungwen Li

IPC: H04L29/06 ,  G06F9/44

CPC classification number: H04L63/08 ,  G06F9/4401 ,  H04L63/105 ,  H04L63/205 ,  H04W4/70 ,  H04W12/02

Abstract: A network-connected device is identified by multiple keys for multiple security levels in a network. From the network, the device detects a request directed at the device. The device identifies, from the request, a source entity that sent the request and a security level specified by the request. Among the plurality keys that identify the device for different levels of security, the device determines one or more of the keys to identify the device according to at least the security level. In response to the security level being a high security level, the device establishes a network session with the high security level to communicate with the source entity using a set of inter-related keys among the plurality of keys.

公开(公告)号：US20180097777A1

公开(公告)日：2018-04-05

申请号：US15499406

申请日：2017-04-27

Applicant: MediaTek Inc.

Inventor： Hungwen Li

IPC: H04L29/06 ,  H04W12/08 ,  H04W12/06

CPC classification number: H04L63/0245 ,  H04L63/08 ,  H04L63/104 ,  H04L67/146 ,  H04W12/06 ,  H04W12/08 ,  H04W12/12

Abstract: A device is provided to perform secure operations in a network that includes multiple devices. The device comprises multiple processor cores; multiple physical ports to receive packets; a system interconnect and a network security engine. The network security engine is operative to: extract a key from a packet received from a physical port among the physical ports; in response to a first determination that the key does not match a stored key in the device, block the packet from entering the system interconnect through the physical port; and in response to the first determination that the key matches the stored key and in response to a second determination that one or more identifiers extracted from the packet do not match stored information in the device, block the packet from entering an identified processor core among the processor cores that is to be accessed by the packet.

公开(公告)号：US20210192056A1

公开(公告)日：2021-06-24

申请号：US17103927

申请日：2020-11-24

Applicant: MediaTek Inc.

Inventor： Yu-Tien Chang ,  Chih-Pin Su ,  Hungwen Li

IPC: G06F21/57 ,  G06F21/53 ,  G06F21/79

Abstract: A system is provided to perform secure operations. The system includes an I/O subsystem, a memory subsystem and processors. The processors are operative to execute processes in trusted execution environments (TEEs) and rich execution environments (REEs). Each of the TEEs and the REEs is identified by a corresponding access identifier (AID) and protected by a corresponding system resource protection unit (SRPU). The corresponding SRPU of a TEE includes instructions, when executed by a corresponding processor, cause the corresponding processor to control access to the TEE using a data structure including allowed AIDs and pointers to memory locations accessible by the allowed AIDs.

公开(公告)号：US11556654B2

公开(公告)日：2023-01-17

申请号：US17103927

申请日：2020-11-24

Applicant: MediaTek Inc.

Inventor： Yu-Tien Chang ,  Chih-Pin Su ,  Hungwen Li

IPC: G06F21/00 ,  G06F21/57 ,  G06F21/53 ,  G06F21/79

Abstract: A system is provided to perform secure operations. The system includes an I/O subsystem, a memory subsystem and processors. The processors are operative to execute processes in trusted execution environments (TEEs) and rich execution environments (REEs). Each of the TEEs and the REEs is identified by a corresponding access identifier (AID) and protected by a corresponding system resource protection unit (SRPU). The corresponding SRPU of a TEE includes instructions, when executed by a corresponding processor, cause the corresponding processor to control access to the TEE using a data structure including allowed AIDs and pointers to memory locations accessible by the allowed AIDs.

公开(公告)号：US10122686B2

公开(公告)日：2018-11-06

申请号：US15499406

申请日：2017-04-27

Applicant: MediaTek Inc.

Inventor： Hungwen Li

IPC: H04L29/06 ,  H04W12/08 ,  H04W12/06

Abstract: A device is provided to perform secure operations in a network that includes multiple devices. The device comprises multiple processor cores; multiple physical ports to receive packets; a system interconnect and a network security engine. The network security engine is operative to: extract a key from a packet received from a physical port among the physical ports; in response to a first determination that the key does not match a stored key in the device, block the packet from entering the system interconnect through the physical port; and in response to the first determination that the key matches the stored key and in response to a second determination that one or more identifiers extracted from the packet do not match stored information in the device, block the packet from entering an identified processor core among the processor cores that is to be accessed by the packet.