Firmware-based trusted platform module for arm processor architectures and trustzone security extensions
    1.
    发明授权
    Firmware-based trusted platform module for arm processor architectures and trustzone security extensions 有权
    基于固件的信任平台模块,用于ARM处理器架构和信任域安全扩展

    公开(公告)号:US08375221B1

    公开(公告)日:2013-02-12

    申请号:US13193945

    申请日:2011-07-29

    IPC分类号: G06F11/30 G06F7/04

    摘要: A “Firmware-Based TPM” or “fTPM” ensures that secure code execution is isolated to prevent a wide variety of potential security breaches. Unlike a conventional hardware based Trusted Platform Module (TPM), isolation is achieved without the use of dedicated security processor hardware or silicon. In general, the fTPM is first instantiated in a pre-OS boot environment by reading the fTPM from system firmware or firmware accessible memory or storage and placed into read-only protected memory of the device. Once instantiated, the fTPM enables execution isolation for ensuring secure code execution. More specifically, the fTPM is placed into protected read-only memory to enable the device to use hardware such as the ARM® architecture's TrustZone™ extensions and security primitives (or similar processor architectures), and thus the devices based on such architectures, to provide secure execution isolation within a “firmware-based TPM” without requiring hardware modifications to existing devices.

    摘要翻译: 基于固件的TPM或fTPM确保安全代码执行被隔离,以防止各种潜在的安全漏洞。 与传统的基于硬件的可信平台模块(TPM)不同,在不使用专用安全处理器硬件或硅片的情况下实现隔离。 通常,通过从系统固件或固件可访问的存储器或存储器读取fTPM并将其放置在设备的只读受保护的存储器中,fTPM首先在前OS引导环境中实例化。 一旦实例化,fTPM就能实现执行隔离,以确保执行安全的代码。 更具体地说,将fTPM放置到受保护的只读存储器中,以使设备能够使用诸如ARM®架构的TrustZone™扩展和安全原语(或类似的处理器架构)之类的硬件,从而使基于这种架构的设备提供 基于固件的TPM中的安全执行隔离,而不需要对现有设备进行硬件修改。

    FIRMWARE-BASED TRUSTED PLATFORM MODULE FOR ARM PROCESSOR ARCHITECTURES AND TRUSTZONE SECURITY EXTENSIONS
    2.
    发明申请
    FIRMWARE-BASED TRUSTED PLATFORM MODULE FOR ARM PROCESSOR ARCHITECTURES AND TRUSTZONE SECURITY EXTENSIONS 有权
    用于ARM处理器架构和TRUSTZONE安全扩展的基于固件的TRUSTED平台模块

    公开(公告)号:US20130031374A1

    公开(公告)日:2013-01-31

    申请号:US13193945

    申请日:2011-07-29

    IPC分类号: G06F21/00

    摘要: A “Firmware-Based TPM” or “fTPM” ensures that secure code execution is isolated to prevent a wide variety of potential security breaches. Unlike a conventional hardware based Trusted Platform Module (TPM), isolation is achieved without the use of dedicated security processor hardware or silicon. In general, the fTPM is first instantiated in a pre-OS boot environment by reading the fTPM from system firmware or firmware accessible memory or storage and placed into read-only protected memory of the device. Once instantiated, the fTPM enables execution isolation for ensuring secure code execution. More specifically, the fTPM is placed into protected read-only memory to enable the device to use hardware such as the ARM® architecture's TrustZone™ extensions and security primitives (or similar processor architectures), and thus the devices based on such architectures, to provide secure execution isolation within a “firmware-based TPM” without requiring hardware modifications to existing devices.

    摘要翻译: 基于固件的TPM或fTPM确保安全代码执行被隔离,以防止各种潜在的安全漏洞。 与传统的基于硬件的可信平台模块(TPM)不同,在不使用专用安全处理器硬件或硅片的情况下实现隔离。 通常,通过从系统固件或固件可访问的存储器或存储器读取fTPM并将其放置在设备的只读受保护的存储器中,fTPM首先在前OS引导环境中实例化。 一旦实例化,fTPM就能实现执行隔离,以确保执行安全的代码。 更具体地说,将fTPM放置到受保护的只读存储器中,以使设备能够使用诸如ARM®架构的TrustZone™扩展和安全原语(或类似的处理器架构)之类的硬件,从而使基于这种架构的设备提供 基于固件的TPM中的安全执行隔离,而不需要对现有设备进行硬件修改。

    Attestation protocol for securely booting a guest operating system
    4.
    发明授权
    Attestation protocol for securely booting a guest operating system 有权
    用于安全引导客户机操作系统的认证协议

    公开(公告)号:US08812830B2

    公开(公告)日:2014-08-19

    申请号:US13222379

    申请日:2011-08-31

    摘要: In a cloud computing environment, a production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest virtual machine. The minimal virtualization stack includes support for those virtual devices necessary for the operation of a guest operating system, with the code base of those virtual devices further reduced. Further, a dedicated, isolated boot server provides functionality to securely boot a guest operating system. The boot server is isolated through use of an attestation protocol, by which the boot server presents a secret to a network switch to attest that the boot server is operating in a clean mode. The attestation protocol may further employ a secure co-processor to seal the secret, so that it is only accessible when the boot server is operating in the clean mode.

    摘要翻译: 在云计算环境中,最小化生产服务器虚拟化堆栈,以减少在虚拟机中运行的恶意软件的安全漏洞。 最小的虚拟化堆栈包括对客户操作系统的操作所需的那些虚拟设备的支持,这些虚拟设备的代码基础进一步减少。 此外,专用的隔离引导服务器提供安全引导客户机操作系统的功能。 引导服务器通过使用认证协议进行隔离,引导服务器向网络交换机提供秘密,以证明引导服务器以干净的模式运行。 认证协议可以进一步采用安全协处理器来密封秘密,使得仅当引导服务器以干净模式操作时才可访问。

    Protecting Secret State from Memory Attacks
    5.
    发明申请
    Protecting Secret State from Memory Attacks 审中-公开
    保护秘密状态免受记忆攻击

    公开(公告)号:US20140006805A1

    公开(公告)日:2014-01-02

    申请号:US13535578

    申请日:2012-06-28

    IPC分类号: G06F12/14

    摘要: Described is a technology by which classes of memory attacks are prevented, including cold boot attacks, DMA attacks, and bus monitoring attacks. In general, secret state such as an AES key and an AES round block are maintained in on-SoC secure storage, such as a cache. Corresponding cache locations are locked to prevent eviction to unsecure storage. AES tables are accessed only in the on-SoC secure storage, to prevent access patterns from being observed. Also described is securely preparing for an interrupt-based context switch during AES round computations and securely resuming from a context switch without needing to repeat any already completed round or round of computations.

    摘要翻译: 描述了一种防止内存攻击类别的技术,包括冷启动攻击,DMA攻击和总线监视攻击。 通常,诸如AES密钥和AES循环的秘密状态被保持在诸如高速缓存之类的SoC安全存储中。 相应的缓存位置被锁定,以防止驱逐不安全的存储。 AES表只能在on-SoC安全存储中访问,以防止访问模式被观察。 还描述了在AES循环计算期间安全地准备用于基于中断的上下文切换,并且从上下文切换安全地恢复,而不需要重复任何已经完成的一轮或一轮的计算。

    Attestation Protocol for Securely Booting a Guest Operating System
    6.
    发明申请
    Attestation Protocol for Securely Booting a Guest Operating System 有权
    用于安全引导客户机操作系统的认证协议

    公开(公告)号:US20130054948A1

    公开(公告)日:2013-02-28

    申请号:US13222379

    申请日:2011-08-31

    IPC分类号: G06F15/177

    摘要: In a cloud computing environment, a production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest virtual machine. The minimal virtualization stack includes support for those virtual devices necessary for the operation of a guest operating system, with the code base of those virtual devices further reduced. Further, a dedicated, isolated boot server provides functionality to securely boot a guest operating system. The boot server is isolated through use of an attestation protocol, by which the boot server presents a secret to a network switch to attest that the boot server is operating in a clean mode. The attestation protocol may further employ a secure co-processor to seal the secret, so that it is only accessible when the boot server is operating in the clean mode.

    摘要翻译: 在云计算环境中,最小化生产服务器虚拟化堆栈,以减少在虚拟机中运行的恶意软件的安全漏洞。 最小的虚拟化堆栈包括对客户操作系统的操作所需的那些虚拟设备的支持,这些虚拟设备的代码基础进一步减少。 此外,专用的隔离引导服务器提供安全引导客户机操作系统的功能。 引导服务器通过使用认证协议进行隔离,引导服务器向网络交换机提供秘密,以证明引导服务器以干净的模式运行。 认证协议可以进一步采用安全协处理器来密封秘密,使得仅当引导服务器以干净模式操作时才可访问。

    Split billing for a mobile device
    7.
    发明授权
    Split billing for a mobile device 有权
    拆分移动设备的帐单

    公开(公告)号:US08965330B2

    公开(公告)日:2015-02-24

    申请号:US13278179

    申请日:2011-10-21

    摘要: The claimed subject matter provides a method for split billing. The method includes receiving a requested token. The requested token specifies conditions under which network traffic is allowed to be billed against a third party for content requested from a mobile computing device. The method also includes matching network traffic between the mobile computing device and a content provider to the specified conditions. The method further includes metering the matched network traffic to a billing account for the third party.

    摘要翻译: 所要求保护的主题提供了分割计费的方法。 该方法包括接收所请求的令牌。 所请求的令牌指定了允许从移动计算设备请求的内容向第三方开帐单的网络流量的条件。 该方法还包括在指定条件下将移动计算设备与内容提供商之间的网络流量相匹配。 该方法还包括将匹配的网络流量计量到第三方的记帐帐户。

    TRUSTED LANGUAGE RUNTIME ON A MOBILE PLATFORM
    9.
    发明申请
    TRUSTED LANGUAGE RUNTIME ON A MOBILE PLATFORM 审中-公开
    在移动平台上的TRUSTED语言运行

    公开(公告)号:US20120331550A1

    公开(公告)日:2012-12-27

    申请号:US13167699

    申请日:2011-06-24

    IPC分类号: G06F21/00

    CPC分类号: G06F21/575 G06F21/53

    摘要: Disclosed is a trusted language runtime (TLR) architecture that provides abstractions for developing a runtime for executing trusted applications or portions thereof securely on a mobile device (e.g., a smartphone). TLR offers at least two abstractions to mobile developers: a trustbox and a trustlet. The trustbox is a runtime environment that offers code and data integrity, and confidentiality. Code and data running inside a trustbox cannot be read or modified by any code running outside the trustbox. A trustlet is the code portion of an application that runs inside a trustbox. With TLR, programmers can write applications in .NET and specify which parts of the application handle sensitive data, and thus, run inside the trustbox. With the TLR, the developer places these parts in a trustlet class, and the TLR provides all support needed to run the parts in the trustbox.

    摘要翻译: 公开了一种可信赖语言运行时(TLR)架构,其提供用于开发用于在移动设备(例如,智能电话机)上执行可信应用或其部分的运行时的抽象。 TLR至少向移动开发人员提供两个抽象:一个信托框和一个信托。 trustbox是提供代码和数据完整性以及机密性的运行时环境。 在信托箱内运行的代码和数据不能被任何在信托箱外部运行的代码读取或修改。 trustlet是在一个信任框内运行的应用程序的代码部分。 使用TLR,程序员可以在.NET中编写应用程序,并指定应用程序的哪些部分处理敏感数据,从而在trustbox内运行。 使用TLR,开发人员将这些部件放置在trustlet类中,并且TLR提供在trustbox中运行部件所需的所有支持。