摘要:
An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.
摘要:
An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.
摘要:
Embodiments include systems and methods for securely accessing data in the context of a data transaction. A system may include a memory block, within which a memory partition may be allocated to the data transaction. The memory partition includes a data storage block and at least one binding register. The system also includes platform entities and an access control block, which determines whether a particular platform entity may access data within the data storage block, and whether a particular platform entity may write binding information into a binding register. Access also may be granted or denied based on the current state of a state machine associated with the data transaction. The system also includes a cipher/binding function adapted to encrypt the data, using the binding information, for storage on an unsecured memory device, and to decrypting encrypted data, using the binding information, which is retrieved from the unsecured memory device.
摘要:
Methods and apparatus are provided for an electronic device having an autonomous memory checker for runtime security assurance. The autonomous memory checker comprises a controller, a memory reference file coupled to the controller, and an authentication engine coupled to the controller. A check is performed during runtime operation of the electronic device. The autonomous memory checker generates runtime reference values corresponding to trusted information stored in memory. The runtime reference values are compared against memory reference values stored in the memory reference file. The memory reference values are generated from the trusted information stored in memory. An error signal is generated when the runtime reference values are not identical to the memory reference values thereby indicating that the trusted information has been modified.
摘要:
A secure processing system is provided with increased flexibility to secure different categories of data from different entities (e.g., different users or stakeholders) both from external access and from other entities that use the same system. In one embodiment, the secure processing system includes a host processor and a secure memory system which provides for the storage of sensitive data in encrypted form in a storage medium external to the secure processing system. In accordance with the embodiments of the invention, a key generator is provided that uses a base encryption key and a plurality of key modifiers to create a plurality of derivative keys. The derivative keys are used by encryption logic circuitry within the secure memory system for encrypting and decrypting sensitive information. The derivative keys created by the key generator are used to secure different categories of data from different entities.
摘要:
A resource domain controller in a data processing system stores information that is used to group various resources, such as bus masters and peripherals, into common domains. Each group can be referred to as a resource domain and can include one or more data processor and peripheral devices. The resource domain information is then used to determine whether a particular access request from a data processor is authorized to access its intended target, e.g., one of the peripheral devices, by determining whether the access request and the intended target each belong to a common resource domain. If so, the access request is allowed, otherwise the access request is prevented from being successfully completed.
摘要:
A semiconductor device includes a processing system including a section of power domain circuitry and a section of coin cell power domain circuitry. The coin cell power domain circuitry is configured to, when power is initially provided to the coin cell power domain circuitry, using power provided by a power management circuit as feedback to determine that the power management circuit provides the power in response to a power request signal being a toggle signal, and determine that the power management circuit provides the power in response to the power request signal being a pulse signal.
摘要:
Methods and systems are disclosed for on-the-fly decryption within an integrated circuit that adds zero additional cycles of latency within the overall decryption system performance. A decryption system within a processing system integrated circuit generates an encrypted counter value using an address while encrypted code associated with an encrypted software image is being obtained from an external memory using the address. The decryption system then uses the encrypted counter value to decrypt the encrypted code and to output decrypted code that can be further processed. A secret key and an encryption engine can be used to generate the encrypted counter value, and an exclusive-OR logic block can process the encrypted counter value and the encrypted code to generate the decrypted code. By pre-generating the encrypted counter value, additional cycle latency is avoided. Other similar data independent encryption/decryption techniques can also be used such as output feedback encryption/decryption modes.
摘要:
A queued interface device configured to communicate with a peripheral includes a first interface configured to receive and store a first set of peripheral requests from a first core, a second interface configured to receive and store a second set of peripheral requests from a second core, and an arbitrator coupled to the first interface and the second interface. The arbitrator, which may include multiple sets of registers to store the peripheral requests, is configured to selectively send the first set of peripheral requests and the second set of peripheral requests to the peripheral. The peripheral simultaneously appears as a dedicated peripheral for both the first and second cores.
摘要:
Methods and systems are disclosed for key management for on-the-fly hardware decryption within an integrated circuit. Encrypted information is received from an external memory and stored in an input buffer within the integrated circuit. The encrypted information includes one or more encrypted key blobs. The encrypted key blobs include one or more secret keys for encrypted code associated with one or more encrypted software images stored within the external memory. A key-encryption key (KEK) code for the encrypted key blobs is received from an internal data storage medium within the integrated circuit, and the KEK code is used to generate one or more key-encryption keys (KEKs). A decryption system then decrypts the encrypted key blobs using the KEKs to obtain the secret keys, and the decryption system decrypts the encrypted code using the secret keys. The resulting decrypted software code is then available for further processing.