-
1.发明申请公开(公告)号:US20110041003A1
公开(公告)日:2011-02-17
申请号:US12718572
申请日:2010-03-05
申请人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
发明人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
CPC分类号: H04L41/0869 , H04L41/0654 , H04L41/0681 , H04L63/123 , H04L63/166 , H04W12/10 , H04W84/045
摘要: An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.
摘要翻译: 本文公开了一种使用自主验证和半自主验证来提供家庭演进节点B(H(e)NB)完整性验证和验证的装置和方法。
-
2.发明授权公开(公告)号:US09253643B2
公开(公告)日:2016-02-02
申请号:US12718572
申请日:2010-03-05
申请人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
发明人: Sudhir B. Pattar , Inhyok Cha , Andreas U. Schmidt , Andreas Leicher , Yogendra C. Shah , Dolores F. Howry , David G. Greiner , Lawrence L. Case , Michael V. Meyerstein , Louis J. Guccione
CPC分类号: H04L41/0869 , H04L41/0654 , H04L41/0681 , H04L63/123 , H04L63/166 , H04W12/10 , H04W84/045
摘要: An apparatus and method for providing home evolved node-B (H(e)NB) integrity verification and validation using autonomous validation and semi-autonomous validation is disclosed herein.
摘要翻译: 本文公开了一种使用自主验证和半自主验证来提供家庭演进节点B(H(e)NB)完整性验证和验证的装置和方法。
-
公开(公告)号:US20080189560A1
公开(公告)日:2008-08-07
申请号:US11671271
申请日:2007-02-05
申请人: Lawrence L. Case , Thomas Tkacik
发明人: Lawrence L. Case , Thomas Tkacik
IPC分类号: G06F12/14
CPC分类号: G06F12/1458
摘要: Embodiments include systems and methods for securely accessing data in the context of a data transaction. A system may include a memory block, within which a memory partition may be allocated to the data transaction. The memory partition includes a data storage block and at least one binding register. The system also includes platform entities and an access control block, which determines whether a particular platform entity may access data within the data storage block, and whether a particular platform entity may write binding information into a binding register. Access also may be granted or denied based on the current state of a state machine associated with the data transaction. The system also includes a cipher/binding function adapted to encrypt the data, using the binding information, for storage on an unsecured memory device, and to decrypting encrypted data, using the binding information, which is retrieved from the unsecured memory device.
摘要翻译: 实施例包括用于在数据事务的上下文中安全访问数据的系统和方法。 系统可以包括存储器块,在该存储器块内可以将存储器分区分配给数据事务。 存储器分区包括数据存储块和至少一个绑定寄存器。 该系统还包括平台实体和访问控制块,其确定特定平台实体是否可以访问数据存储块内的数据,以及特定平台实体是否可以将绑定信息写入绑定寄存器。 还可以基于与数据事务相关联的状态机的当前状态来授予或拒绝访问。 该系统还包括适于使用绑定信息加密数据,用于存储在不安全的存储器设备上的密码/绑定功能,以及使用从不安全的存储器件检索的绑定信息对加密的数据进行解密。
-
4.发明授权Autonomous memory checker for runtime security assurance and method therefore 有权因此,用于运行时安全保证和方法的自动内存检查器公开(公告)号:US07401234B2
公开(公告)日:2008-07-15
申请号:US10791171
申请日:2004-03-01
IPC分类号: G06F11/30
CPC分类号: G06F21/57 , Y10S707/99939
摘要: Methods and apparatus are provided for an electronic device having an autonomous memory checker for runtime security assurance. The autonomous memory checker comprises a controller, a memory reference file coupled to the controller, and an authentication engine coupled to the controller. A check is performed during runtime operation of the electronic device. The autonomous memory checker generates runtime reference values corresponding to trusted information stored in memory. The runtime reference values are compared against memory reference values stored in the memory reference file. The memory reference values are generated from the trusted information stored in memory. An error signal is generated when the runtime reference values are not identical to the memory reference values thereby indicating that the trusted information has been modified.
摘要翻译: 为具有用于运行时安全保证的自主存储器检查器的电子设备提供了方法和装置。 自主存储器检查器包括控制器,耦合到控制器的存储器参考文件以及耦合到控制器的认证引擎。 在电子设备的运行时操作期间执行检查。 自主内存检查器生成对应于存储在存储器中的可信信息的运行时参考值。 将运行时引用值与存储在存储器引用文件中的存储器引用值进行比较。 存储器参考值是从存储在存储器中的可信信息生成的。 当运行时引用值与存储器引用值不相同时,产生错误信号,由此指示信任信息已被修改。
-
公开(公告)号:US20070297606A1
公开(公告)日:2007-12-27
申请号:US11476973
申请日:2006-06-27
申请人: Thomas E. Tkacik , Lawrence L. Case
发明人: Thomas E. Tkacik , Lawrence L. Case
IPC分类号: H04N7/167
CPC分类号: G06F21/6218 , G06F21/31 , G06F2221/2107
摘要: A secure processing system is provided with increased flexibility to secure different categories of data from different entities (e.g., different users or stakeholders) both from external access and from other entities that use the same system. In one embodiment, the secure processing system includes a host processor and a secure memory system which provides for the storage of sensitive data in encrypted form in a storage medium external to the secure processing system. In accordance with the embodiments of the invention, a key generator is provided that uses a base encryption key and a plurality of key modifiers to create a plurality of derivative keys. The derivative keys are used by encryption logic circuitry within the secure memory system for encrypting and decrypting sensitive information. The derivative keys created by the key generator are used to secure different categories of data from different entities.
摘要翻译: 提供了一种安全处理系统,具有更大的灵活性,以从外部访问和使用相同系统的其他实体确保来自不同实体(例如,不同用户或利益相关者)的不同类别的数据。 在一个实施例中,安全处理系统包括主处理器和安全存储器系统,其提供以安全处理系统外部的存储介质中以加密形式存储敏感数据。 根据本发明的实施例,提供了一种密钥生成器,其使用基本加密密钥和多个密钥修改器来创建多个派生密钥。 派生密钥由安全存储器系统内的加密逻辑电路用于加密和解密敏感信息。 由密钥生成器创建的派生密钥用于保护来自不同实体的不同类别的数据。
-
公开(公告)号:US09830295B2
公开(公告)日:2017-11-28
申请号:US14598199
申请日:2015-01-15
CPC分类号: G06F13/4068 , G06F9/5011
摘要: A resource domain controller in a data processing system stores information that is used to group various resources, such as bus masters and peripherals, into common domains. Each group can be referred to as a resource domain and can include one or more data processor and peripheral devices. The resource domain information is then used to determine whether a particular access request from a data processor is authorized to access its intended target, e.g., one of the peripheral devices, by determining whether the access request and the intended target each belong to a common resource domain. If so, the access request is allowed, otherwise the access request is prevented from being successfully completed.
-
公开(公告)号:US09436248B2
公开(公告)日:2016-09-06
申请号:US13956118
申请日:2013-07-31
摘要: A semiconductor device includes a processing system including a section of power domain circuitry and a section of coin cell power domain circuitry. The coin cell power domain circuitry is configured to, when power is initially provided to the coin cell power domain circuitry, using power provided by a power management circuit as feedback to determine that the power management circuit provides the power in response to a power request signal being a toggle signal, and determine that the power management circuit provides the power in response to the power request signal being a pulse signal.
摘要翻译: 半导体器件包括处理系统,该处理系统包括一部分功率域电路和一部分硬币电池功率域电路。 硬币电池功率域电路被配置为当使用由功率管理电路提供的功率作为反馈来最初向硬币电池功率域电路供电时,确定功率管理电路响应功率请求信号而提供功率 作为触发信号,并且确定功率管理电路响应于作为脉冲信号的功率请求信号而提供功率。
-
8.发明申请公开(公告)号:US20160171249A1
公开(公告)日:2016-06-16
申请号:US14570706
申请日:2014-12-15
CPC分类号: G06F21/72 , G09C1/00 , H04L9/0637
摘要: Methods and systems are disclosed for on-the-fly decryption within an integrated circuit that adds zero additional cycles of latency within the overall decryption system performance. A decryption system within a processing system integrated circuit generates an encrypted counter value using an address while encrypted code associated with an encrypted software image is being obtained from an external memory using the address. The decryption system then uses the encrypted counter value to decrypt the encrypted code and to output decrypted code that can be further processed. A secret key and an encryption engine can be used to generate the encrypted counter value, and an exclusive-OR logic block can process the encrypted counter value and the encrypted code to generate the decrypted code. By pre-generating the encrypted counter value, additional cycle latency is avoided. Other similar data independent encryption/decryption techniques can also be used such as output feedback encryption/decryption modes.
摘要翻译: 公开了用于集成电路内的即时解密的方法和系统,其在整个解密系统性能中增加零个额外的延迟周期。 处理系统集成电路内的解密系统使用地址生成加密的计数器值,而使用该地址从外部存储器获得与加密的软件映像相关联的加密代码。 解密系统然后使用加密的计数器值来解密加密的代码并输出可进一步处理的解密代码。 可以使用秘密密钥和加密引擎来生成加密的计数器值,并且异或逻辑块可以处理加密的计数器值和加密的代码以生成解密的代码。 通过预生成加密的计数器值,避免了额外的周期延迟。 还可以使用其他类似的数据独立加密/解密技术,例如输出反馈加密/解密模式。
-
公开(公告)号:US20080162745A1
公开(公告)日:2008-07-03
申请号:US11647653
申请日:2006-12-29
IPC分类号: G06F3/00
CPC分类号: G06F13/364
摘要: A queued interface device configured to communicate with a peripheral includes a first interface configured to receive and store a first set of peripheral requests from a first core, a second interface configured to receive and store a second set of peripheral requests from a second core, and an arbitrator coupled to the first interface and the second interface. The arbitrator, which may include multiple sets of registers to store the peripheral requests, is configured to selectively send the first set of peripheral requests and the second set of peripheral requests to the peripheral. The peripheral simultaneously appears as a dedicated peripheral for both the first and second cores.
摘要翻译: 配置为与外围设备通信的排队接口设备包括被配置为从第一核心接收和存储第一组外围设备请求的第一接口,被配置为从第二核心接收和存储第二组外围设备请求的第二接口,以及 耦合到所述第一接口和所述第二接口的仲裁器。 仲裁器可以包括用于存储外围请求的多组寄存器,其被配置为选择性地向外围设备发送第一组外设请求和第二组外设请求。 外围设备同时显示为第一和第二核心的专用外围设备。
-
10.发明申请公开(公告)号:US20160173282A1
公开(公告)日:2016-06-16
申请号:US14570611
申请日:2014-12-15
CPC分类号: H04L9/0894 , H04L9/0822 , H04L2209/12
摘要: Methods and systems are disclosed for key management for on-the-fly hardware decryption within an integrated circuit. Encrypted information is received from an external memory and stored in an input buffer within the integrated circuit. The encrypted information includes one or more encrypted key blobs. The encrypted key blobs include one or more secret keys for encrypted code associated with one or more encrypted software images stored within the external memory. A key-encryption key (KEK) code for the encrypted key blobs is received from an internal data storage medium within the integrated circuit, and the KEK code is used to generate one or more key-encryption keys (KEKs). A decryption system then decrypts the encrypted key blobs using the KEKs to obtain the secret keys, and the decryption system decrypts the encrypted code using the secret keys. The resulting decrypted software code is then available for further processing.
摘要翻译: 公开了用于集成电路内的即时硬件解密的密钥管理的方法和系统。 从外部存储器接收加密信息并存储在集成电路内的输入缓冲器中。 加密的信息包括一个或多个加密的密钥块。 加密的密钥块包括用于与存储在外部存储器中的一个或多个加密软件图像相关联的加密代码的一个或多个秘密密钥。 从集成电路内的内部数据存储介质接收加密密钥块的密钥加密密钥(KEK)代码,并且使用KEK码生成一个或多个密钥加密密钥(KEK)。 然后,解密系统使用KEK解密加密的密钥块以获得秘密密钥,并且解密系统使用密钥对加密的密码进行解密。 所得到的解密的软件代码然后可用于进一步处理。
-
-
-
-
-
-
-
-
-
搜索结果
24 条记录 (耗时 0.043 秒)